ia64/xen-unstable

changeset 15379:b1eb43f94a3a

x86/64: Avoid bogus mbi pointer into relocated Xen address space.
Prevent similar bugs in future by poisoning the relocated bottom
megabyte.
Signed-off-by: Keir Fraser <keir@xensource.com>
author kfraser@localhost.localdomain
date Mon Jun 18 16:48:05 2007 +0100 (2007-06-18)
parents 58b6223074af
children 342c85cfd00b
files xen/arch/x86/boot/x86_32.S xen/arch/x86/boot/x86_64.S xen/arch/x86/setup.c
line diff
     1.1 --- a/xen/arch/x86/boot/x86_32.S	Mon Jun 18 16:47:16 2007 +0100
     1.2 +++ b/xen/arch/x86/boot/x86_32.S	Mon Jun 18 16:48:05 2007 +0100
     1.3 @@ -30,9 +30,7 @@ 1:      mov     %eax,(%edi)
     1.4          loop    1b
     1.5                  
     1.6          /* Pass off the Multiboot info structure to C land. */
     1.7 -        mov     multiboot_ptr,%eax
     1.8 -        add     $__PAGE_OFFSET,%eax
     1.9 -        push    %eax
    1.10 +        pushl   multiboot_ptr
    1.11          call    __start_xen
    1.12          ud2     /* Force a panic (invalid opcode). */
    1.13  
     2.1 --- a/xen/arch/x86/boot/x86_64.S	Mon Jun 18 16:47:16 2007 +0100
     2.2 +++ b/xen/arch/x86/boot/x86_64.S	Mon Jun 18 16:48:05 2007 +0100
     2.3 @@ -51,8 +51,6 @@ 1:      movq    %rax,(%rdi)
     2.4  
     2.5          /* Pass off the Multiboot info structure to C land. */
     2.6          mov     multiboot_ptr(%rip),%edi
     2.7 -        lea     start-0x100000(%rip),%rax
     2.8 -        add     %rax,%rdi
     2.9          call    __start_xen
    2.10          ud2     /* Force a panic (invalid opcode). */
    2.11  
     3.1 --- a/xen/arch/x86/setup.c	Mon Jun 18 16:47:16 2007 +0100
     3.2 +++ b/xen/arch/x86/setup.c	Mon Jun 18 16:48:05 2007 +0100
     3.3 @@ -402,7 +402,7 @@ void init_done(void)
     3.4      startup_cpu_idle_loop();
     3.5  }
     3.6  
     3.7 -void __init __start_xen(multiboot_info_t *mbi)
     3.8 +void __init __start_xen(unsigned long mbi_p)
     3.9  {
    3.10      char *memmap_type = NULL;
    3.11      char __cmdline[] = "", *cmdline = __cmdline;
    3.12 @@ -410,6 +410,7 @@ void __init __start_xen(multiboot_info_t
    3.13      unsigned int initrdidx = 1;
    3.14      char *_policy_start = NULL;
    3.15      unsigned long _policy_len = 0;
    3.16 +    multiboot_info_t *mbi = __va(mbi_p);
    3.17      module_t *mod = (module_t *)__va(mbi->mods_addr);
    3.18      unsigned long nr_pages, modules_length;
    3.19      int i, e820_warn = 0, bytes = 0;
    3.20 @@ -678,6 +679,9 @@ void __init __start_xen(multiboot_info_t
    3.21              barrier();
    3.22              move_memory(e, 0, __pa(&_end) - xen_phys_start);
    3.23  
    3.24 +            /* Poison low 1MB to detect stray pointers to physical 0-1MB. */
    3.25 +            memset(maddr_to_bootstrap_virt(e), 0x55, 1U<<20);
    3.26 +
    3.27              /* Walk initial pagetables, relocating page directory entries. */
    3.28              pl4e = __va(__pa(idle_pg_table));
    3.29              for ( i = 0 ; i < L4_PAGETABLE_ENTRIES; i++, pl4e++ )