From: Stefano Stabellini <sstabellini@kernel.org>
To: Oleksandr Tyshchenko <olekstysh@gmail.com>
Cc: xen-devel@lists.xenproject.org,
Oleksandr Tyshchenko <oleksandr_tyshchenko@epam.com>,
Stefano Stabellini <sstabellini@kernel.org>,
Julien Grall <julien@xen.org>,
Volodymyr Babchuk <Volodymyr_Babchuk@epam.com>,
Julien Grall <julien.grall@arm.com>
Subject: Re: [PATCH V4 20/24] xen/arm: io: Harden sign extension check
Date: Thu, 14 Jan 2021 17:48:54 -0800 (PST) [thread overview]
Message-ID: <alpine.DEB.2.21.2101141748160.31265@sstabellini-ThinkPad-T480s> (raw)
In-Reply-To: <1610488352-18494-21-git-send-email-olekstysh@gmail.com>
On Tue, 12 Jan 2021, Oleksandr Tyshchenko wrote:
> From: Oleksandr Tyshchenko <oleksandr_tyshchenko@epam.com>
>
> In the ideal world we would never get an undefined behavior when
> propagating the sign bit since that bit can only be set for access
> size smaller than the register size (i.e byte/half-word for aarch32,
> byte/half-word/word for aarch64).
>
> In the real world we need to care for *possible* hardware bug such as
> advertising a sign extension for either 64-bit (or 32-bit) on Arm64
> (resp. Arm32).
>
> So harden a bit more the code to prevent undefined behavior when
> propagating the sign bit in case of buggy hardware.
>
> Signed-off-by: Oleksandr Tyshchenko <oleksandr_tyshchenko@epam.com>
> CC: Julien Grall <julien.grall@arm.com>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
> ---
> Please note, this is a split/cleanup/hardening of Julien's PoC:
> "Add support for Guest IO forwarding to a device emulator"
>
> Changes V3 -> V4:
> - new patch
> ---
> xen/include/asm-arm/traps.h | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/xen/include/asm-arm/traps.h b/xen/include/asm-arm/traps.h
> index e301c44..992d537 100644
> --- a/xen/include/asm-arm/traps.h
> +++ b/xen/include/asm-arm/traps.h
> @@ -93,7 +93,8 @@ static inline register_t sign_extend(const struct hsr_dabt dabt, register_t r)
> * Note that we expect the read handler to have zeroed the bits
> * outside the requested access size.
> */
> - if ( dabt.sign && (r & (1UL << (size - 1))) )
> + if ( dabt.sign && (size < sizeof(register_t) * 8) &&
> + (r & (1UL << (size - 1))) )
> {
> /*
> * We are relying on register_t using the same as
> --
> 2.7.4
>
next prev parent reply other threads:[~2021-01-15 1:49 UTC|newest]
Thread overview: 144+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-12 21:52 [PATCH V4 00/24] IOREQ feature (+ virtio-mmio) on Arm Oleksandr Tyshchenko
2021-01-12 21:52 ` [PATCH V4 01/24] x86/ioreq: Prepare IOREQ feature for making it common Oleksandr Tyshchenko
2021-01-15 15:16 ` Julien Grall
2021-01-15 16:41 ` Jan Beulich
2021-01-16 9:48 ` Oleksandr
2021-01-18 8:22 ` Paul Durrant
2021-01-12 21:52 ` [PATCH V4 02/24] x86/ioreq: Add IOREQ_STATUS_* #define-s and update code for moving Oleksandr Tyshchenko
2021-01-15 15:17 ` Julien Grall
2021-01-18 8:24 ` Paul Durrant
2021-01-12 21:52 ` [PATCH V4 03/24] x86/ioreq: Provide out-of-line wrapper for the handle_mmio() Oleksandr Tyshchenko
2021-01-15 14:48 ` Alex Bennée
2021-01-15 15:19 ` Julien Grall
2021-01-18 8:29 ` Paul Durrant
