diff options
author | Jan Beulich <jbeulich@suse.com> | 2013-05-02 16:37:24 +0200 |
---|---|---|
committer | Jan Beulich <jbeulich@suse.com> | 2013-05-02 16:37:24 +0200 |
commit | 4939f9a6dee4280f38730fd3066e5dce353112f6 (patch) | |
tree | f7fc6fa0c8f7b1261706f24a15c6ee9e58534440 /xen/common/domctl.c | |
parent | 918a5f17b447072b40780f4d03a3adc99ff0073b (diff) | |
download | xen-4939f9a6dee4280f38730fd3066e5dce353112f6.tar.gz xen-4939f9a6dee4280f38730fd3066e5dce353112f6.tar.bz2 xen-4939f9a6dee4280f38730fd3066e5dce353112f6.zip |
x86: make vcpu_reset() preemptible
... as dropping the old page tables may take significant amounts of
time.
This is part of CVE-2013-1918 / XSA-45.
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Tim Deegan <tim@xen.org>
Diffstat (limited to 'xen/common/domctl.c')
-rw-r--r-- | xen/common/domctl.c | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/xen/common/domctl.c b/xen/common/domctl.c index 73b12c8a4d..1d00cfc95f 100644 --- a/xen/common/domctl.c +++ b/xen/common/domctl.c @@ -332,13 +332,15 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl) ret = -EINVAL; if ( (d == current->domain) || /* no domain_pause() */ (vcpu >= d->max_vcpus) || ((v = d->vcpu[vcpu]) == NULL) ) - goto svc_out; + break; if ( guest_handle_is_null(op->u.vcpucontext.ctxt) ) { - vcpu_reset(v); - ret = 0; - goto svc_out; + ret = vcpu_reset(v); + if ( ret == -EAGAIN ) + ret = hypercall_create_continuation( + __HYPERVISOR_domctl, "h", u_domctl); + break; } #ifdef CONFIG_COMPAT @@ -347,7 +349,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl) #endif ret = -ENOMEM; if ( (c.nat = alloc_vcpu_guest_context()) == NULL ) - goto svc_out; + break; #ifdef CONFIG_COMPAT if ( !is_pv_32on64_vcpu(v) ) @@ -368,7 +370,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl) domain_unpause(d); } - svc_out: free_vcpu_guest_context(c.nat); } break; |