Message-ID: <9d2b7ee7-4498-da49-bd74-5da0dc38d1de@suse.com>
Date:   Wed, 24 Nov 2021 08:33:00 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101
 Thunderbird/91.3.1
Subject: Re: [PATCH v4] xen: detect uninitialized xenbus in xenbus_init
Content-Language: en-US
To:     Stefano Stabellini <sstabellini@kernel.org>
Cc:     boris.ostrovsky@oracle.com, xen-devel@lists.xenproject.org,
        linux-kernel@vger.kernel.org,
        Stefano Stabellini <stefano.stabellini@xilinx.com>,
        stable@vger.kernel.org, jgross@suse.com
References: <20211123210748.1910236-1-sstabellini@kernel.org>
From:   Jan Beulich <jbeulich@suse.com>
In-Reply-To: <20211123210748.1910236-1-sstabellini@kernel.org>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
MIME-Version: 1.0
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?S1ZxSTJSWDhOTFhPNy8wUm1LdkttYmVtUXYyVmlqR1IrcVBsVDE4azRVeFdU?=
 =?utf-8?B?UjdqdWU0ZGxxV0k4VDQ2TzgvV1k1L3BMNlJ3UG16UTBkemhlUW9keUVFK0J6?=
 =?utf-8?B?NHd5SXZwdFhnTVVKdWgyK1laVHJ6MW9yZ0gzbU1VVzFjbDZzT3IrUlFZOGk0?=
 =?utf-8?B?WkJMVXBpWWQrL0ZTS09VWERkL3QzNDNPS2cvazU0WGxLd3kwaFRLTGQ0SWNp?=
 =?utf-8?B?S041RWxwOUw2QzA2TFZXZ1NCcW9oVy9GTHZkZHV5bjJ4YzZyRk9YTFFGYk9S?=
 =?utf-8?B?VlpVQmREcjBYT3NPenV4TmQ1Yi9ROEk5ejMxYXgwUGtYOHhmeTNONEdPeTFP?=
 =?utf-8?B?WEd2cEE2cFpXZVp1WUI5NXk1QnB0RXFMUDM3MWRDR3FBWjZEZStSclYzbm5z?=
 =?utf-8?B?aFlpS0NPWkVrYWNZVjNJUDJqTC94ak9wYzQvdHFkZFdiM2tqUThzL2ZnMkFx?=
 =?utf-8?B?RitqNjQ1YlFHWnF5VGtxalFMTkFuM2pIeXUyaFFleHdUZW5xQklQby9yU3RB?=
 =?utf-8?B?SE0zcmtJaXI2UVNVRHp1eGEvOEZPUWJmRHhpRUVYSmgxTUZBQ1IyZTBQUWpG?=
 =?utf-8?B?UitIdTU3RGJ2bGk0ZHNZYzVNdDlWdThXcFhoYW9rbkFTQzI4MXRVaktEZldU?=
 =?utf-8?B?TzNhTGw4Y2E1U0pPMkdEYTgxelVGYlJVMkhqNmZraEJibjdwU1Q4M1VsOEcr?=
 =?utf-8?B?bkVQM0lqK0dLV2JPSHJuUERWUTBoVGZ3SDAySnJ5S0JoellFOWhsc2NWYVZq?=
 =?utf-8?B?RWdmdkJ3UVBpNnIyL0orU3NNTVJZcFVvMUtHZk92NlBVRTE2YjM2eWtDYW1M?=
 =?utf-8?B?WUlNa0VDTmFtQmpmTXlKaVhNNDlZaEhxV1RTUDJYWnNqZFdMQXFLZjJCZzd3?=
 =?utf-8?B?MUIwMnZpdXEyakRjOWRjcUFGUHdZZ25YNUI0WDdnTWRLeXowTGF5Y3oxRlJn?=
 =?utf-8?B?Q3BTN1VWNHZFSjdDMWE5amE1bm43V28zcXJwU2JKWkRSRFNiWXhKUzNhMU9O?=
 =?utf-8?B?RW44TUVQUmRmcVBsNDk5RDQ5ZFBzQktza0FIQkkyazYzZmhkZTFtNnBLV3Ns?=
 =?utf-8?B?NDc2R2xJMHhVQ0tSbTFtZUVWckxmaHo4SXIxVGFBR0N4a2xEVjZxNDQ0T0RV?=
 =?utf-8?B?bVg5Tk5PUkRqZWpQWWdlQ0hNbzFGZ0xVNFljZ0ROS1FGUDk2RnJ6UDgwTFJi?=
 =?utf-8?B?YnlCU3haTS82ak14aHNwZjlWcnVVYmxCLzExaWlVaWd0bDMyVmk4NmU5cXhu?=
 =?utf-8?B?MWI2ZDVmaWVaNlV2aDBKUXR1RHJXcnVqT0pIeTZFdXJsWHFGVDJGK3oyOXAv?=
 =?utf-8?B?WnBuODJkRHhIYUdWUHlqejY2RzlPeW8yQnBBOFZwT0NNSTYrSm5iam9HaUxa?=
 =?utf-8?B?bjY5YUQwQ0RWelhVVktRQVMxeWoyUHpvaG5keU4zNmZMSzhpTG5XZEhZY1JJ?=