2021-01-12 21:52 ` [PATCH V4 04/24] xen/ioreq: Make x86's IOREQ feature common Oleksandr Tyshchenko
2021-01-15 14:55 ` Alex Bennée
2021-01-15 15:23 ` Julien Grall
2021-01-18 8:48 ` Paul Durrant
2021-01-12 21:52 ` [PATCH V4 05/24] xen/ioreq: Make x86's hvm_ioreq_needs_completion() common Oleksandr Tyshchenko
2021-01-15 15:25 ` Julien Grall
2021-01-20 8:48 ` Alex Bennée
2021-01-20 9:31 ` Julien Grall
2021-01-12 21:52 ` [PATCH V4 06/24] xen/ioreq: Make x86's hvm_mmio_first(last)_byte() common Oleksandr Tyshchenko
2021-01-15 15:34 ` Julien Grall
2021-01-20 8:57 ` Alex Bennée
2021-01-20 16:15 ` Jan Beulich
2021-01-20 20:47 ` Oleksandr
2021-01-12 21:52 ` [PATCH V4 07/24] xen/ioreq: Make x86's hvm_ioreq_(page/vcpu/server) structs common Oleksandr Tyshchenko
2021-01-15 15:36 ` Julien Grall
2021-01-18 8:59 ` Paul Durrant
2021-01-20 8:58 ` Alex Bennée
2021-01-12 21:52 ` [PATCH V4 08/24] xen/ioreq: Move x86's ioreq_server to struct domain Oleksandr Tyshchenko
2021-01-15 15:44 ` Julien Grall
2021-01-18 9:09 ` Paul Durrant
2021-01-20 9:00 ` Alex Bennée
2021-01-12 21:52 ` [PATCH V4 09/24] xen/ioreq: Make x86's IOREQ related dm-op handling common Oleksandr Tyshchenko
2021-01-18 9:17 ` Paul Durrant
2021-01-18 10:19 ` Oleksandr
2021-01-18 10:34 ` Paul Durrant
2021-01-20 16:21 ` Jan Beulich
2021-01-21 10:23 ` Oleksandr
2021-01-21 10:27 ` Jan Beulich
2021-01-21 11:13 ` Oleksandr
2021-01-12 21:52 ` [PATCH V4 10/24] xen/ioreq: Move x86's io_completion/io_req fields to struct vcpu Oleksandr Tyshchenko
2021-01-15 19:34 ` Julien Grall
2021-01-18 9:35 ` Paul Durrant
2021-01-20 16:24 ` Jan Beulich
2021-01-12 21:52 ` [PATCH V4 11/24] xen/mm: Make x86's XENMEM_resource_ioreq_server handling common Oleksandr Tyshchenko
2021-01-14 3:58 ` Wei Chen
2021-01-14 15:31 ` Oleksandr
2021-01-15 14:35 ` Alex Bennée
2021-01-18 17:42 ` Oleksandr
2021-01-18 9:38 ` Paul Durrant
2021-01-12 21:52 ` [PATCH V4 12/24] xen/ioreq: Remove "hvm" prefixes from involved function names Oleksandr Tyshchenko
2021-01-18 9:55 ` Paul Durrant
2021-01-12 21:52 ` [PATCH V4 13/24] xen/ioreq: Use guest_cmpxchg64() instead of cmpxchg() Oleksandr Tyshchenko
2021-01-15 19:37 ` Julien Grall
2021-01-17 11:32 ` Oleksandr
2021-01-18 10:00 ` Paul Durrant
2021-01-12 21:52 ` [PATCH V4 14/24] arm/ioreq: Introduce arch specific bits for IOREQ/DM features Oleksandr Tyshchenko
2021-01-15 0:55 ` Stefano Stabellini
2021-01-17 12:45 ` Oleksandr
2021-01-20 0:23 ` Stefano Stabellini
2021-01-21 9:51 ` Oleksandr
2021-01-15 20:26 ` Julien Grall
2021-01-17 17:11 ` Oleksandr
2021-01-17 18:07 ` Julien Grall
2021-01-17 18:52 ` Oleksandr
2021-01-18 19:17 ` Julien Grall
2021-01-19 15:20 ` Oleksandr
2021-01-20 0:50 ` Stefano Stabellini
2021-01-20 15:57 ` Julien Grall
2021-01-20 19:47 ` Stefano Stabellini
2021-01-21 9:31 ` Oleksandr
2021-01-21 21:34 ` Stefano Stabellini
2021-01-20 15:50 ` Julien Grall
2021-01-21 8:50 ` Oleksandr
2021-01-27 10:24 ` Jan Beulich
2021-01-27 12:22 ` Oleksandr
2021-01-27 12:52 ` Jan Beulich
2021-01-18 10:44 ` Jan Beulich
2021-01-18 15:52 ` Oleksandr
2021-01-18 16:00 ` Jan Beulich
2021-01-18 16:29 ` Oleksandr
2021-01-12 21:52 ` [PATCH V4 15/24] xen/arm: Stick around in leave_hypervisor_to_guest until I/O has completed Oleksandr Tyshchenko
