Jan Beulich
2013-Jul-10 10:26 UTC
[PATCH] VT-d: protect against bogus information coming from BIOS
Add checks similar to those done by Linux: The DRHD address must not
be all zeros or all ones (Linux only checks for zero), and capabilities
as well as extended capabilities must not be all ones.
Signed-off-by: Jan Beulich <jbeulich@suse.com>
--- a/xen/drivers/passthrough/vtd/dmar.c
+++ b/xen/drivers/passthrough/vtd/dmar.c
@@ -447,6 +447,9 @@ acpi_parse_one_drhd(struct acpi_dmar_hea
if ( (ret = acpi_dmar_check_length(header, sizeof(*drhd))) != 0 )
return ret;
+ if ( !drhd->address || !(drhd->address + 1) )
+ return -ENODEV;
+
dmaru = xzalloc(struct acpi_drhd_unit);
if ( !dmaru )
return -ENOMEM;
--- a/xen/drivers/passthrough/vtd/iommu.c
+++ b/xen/drivers/passthrough/vtd/iommu.c
@@ -1159,6 +1159,9 @@ int __init iommu_alloc(struct acpi_drhd_
dprintk(VTDPREFIX,
"cap = %"PRIx64" ecap =
%"PRIx64"\n", iommu->cap, iommu->ecap);
}
+ if ( !(iommu->cap + 1) || !(iommu->ecap + 1) )
+ return -ENODEV;
+
if ( cap_fault_reg_offset(iommu->cap) +
cap_num_fault_regs(iommu->cap) * PRIMARY_FAULT_REG_LEN >=
PAGE_SIZE ||
ecap_iotlb_offset(iommu->ecap) >= PAGE_SIZE )
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
Ben Guthro
2013-Jul-10 11:32 UTC
Re: [PATCH] VT-d: protect against bogus information coming from BIOS
On Wed, Jul 10, 2013 at 6:26 AM, Jan Beulich <JBeulich@suse.com> wrote:> Add checks similar to those done by Linux: The DRHD address must not > be all zeros or all ones (Linux only checks for zero), and capabilities > as well as extended capabilities must not be all ones. > > Signed-off-by: Jan Beulich <jbeulich@suse.com>Tested-by: Ben Guthro <benjamin.guthro@citrix.com>> > --- a/xen/drivers/passthrough/vtd/dmar.c > +++ b/xen/drivers/passthrough/vtd/dmar.c > @@ -447,6 +447,9 @@ acpi_parse_one_drhd(struct acpi_dmar_hea > if ( (ret = acpi_dmar_check_length(header, sizeof(*drhd))) != 0 ) > return ret; > > + if ( !drhd->address || !(drhd->address + 1) ) > + return -ENODEV; > + > dmaru = xzalloc(struct acpi_drhd_unit); > if ( !dmaru ) > return -ENOMEM; > --- a/xen/drivers/passthrough/vtd/iommu.c > +++ b/xen/drivers/passthrough/vtd/iommu.c > @@ -1159,6 +1159,9 @@ int __init iommu_alloc(struct acpi_drhd_ > dprintk(VTDPREFIX, > "cap = %"PRIx64" ecap = %"PRIx64"\n", iommu->cap, iommu->ecap); > } > + if ( !(iommu->cap + 1) || !(iommu->ecap + 1) ) > + return -ENODEV; > + > if ( cap_fault_reg_offset(iommu->cap) + > cap_num_fault_regs(iommu->cap) * PRIMARY_FAULT_REG_LEN >= PAGE_SIZE || > ecap_iotlb_offset(iommu->ecap) >= PAGE_SIZE ) > > >
Jan Beulich
2013-Aug-05 13:06 UTC
Ping: [PATCH] VT-d: protect against bogus information coming from BIOS
Ping?>>> On 10.07.13 at 12:26, "Jan Beulich" <JBeulich@suse.com> wrote: > Add checks similar to those done by Linux: The DRHD address must not > be all zeros or all ones (Linux only checks for zero), and capabilities > as well as extended capabilities must not be all ones. > > Signed-off-by: Jan Beulich <jbeulich@suse.com> > > --- a/xen/drivers/passthrough/vtd/dmar.c > +++ b/xen/drivers/passthrough/vtd/dmar.c > @@ -447,6 +447,9 @@ acpi_parse_one_drhd(struct acpi_dmar_hea > if ( (ret = acpi_dmar_check_length(header, sizeof(*drhd))) != 0 ) > return ret; > > + if ( !drhd->address || !(drhd->address + 1) ) > + return -ENODEV; > + > dmaru = xzalloc(struct acpi_drhd_unit); > if ( !dmaru ) > return -ENOMEM; > --- a/xen/drivers/passthrough/vtd/iommu.c > +++ b/xen/drivers/passthrough/vtd/iommu.c > @@ -1159,6 +1159,9 @@ int __init iommu_alloc(struct acpi_drhd_ > dprintk(VTDPREFIX, > "cap = %"PRIx64" ecap = %"PRIx64"\n", iommu->cap, iommu->ecap); > } > + if ( !(iommu->cap + 1) || !(iommu->ecap + 1) ) > + return -ENODEV; > + > if ( cap_fault_reg_offset(iommu->cap) + > cap_num_fault_regs(iommu->cap) * PRIMARY_FAULT_REG_LEN >= PAGE_SIZE > || > ecap_iotlb_offset(iommu->ecap) >= PAGE_SIZE )