 =?utf-8?B?UmVJQ0xmWHY4Y1Q2ZnNnK2lWeTNhUU5RUEFsVEZJRTVlVXhyZGZDZERmNm1X?=
 =?utf-8?B?UEN4Wk4xZmJtV2Ntb2h4Vis0cWptN3pKWWQralFYbm5ydStCMEFKbFMzKzJJ?=
 =?utf-8?B?c1N3VWMreXVYdHFvZnYwaEJEeURDeWVUZzlEclQzL3cvYWF1QS9ZVExJL2pI?=
 =?utf-8?B?VE5XeU04MVNDRmdCOFhMc2RaT0pPZmxlaU8vNHhITEpHM3NibGF2ZkZrTURr?=
 =?utf-8?B?ZFRLRHRoandOWjVuazZRdUpWSFNiYTFhQUpZYkVySmoreXhuaXFyQUtWQkF5?=
 =?utf-8?B?ZDFZcHdLcDNnTThzeGdCZG5CMlBRTkNIRmN5QnJsNUw0YmhmR3RvRm9KcHpT?=
 =?utf-8?B?amd6Kzd5RTR4TXg0WU5PVTgycnFrdFJET0FrRGdKODZkc1R1eFRmdjhWMHUx?=
 =?utf-8?B?RWg5U2lBSHB3USt1ZHNadU80VExDUTltRVNkYmtqNTY2ZDVoQml0RVpaTW13?=
 =?utf-8?B?TFdmZC9ySmYyWXBwY2I5RmMvNTY0YjFhaHo5U3dkbGNqbnpxdFlnVDByZnBu?=
 =?utf-8?B?OG1MVkpraEpldkdGWE5ma3FkSnROeE5EZ0locHVyR1A1dVhObitoSmFESmRI?=
 =?utf-8?B?NExtaVcxUFJqWVJvL3pnTXpnNXNCWjBQdDg1N25YSmR6RXJIRkZWRDQwUWxJ?=
 =?utf-8?B?UWVjSjJQREpRTkVpVmgwUFJ0NTNtdGVyZEgzTEpSZEs2THgvOGplQ3l3TXRJ?=
 =?utf-8?Q?039yiT6+ZWeeodVEWrwa5AQ=3D?=
X-OriginatorOrg: suse.com
X-MS-Exchange-CrossTenant-Network-Message-Id: e7168824-a29d-49fc-727b-08d9af1ca568
X-MS-Exchange-CrossTenant-AuthSource: VI1PR04MB5600.eurprd04.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 24 Nov 2021 07:33:01.9795
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: f7a17af6-1c5c-4a36-aa8b-f5be247aa4ba
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 9KqD0pfn0oJuJR3EroIt6CLBVN7MVqBop63hZg1y/oU3C6HrAAnGu+2ijGsW3bf8TrfhEeCioDYPbYDKAOvrXg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR04MB7038
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 23.11.2021 22:07, Stefano Stabellini wrote:
> From: Stefano Stabellini <stefano.stabellini@xilinx.com>
> 
> If the xenstore page hasn't been allocated properly, reading the value
> of the related hvm_param (HVM_PARAM_STORE_PFN) won't actually return
> error. Instead, it will succeed and return zero. Instead of attempting
> to xen_remap a bad guest physical address, detect this condition and
> return early.
> 
> Note that although a guest physical address of zero for
> HVM_PARAM_STORE_PFN is theoretically possible, it is not a good choice
> and zero has never been validly used in that capacity.
> 
> Also recognize all bits set as an invalid value.
> 
> For 32-bit Linux, any pfn above ULONG_MAX would get truncated. Pfns
> above ULONG_MAX should never be passed by the Xen tools to HVM guests
> anyway, so check for this condition and return early.
> 
> Cc: stable@vger.kernel.org
> Signed-off-by: Stefano Stabellini <stefano.stabellini@xilinx.com>

Reviewed-by: Jan Beulich <jbeulich@suse.com>