2021-01-15 1:12 ` Stefano Stabellini
2021-01-15 20:55 ` Julien Grall
2021-01-17 20:23 ` Oleksandr
2021-01-18 10:57 ` Julien Grall
2021-01-18 13:23 ` Oleksandr
2021-01-12 21:52 ` [PATCH V4 16/24] xen/mm: Handle properly reference in set_foreign_p2m_entry() on Arm Oleksandr Tyshchenko
2021-01-15 1:19 ` Stefano Stabellini
2021-01-15 20:59 ` Julien Grall
2021-01-21 13:57 ` Jan Beulich
2021-01-21 18:42 ` Oleksandr
2021-01-12 21:52 ` [PATCH V4 17/24] xen/ioreq: Introduce domain_has_ioreq_server() Oleksandr Tyshchenko
2021-01-15 1:24 ` Stefano Stabellini
2021-01-18 10:23 ` Paul Durrant
2021-01-12 21:52 ` [PATCH V4 18/24] xen/dm: Introduce xendevicemodel_set_irq_level DM op Oleksandr Tyshchenko
2021-01-15 1:32 ` Stefano Stabellini
2021-01-12 21:52 ` [PATCH V4 19/24] xen/arm: io: Abstract sign-extension Oleksandr Tyshchenko
2021-01-15 1:35 ` Stefano Stabellini
2021-01-12 21:52 ` [PATCH V4 20/24] xen/arm: io: Harden sign extension check Oleksandr Tyshchenko
2021-01-15 1:48 ` Stefano Stabellini [this message]
2021-01-22 10:15 ` Volodymyr Babchuk
2021-01-12 21:52 ` [PATCH V4 21/24] xen/ioreq: Make x86's send_invalidate_req() common Oleksandr Tyshchenko
2021-01-18 10:31 ` Paul Durrant
2021-01-21 14:02 ` Jan Beulich
2021-01-12 21:52 ` [PATCH V4 22/24] xen/arm: Add mapcache invalidation handling Oleksandr Tyshchenko
2021-01-15 2:11 ` Stefano Stabellini
2021-01-21 19:47 ` Oleksandr
2021-01-12 21:52 ` [PATCH V4 23/24] libxl: Introduce basic virtio-mmio support on Arm Oleksandr Tyshchenko
2021-01-15 21:30 ` Julien Grall
2021-01-17 22:22 ` Oleksandr
2021-01-20 16:40 ` Julien Grall
2021-01-20 20:35 ` Stefano Stabellini
2021-02-09 21:04 ` Oleksandr
2021-01-12 21:52 ` [PATCH V4 24/24] [RFC] libxl: Add support for virtio-disk configuration Oleksandr Tyshchenko
2021-01-14 17:20 ` Ian Jackson
2021-01-16 9:05 ` Oleksandr
2021-01-15 22:01 ` Julien Grall
2021-01-18 8:32 ` Oleksandr
2021-01-20 17:05 ` Julien Grall
2021-02-10 9:02 ` Oleksandr
2021-03-06 19:52 ` Julien Grall
2021-01-14 3:55 ` [PATCH V4 00/24] IOREQ feature (+ virtio-mmio) on Arm Wei Chen
2021-01-14 15:23 ` Oleksandr
2021-01-07 14:35 ` [ANNOUNCE] Xen 4.15 release schedule and feature tracking Ian Jackson
2021-01-07 15:45 ` Oleksandr
2021-01-14 16:11 ` [PATCH V4 00/24] IOREQ feature (+ virtio-mmio) on Arm Ian Jackson
2021-01-14 18:41 ` Oleksandr
2021-01-14 16:06 ` [ANNOUNCE] Xen 4.15 release schedule and feature tracking Ian Jackson
2021-01-14 19:02 ` Andrew Cooper
2021-01-15 9:57 ` Jan Beulich
2021-01-15 10:00 ` Julien Grall
2021-01-15 10:52 ` Andrew Cooper
2021-01-15 10:59 ` Andrew Cooper
2021-01-15 11:08 ` Jan Beulich
2021-01-15 10:43 ` Bertrand Marquis
2021-01-15 15:14 ` Lengyel, Tamas
2021-01-28 22:55 ` Dario Faggioli
2021-01-28 18:26 ` Dario Faggioli
2021-01-28 22:15 ` Dario Faggioli
2021-01-29 8:38 ` Jan Beulich
2021-01-29 9:22 ` Dario Faggioli
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=alpine.DEB.2.21.2101141748160.31265@sstabellini-ThinkPad-T480s \
--to=sstabellini@kernel.org \
--cc=Volodymyr_Babchuk@epam.com \
--cc=julien.grall@arm.com \
--cc=julien@xen.org \
--cc=oleksandr_tyshchenko@epam.com \
--cc=olekstysh@gmail.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).