xenbits.xensource.com Git - xen.git/commit

author	Jan Beulich <jbeulich@suse.com>
	Thu, 12 Oct 2017 13:27:37 +0000 (15:27 +0200)
committer	Jan Beulich <jbeulich@suse.com>
	Thu, 12 Oct 2017 13:27:37 +0000 (15:27 +0200)
commit	ebd47d46c31e67bc207c66435bc586fee91f6df5
tree	a54cd82512723df3955a34e6a7ae8f944f394ca4	tree
parent	6a6a3394b68a06dd847eb60ad1e07896ff8f4457	commit \| diff

x86: limit linear page table use to a single level

That's the only way that they're meant to be used. Without such a
restriction arbitrarily long chains of same-level page tables can be
built, tearing down of which may then cause arbitrarily deep recursion,
causing a stack overflow. To facilitate this restriction, a counter is
being introduced to track both the number of same-level entries in a
page table as well as the number of uses of a page table in another
same-level one (counting into positive and negative direction
respectively, utilizing the fact that both counts can't be non-zero at
the same time).

Note that the added accounting introduces a restriction on the number
of times a page can be used in other same-level page tables - more than
32k of such uses are no longer possible.

Note also that some put_page_and_type[_preemptible]() calls are
replaced with open-coded equivalents. This seemed preferrable to
adding "parent_table" to the matrix of functions.

Note further that cross-domain same-level page table references are no
longer permitted (they probably never should have been).

This is XSA-240.

Reported-by: Jann Horn <jannh@google.com>
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Signed-off-by: George Dunlap <george.dunlap@citrix.com>
master commit: 6987fc7558bdbab8119eabf026e3cdad1053f0e5
master date: 2017-10-12 14:44:34 +0200

xen/arch/x86/domain.c		diff \| blob \| blame \| history
xen/arch/x86/mm.c		diff \| blob \| blame \| history
xen/include/asm-x86/domain.h		diff \| blob \| blame \| history
xen/include/asm-x86/mm.h		diff \| blob \| blame \| history