* [Xen-devel] [PATCH] x86/MCE: avoid leaking stack data
@ 2020-01-08 15:06 Jan Beulich
2020-01-08 15:08 ` Andrew Cooper
0 siblings, 1 reply; 2+ messages in thread
From: Jan Beulich @ 2020-01-08 15:06 UTC (permalink / raw)
To: xen-devel; +Cc: Andrew Cooper, Ilja Van Sprundel, Wei Liu, Roger Pau Monné
While HYPERVISOR_mca is a privileged operation, we still shouldn't leak
stack contents (the tail of every array entry's mc_msrvalues[] of
XEN_MC_physcpuinfo output). Simply use a zeroing allocation here.
Take the occasion and also restrict the involved local variable's scope.
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Jan Beulich <jbeulich@suse.com>
--- a/xen/arch/x86/cpu/mcheck/mce.c
+++ b/xen/arch/x86/cpu/mcheck/mce.c
@@ -1352,7 +1352,6 @@ long do_mca(XEN_GUEST_HANDLE_PARAM(xen_m
} mc_physcpuinfo;
uint32_t flags, cmdflags;
int nlcpu;
- xen_mc_logical_cpu_t *log_cpus = NULL;
mctelem_cookie_t mctc;
mctelem_class_t which;
unsigned int target;
@@ -1445,11 +1444,13 @@ long do_mca(XEN_GUEST_HANDLE_PARAM(xen_m
? !guest_handle_is_null(mc_physcpuinfo.nat->info)
: !compat_handle_is_null(mc_physcpuinfo.cmp->info) )
{
+ xen_mc_logical_cpu_t *log_cpus;
+
if ( mc_physcpuinfo.nat->ncpus <= 0 )
return x86_mcerr("do_mca cpuinfo: ncpus <= 0",
-EINVAL);
nlcpu = min(nlcpu, (int)mc_physcpuinfo.nat->ncpus);
- log_cpus = xmalloc_array(xen_mc_logical_cpu_t, nlcpu);
+ log_cpus = xzalloc_array(xen_mc_logical_cpu_t, nlcpu);
if ( log_cpus == NULL )
return x86_mcerr("do_mca cpuinfo", -ENOMEM);
on_each_cpu(do_mc_get_cpu_info, log_cpus, 1);
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [Xen-devel] [PATCH] x86/MCE: avoid leaking stack data
2020-01-08 15:06 [Xen-devel] [PATCH] x86/MCE: avoid leaking stack data Jan Beulich
@ 2020-01-08 15:08 ` Andrew Cooper
0 siblings, 0 replies; 2+ messages in thread
From: Andrew Cooper @ 2020-01-08 15:08 UTC (permalink / raw)
To: Jan Beulich, xen-devel; +Cc: Ilja Van Sprundel, Wei Liu, Roger Pau Monné
On 08/01/2020 15:06, Jan Beulich wrote:
> While HYPERVISOR_mca is a privileged operation, we still shouldn't leak
> stack contents (the tail of every array entry's mc_msrvalues[] of
> XEN_MC_physcpuinfo output). Simply use a zeroing allocation here.
>
> Take the occasion and also restrict the involved local variable's scope.
>
> Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
> Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-01-08 15:08 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-01-08 15:06 [Xen-devel] [PATCH] x86/MCE: avoid leaking stack data Jan Beulich
2020-01-08 15:08 ` Andrew Cooper
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.