File 5a955854-x86-disallow-HVM-creation-without-LAPI... of Package xen

Overview Repositories Revisions Requests Users Attributes Meta

File 5a955854-x86-disallow-HVM-creation-without-LAPIC-emul.patch of Package xen

# Commit 0aa6158b674c5d083b75ac8fcd1e7ae92d0c39ae
# Date 2018-02-27 14:08:36 +0100
# Author Andrew Cooper <andrew.cooper3@citrix.com>
# Committer Jan Beulich <jbeulich@suse.com>
x86/hvm: Disallow the creation of HVM domains without Local APIC emulation

There are multiple problems, not necesserily limited to:

* Guests which configure event channels via hvmop_set_evtchn_upcall_vector(),
   or which hit %cr8 emulation will cause Xen to fall over a NULL vlapic->regs
   pointer.

* On Intel hardware, disabling the TPR_SHADOW execution control without
   reenabling CR8_{LOAD,STORE} interception means that the guests %cr8
   accesses interact with the real TPR.  Amongst other things, setting the
   real TPR to 0xf blocks even IPIs from interrupting this CPU.

* On hardware which sets up the use of Interrupt Posting, including
   IOMMU-Posting, guests run without the appropriate non-root configuration,
   which at a minimum will result in dropped interrupts.

Whether no-LAPIC mode is of any use at all remains to be seen.

This is XSA-256.

Reported-by: Ian Jackson <ian.jackson@eu.citrix.com>
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Roger Pau Monné <roger.pau@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>

--- a/xen/arch/x86/domain.c
+++ b/xen/arch/x86/domain.c
@@ -413,7 +413,7 @@ static bool emulation_flags_ok(const str
         if ( is_hardware_domain(d) &&
              emflags != (XEN_X86_EMU_LAPIC|XEN_X86_EMU_IOAPIC) )
             return false;
-        if ( !is_hardware_domain(d) && emflags &&
+        if ( !is_hardware_domain(d) &&
              emflags != XEN_X86_EMU_ALL && emflags != XEN_X86_EMU_LAPIC )
             return false;
     }

Places

File 5a955854-x86-disallow-HVM-creation-without-LAPIC-emul.patch of Package xen

Places