[for-4.8] libxl: disallow enabling PoD and ALTP2M at the same time

Commit Message

Wei Liu Nov. 2, 2016, 2:10 p.m. UTC

That combination would cause Xen to crash. Note that this is not a
security issue because ALTP2M is experimental.

Signed-off-by: Wei Liu <wei.liu2@citrix.com>
---
Cc: Ian Jackson <ian.jackson@eu.citrix.com>

Maybe backport this to 4.6 and 4.7?
---
 tools/libxl/libxl_create.c | 7 +++++++
 1 file changed, 7 insertions(+)

Comments

Ian Jackson Nov. 2, 2016, 2:43 p.m. UTC | #1

Wei Liu writes ("[PATCH for-4.8] libxl: disallow enabling PoD and ALTP2M at the same time"):
> That combination would cause Xen to crash. Note that this is not a
> security issue because ALTP2M is experimental.

Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>

You mean, though

  Note that although this is a security issue, is not an XSA-worthy
  because ALTP2M is experimental.

And you should probably CC the altp2m maintainers.

Ian.

Wei Liu Nov. 2, 2016, 2:51 p.m. UTC | #2

On Wed, Nov 02, 2016 at 02:43:58PM +0000, Ian Jackson wrote:
> Wei Liu writes ("[PATCH for-4.8] libxl: disallow enabling PoD and ALTP2M at the same time"):
> > That combination would cause Xen to crash. Note that this is not a
> > security issue because ALTP2M is experimental.
> 
> Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
> 
> You mean, though
> 
>   Note that although this is a security issue, is not an XSA-worthy
>   because ALTP2M is experimental.

Right, this is more accurate.

> 
> And you should probably CC the altp2m maintainers.
> 

I've done this now.

Wei.

> Ian.

Wei Liu Nov. 3, 2016, 11:10 a.m. UTC | #3

On Wed, Nov 02, 2016 at 02:51:41PM +0000, Wei Liu wrote:
> On Wed, Nov 02, 2016 at 02:43:58PM +0000, Ian Jackson wrote:
> > Wei Liu writes ("[PATCH for-4.8] libxl: disallow enabling PoD and ALTP2M at the same time"):
> > > That combination would cause Xen to crash. Note that this is not a
> > > security issue because ALTP2M is experimental.
> > 
> > Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
> > 
> > You mean, though
> > 
> >   Note that although this is a security issue, is not an XSA-worthy
> >   because ALTP2M is experimental.
> 

Updated commit message and applied.

Wei Liu Nov. 3, 2016, 4:11 p.m. UTC | #4

On Thu, Nov 03, 2016 at 11:10:44AM +0000, Wei Liu wrote:
> On Wed, Nov 02, 2016 at 02:51:41PM +0000, Wei Liu wrote:
> > On Wed, Nov 02, 2016 at 02:43:58PM +0000, Ian Jackson wrote:
> > > Wei Liu writes ("[PATCH for-4.8] libxl: disallow enabling PoD and ALTP2M at the same time"):
> > > > That combination would cause Xen to crash. Note that this is not a
> > > > security issue because ALTP2M is experimental.
> > > 
> > > Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
> > > 
> > > You mean, though
> > > 
> > >   Note that although this is a security issue, is not an XSA-worthy
> > >   because ALTP2M is experimental.
> > 
> 
> Updated commit message and applied.

I interpreted the code for setting default value wrong. I will revert
the patch and staging and rework it.

Wei.

Patch

diff --git a/tools/libxl/libxl_create.c b/tools/libxl/libxl_create.c
index d986cd2..47c297b 100644
--- a/tools/libxl/libxl_create.c
+++ b/tools/libxl/libxl_create.c
@@ -885,6 +885,13 @@  static void initiate_domain_create(libxl__egc *egc,
         goto error_out;
     }
 
+    if (d_config->c_info.type == LIBXL_DOMAIN_TYPE_HVM &&
+        libxl_defbool_val(d_config->b_info.u.hvm.altp2m) &&
+        pod_enabled) {
+        LOG(ERROR, "Cannot enable PoD and ALTP2M at the same time");
+        goto error_out;
+    }
+
     /* PV vNUMA is not yet supported because there is an issue with
      * cpuid handling.
      */