Ben Guthro
2013-Aug-05 13:10 UTC
Re: Ping: [PATCH] VT-d: protect against bogus information coming from BIOS
On Mon, Aug 5, 2013 at 9:06 AM, Jan Beulich <JBeulich@suse.com> wrote:> Ping? > > >>> On 10.07.13 at 12:26, "Jan Beulich" <JBeulich@suse.com> wrote: > > Add checks similar to those done by Linux: The DRHD address must not > > be all zeros or all ones (Linux only checks for zero), and capabilities > > as well as extended capabilities must not be all ones. > > > > Signed-off-by: Jan Beulich <jbeulich@suse.com> > > >Looks OK to me, FWIW You can add Reviewed-by: Ben Guthro <benjamin.guthro@citrix.com>> > --- a/xen/drivers/passthrough/vtd/dmar.c > > +++ b/xen/drivers/passthrough/vtd/dmar.c > > @@ -447,6 +447,9 @@ acpi_parse_one_drhd(struct acpi_dmar_hea > > if ( (ret = acpi_dmar_check_length(header, sizeof(*drhd))) != 0 ) > > return ret; > > > > + if ( !drhd->address || !(drhd->address + 1) ) > > + return -ENODEV; > > + > > dmaru = xzalloc(struct acpi_drhd_unit); > > if ( !dmaru ) > > return -ENOMEM; > > --- a/xen/drivers/passthrough/vtd/iommu.c > > +++ b/xen/drivers/passthrough/vtd/iommu.c > > @@ -1159,6 +1159,9 @@ int __init iommu_alloc(struct acpi_drhd_ > > dprintk(VTDPREFIX, > > "cap = %"PRIx64" ecap = %"PRIx64"\n", iommu->cap, > iommu->ecap); > > } > > + if ( !(iommu->cap + 1) || !(iommu->ecap + 1) ) > > + return -ENODEV; > > + > > if ( cap_fault_reg_offset(iommu->cap) + > > cap_num_fault_regs(iommu->cap) * PRIMARY_FAULT_REG_LEN >> PAGE_SIZE > > || > > ecap_iotlb_offset(iommu->ecap) >= PAGE_SIZE ) > > > >_______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
Andrew Cooper
2013-Aug-05 14:55 UTC
Re: Ping: [PATCH] VT-d: protect against bogus information coming from BIOS
On 05/08/13 14:06, Jan Beulich wrote:> Ping? > >>>> On 10.07.13 at 12:26, "Jan Beulich" <JBeulich@suse.com> wrote: >> Add checks similar to those done by Linux: The DRHD address must not >> be all zeros or all ones (Linux only checks for zero), and capabilities >> as well as extended capabilities must not be all ones. >> >> Signed-off-by: Jan Beulich <jbeulich@suse.com>Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>>> >> --- a/xen/drivers/passthrough/vtd/dmar.c >> +++ b/xen/drivers/passthrough/vtd/dmar.c >> @@ -447,6 +447,9 @@ acpi_parse_one_drhd(struct acpi_dmar_hea >> if ( (ret = acpi_dmar_check_length(header, sizeof(*drhd))) != 0 ) >> return ret; >> >> + if ( !drhd->address || !(drhd->address + 1) ) >> + return -ENODEV; >> + >> dmaru = xzalloc(struct acpi_drhd_unit); >> if ( !dmaru ) >> return -ENOMEM; >> --- a/xen/drivers/passthrough/vtd/iommu.c >> +++ b/xen/drivers/passthrough/vtd/iommu.c >> @@ -1159,6 +1159,9 @@ int __init iommu_alloc(struct acpi_drhd_ >> dprintk(VTDPREFIX, >> "cap = %"PRIx64" ecap = %"PRIx64"\n", iommu->cap, iommu->ecap); >> } >> + if ( !(iommu->cap + 1) || !(iommu->ecap + 1) ) >> + return -ENODEV; >> + >> if ( cap_fault_reg_offset(iommu->cap) + >> cap_num_fault_regs(iommu->cap) * PRIMARY_FAULT_REG_LEN >= PAGE_SIZE >> || >> ecap_iotlb_offset(iommu->ecap) >= PAGE_SIZE ) > > > > _______________________________________________ > Xen-devel mailing list > Xen-devel@lists.xen.org > http://lists.xen.org/xen-devel