Hi Jan,
On 02/05/17 16:43, Jan Beulich wrote:
On 02.05.17 at 17:21, <rcojoc...@bitdefender.com> wrote:
hvm_save_cpu_ctxt() returns success without writing any data into
hvm_domain_context_t when all VCPUs are offline. This can then crash
the hypervisor (with FATAL PAGE FAULT) in hvm_save_one() via the
"off < (ctxt.cur - sizeof(*desc))" for() test, where ctxt.cur remains 0,
causing an underflow which leads the hypervisor to go off the end of the
ctxt buffer.
This has been broken since Xen 4.4 (c/s e019c606f59).
And I think we want this in 4.9, but you didn't Cc Julien ...
I agree:
Release-Acked-by: Julien Grall <julien.gr...@arm.com>
Cheers,
--
Julien Grall
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
