>>> On 02.05.17 at 17:21, <rcojoc...@bitdefender.com> wrote: > hvm_save_cpu_ctxt() returns success without writing any data into > hvm_domain_context_t when all VCPUs are offline. This can then crash > the hypervisor (with FATAL PAGE FAULT) in hvm_save_one() via the > "off < (ctxt.cur - sizeof(*desc))" for() test, where ctxt.cur remains 0, > causing an underflow which leads the hypervisor to go off the end of the > ctxt buffer. > > This has been broken since Xen 4.4 (c/s e019c606f59).
And I think we want this in 4.9, but you didn't Cc Julien ... Jan _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org https://lists.xen.org/xen-devel
