lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 1 Nov 2012 06:38:41 +0000
From:	"Liu, Jinsong" <jinsong.liu@...el.com>
To:	Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"xen-devel@...ts.xensource.com" <xen-devel@...ts.xensource.com>
Subject: RE: [PATCH 2/2] Revert pad config check in xen_check_mwait

Updated, adding version check at mwait routine.

Thanks,
Jinsong

============
>From 27e28963d4d25e4c998b5b5ea3828a02e6de9470 Mon Sep 17 00:00:00 2001
From: Liu, Jinsong <jinsong.liu@...el.com>
Date: Thu, 1 Nov 2012 21:18:43 +0800
Subject: [PATCH 2/2] Revert pad config check in xen_check_mwait

With Xen acpi pad logic added into kernel, we can now revert xen mwait related
patch df88b2d96e36d9a9e325bfcd12eb45671cbbc937. The reason is, when running under
newer Xen platform, Xen pad driver would be early loaded, so native pad driver
would fail to be loaded, and hence no mwait/monitor #UD risk again.

Another point is, only Xen4.2 or later support Xen acpi pad, so we won't expose
mwait cpuid capability when running under older Xen platform.

Signed-off-by: Liu, Jinsong <jinsong.liu@...el.com>
---
 arch/x86/xen/enlighten.c |   14 ++++++++++++--
 1 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/arch/x86/xen/enlighten.c b/arch/x86/xen/enlighten.c
index 586d838..9e22e41 100644
--- a/arch/x86/xen/enlighten.c
+++ b/arch/x86/xen/enlighten.c
@@ -287,8 +287,7 @@ static void xen_cpuid(unsigned int *ax, unsigned int *bx,
 
 static bool __init xen_check_mwait(void)
 {
-#if defined(CONFIG_ACPI) && !defined(CONFIG_ACPI_PROCESSOR_AGGREGATOR) && \
-	!defined(CONFIG_ACPI_PROCESSOR_AGGREGATOR_MODULE)
+#ifdef CONFIG_ACPI
 	struct xen_platform_op op = {
 		.cmd			= XENPF_set_processor_pminfo,
 		.u.set_pminfo.id	= -1,
@@ -297,6 +296,10 @@ static bool __init xen_check_mwait(void)
 	uint32_t buf[3];
 	unsigned int ax, bx, cx, dx;
 	unsigned int mwait_mask;
+	unsigned int version = HYPERVISOR_xen_version(XENVER_version, NULL);
+	unsigned int major = version >> 16;
+	unsigned int minor = version & 0xffff;
+
 
 	/* We need to determine whether it is OK to expose the MWAIT
 	 * capability to the kernel to harvest deeper than C3 states from ACPI
@@ -309,6 +312,13 @@ static bool __init xen_check_mwait(void)
 	if (!xen_initial_domain())
 		return false;
 
+	/*
+	 * When running under platform earlier than Xen4.2, do not expose
+	 * mwait, to avoid the risk of loading native acpi pad driver
+	 */
+	if (((major == 4) && (minor < 2)) || (major < 4))
+		return false;
+
 	ax = 1;
 	cx = 0;
 
-- 
1.7.1

Download attachment "0002-Revert-pad-config-check-in-xen_check_mwait.patch" of type "application/octet-stream" (2139 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