lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 6 Sep 2018 18:53:40 -0400
From:   Boris Ostrovsky <boris.ostrovsky@...cle.com>
To:     Olaf Hering <olaf@...fle.de>
Cc:     xen-devel@...ts.xenproject.org, Juergen Gross <jgross@...e.com>,
        open list <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v2] xen: avoid crash in disable_hotplug_cpu

On 09/06/2018 04:31 PM, Olaf Hering wrote:
> Am Thu, 6 Sep 2018 14:45:57 -0400
> schrieb Boris Ostrovsky <boris.ostrovsky@...cle.com>:
>
>> On 09/06/2018 02:37 AM, Olaf Hering wrote:
>>> The command 'xl vcpu-set 0 0', issued in dom0, will crash dom0:
>>> This happens because handle_vcpu_hotplug_event is called twice. In the
>>> first iteration cpu_present is still true, in the second iteration
>>> cpu_present is false which causes get_cpu_device to return NULL.
>>> In case of cpu#0, cpu_online is apparently always true.
>> I think we should check both this and num_online_cpus() != 0.
> This can not possibly help. cpu#0 is the first one that goes offline.
> IF cpu0_hotpluggable is broken, then only "if (!cpu) return;" can help.


And maybe that needs to be part of the check, in addition to
cpu_is_hotpluggable() test.

Offlining CPU0 is problematic. For example, look at xen_pv_cpu_disable().



-boris



Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