From: Julien Grall <julien@xen.org>
To: Henry Wang <Henry.Wang@arm.com>,
Andrew Cooper <andrew.cooper3@citrix.com>,
Xen-devel <xen-devel@lists.xenproject.org>,
Stefano Stabellini <sstabellini@kernel.org>,
Bertrand Marquis <Bertrand.Marquis@arm.com>
Cc: "Xen Security Team" <security@xen.org>,
"Jan Beulich" <JBeulich@suse.com>,
"Roger Pau Monné" <roger.pau@citrix.com>, "Wei Liu" <wl@xen.org>,
"Volodymyr Babchuk" <Volodymyr_Babchuk@epam.com>,
"Anthony PERARD" <anthony.perard@citrix.com>
Subject: Re: [PATCH 4/4] xen/arm: Correct the p2m pool size calculations
Date: Fri, 11 Nov 2022 10:54:00 +0000 [thread overview]
Message-ID: <b2a1b0b9-b5a9-4d7a-a52f-1a20c9e5c470@xen.org> (raw)
In-Reply-To: <AS8PR08MB7991D6139BEF9ABE43F1B3C492009@AS8PR08MB7991.eurprd08.prod.outlook.com>
On 11/11/2022 10:11, Henry Wang wrote:
>> -----Original Message-----
>> Subject: [PATCH 4/4] xen/arm: Correct the p2m pool size calculations
>>
>> Allocating or freeing p2m pages doesn't alter the size of the mempool; only
>> the split between free and used pages.
>>
>> Right now, the hypercalls operate on the free subset of the pool, meaning
>> that
>> XEN_DOMCTL_get_p2m_mempool_size varies with time as the guest shuffles
>> its
>> physmap, and XEN_DOMCTL_set_p2m_mempool_size ignores the used
>> subset of the
>> pool and lets the guest grow unbounded.
>>
>> This fixes test-p2m-pool on ARM so that the behaviour matches x86.
>>
>> This is part of XSA-409 / CVE-2022-33747.
>>
>> Fixes: cbea5a1149ca ("xen/arm: Allocate and free P2M pages from the P2M
>> pool")
>> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
>
> Release-acked-by: Henry Wang <Henry.Wang@arm.com>
>
> Hi Arm maintainers, may I ask for a reviewed-by/ack from you for the
> correctness of the code in the release? Thank you very much!
Reviewed-by: Julien Grall <jgrall@amazon.com>
Cheers,
--
Julien Grall
next prev parent reply other threads:[~2022-11-11 10:54 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-10-26 10:20 [PATCH for-4.17 0/4] XSA-409 fixes Andrew Cooper
2022-10-26 10:20 ` [PATCH 1/4] xen: Introduce non-broken hypercalls for the p2m pool size Andrew Cooper
2022-10-26 13:42 ` Jan Beulich
2022-10-26 19:22 ` Andrew Cooper
2022-10-26 21:24 ` Julien Grall
2022-10-27 6:56 ` Jan Beulich
2022-10-27 9:27 ` Julien Grall
2022-10-27 7:11 ` Jan Beulich
2022-10-28 15:27 ` George Dunlap
2022-10-31 9:26 ` Jan Beulich
2022-10-31 10:12 ` George Dunlap
2022-11-16 1:19 ` Stefano Stabellini
2022-11-16 8:26 ` Jan Beulich
2022-10-27 7:42 ` Jan Beulich
2022-10-26 10:20 ` [PATCH 2/4] tools/tests: Unit test for " Andrew Cooper
2022-10-26 14:24 ` Jan Beulich
2022-10-26 14:35 ` Andrew Cooper
2022-10-26 10:20 ` [PATCH 3/4] xen/arm, libxl: Revert XEN_DOMCTL_shadow_op; use p2m mempool hypercalls Andrew Cooper
2022-10-26 13:22 ` Jason Andryuk
2022-10-26 13:25 ` Andrew Cooper
2022-11-16 1:37 ` Stefano Stabellini
2022-11-16 1:48 ` Andrew Cooper
2022-11-16 2:00 ` Stefano Stabellini
2022-11-16 2:39 ` Henry Wang
2022-11-16 8:30 ` Jan Beulich
2022-11-16 23:41 ` Andrew Cooper
2022-11-16 23:44 ` Stefano Stabellini
2022-11-16 23:51 ` Julien Grall
2022-11-16 23:56 ` Stefano Stabellini
2022-11-17 8:18 ` Jan Beulich
2022-10-26 10:20 ` [PATCH 4/4] xen/arm: Correct the p2m pool size calculations Andrew Cooper
2022-11-11 10:11 ` Henry Wang
2022-11-11 10:54 ` Julien Grall [this message]
2022-11-17 1:08 [PATCH for-4.17 0/4] XSA-409 fixes Andrew Cooper
2022-11-17 1:08 ` [PATCH 4/4] xen/arm: Correct the p2m pool size calculations Andrew Cooper
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=b2a1b0b9-b5a9-4d7a-a52f-1a20c9e5c470@xen.org \
--to=julien@xen.org \
--cc=Bertrand.Marquis@arm.com \
--cc=Henry.Wang@arm.com \
--cc=JBeulich@suse.com \
--cc=Volodymyr_Babchuk@epam.com \
--cc=andrew.cooper3@citrix.com \
--cc=anthony.perard@citrix.com \
--cc=roger.pau@citrix.com \
--cc=security@xen.org \
--cc=sstabellini@kernel.org \
--cc=wl@xen.org \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.