edf6bf0381
23955-x86-pv-cpuid-xsave.patch 23957-cpufreq-error-paths.patch - Upstream patches from Jan 23933-pt-bus2bridge-update.patch 23726-x86-intel-flexmigration-v2.patch 23925-x86-AMD-ARAT-Fam12.patch 23246-x86-xsave-enable.patch 23897-x86-mce-offline-again.patch - Update to Xen 4.1.2_rc3 c/s 23171 - bnc#720054 - Changed /etc/udev/rules.d/40-xen.rules to not run Xen's vif-bridge script when not running Xen. This is not a solution to the bug but an improvement in the rules regardless. Updated udev-rules.patch - Upstream patches from Jan 23868-vtd-RMRR-validation.patch 23871-x86-microcode-amd-silent.patch 23898-cc-option-grep.patch - Add pciback init script and sysconf file, giving users a simple mechanism to configure pciback. init.pciback sysconfig.pciback - update scripts to use xl -f, or xm if xend is running: xen-updown.sh, init.xendomains, xmclone.sh OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=146
64 lines
2.1 KiB
Diff
64 lines
2.1 KiB
Diff
# HG changeset patch
|
|
# User Keir Fraser <keir@xen.org>
|
|
# Date 1317413803 -3600
|
|
# Node ID 2215d7d7382617adbe97831fe35752a027917d1d
|
|
# Parent d568e2313fd6f055b66a6c3cb2bca6372b77692e
|
|
X86 MCE: Prevent malicious guest access broken page again
|
|
|
|
To avoid recursive mce.
|
|
|
|
Signed-off-by: Liu, Jinsong <jinsong.liu@intel.com>
|
|
Committed-by: Keir Fraser <keir@xen.org>
|
|
|
|
--- a/xen/arch/x86/cpu/mcheck/mce_intel.c
|
|
+++ b/xen/arch/x86/cpu/mcheck/mce_intel.c
|
|
@@ -639,6 +639,8 @@ static void intel_memerr_dhandler(int bn
|
|
/* This is free page */
|
|
if (status & PG_OFFLINE_OFFLINED)
|
|
result->result = MCA_RECOVERED;
|
|
+ else if (status & PG_OFFLINE_AGAIN)
|
|
+ result->result = MCA_NO_ACTION;
|
|
else if (status & PG_OFFLINE_PENDING) {
|
|
/* This page has owner */
|
|
if (status & PG_OFFLINE_OWNED) {
|
|
--- a/xen/common/page_alloc.c
|
|
+++ b/xen/common/page_alloc.c
|
|
@@ -38,6 +38,7 @@
|
|
#include <xen/tmem.h>
|
|
#include <xen/tmem_xen.h>
|
|
#include <public/sysctl.h>
|
|
+#include <public/sched.h>
|
|
#include <asm/page.h>
|
|
#include <asm/numa.h>
|
|
#include <asm/flushtlb.h>
|
|
@@ -704,6 +705,19 @@ int offline_page(unsigned long mfn, int
|
|
return -EINVAL;
|
|
}
|
|
|
|
+ /*
|
|
+ * NB. When broken page belong to guest, usually hypervisor will
|
|
+ * notify the guest to handle the broken page. However, hypervisor
|
|
+ * need to prevent malicious guest access the broken page again.
|
|
+ * Under such case, hypervisor shutdown guest, preventing recursive mce.
|
|
+ */
|
|
+ if ( (pg->count_info & PGC_broken) && (owner = page_get_owner(pg)) )
|
|
+ {
|
|
+ *status = PG_OFFLINE_AGAIN;
|
|
+ domain_shutdown(owner, SHUTDOWN_crash);
|
|
+ return 0;
|
|
+ }
|
|
+
|
|
spin_lock(&heap_lock);
|
|
|
|
old_info = mark_page_offline(pg, broken);
|
|
--- a/xen/include/public/sysctl.h
|
|
+++ b/xen/include/public/sysctl.h
|
|
@@ -399,6 +399,7 @@ struct xen_sysctl_page_offline_op {
|
|
#define PG_OFFLINE_OFFLINED (0x1UL << 1)
|
|
#define PG_OFFLINE_PENDING (0x1UL << 2)
|
|
#define PG_OFFLINE_FAILED (0x1UL << 3)
|
|
+#define PG_OFFLINE_AGAIN (0x1UL << 4)
|
|
|
|
#define PG_ONLINE_FAILED PG_OFFLINE_FAILED
|
|
#define PG_ONLINE_ONLINED PG_OFFLINE_OFFLINED
|