On 12/06/18 17:00, Manuel Bouyer wrote: > On Tue, Jun 12, 2018 at 04:54:30PM +0100, Andrew Cooper wrote: >> On 12/06/18 16:38, Manuel Bouyer wrote: >>> On Tue, Jun 12, 2018 at 01:39:05PM +0200, Manuel Bouyer wrote: >>>> I applied this patch to 4.11rc4 (let's not change too much things at the >>>> same time) and rebooted my test host. Hopefully I'll have some data to >>>> report >>>> soon >>> Got the first panic (still from a i386 domU): >>> login: (XEN) d4v0 Hit #DB in Xen context: e008:ffff82d08036eb00 [overflow], >>> stk 0000:ffff8301bf117f78, dr6 ffff0ff0 >>> (XEN) d4v0 Hit #DB in Xen context: e008:ffff82d08036eb00 [overflow], stk >>> 0000:ffff8301bf117f78, dr6 ffff0ff0 >>> (XEN) d4v0 Hit #DB in Xen context: e008:ffff82d08036eb00 [overflow], stk >>> 0000:ffff8301bf117f78, dr6 ffff0ff0 >>> (XEN) d4v0 Hit #DB in Xen context: e008:ffff82d08036eb00 [overflow], stk >>> 0000:ffff8301bf117f78, dr6 ffff0ff0 >>> (XEN) d4v0 Hit #DB in Xen context: e008:ffff82d08036eb00 [overflow], stk >>> 0000:ffff8301bf117f78, dr6 ffff0ff0 >>> (XEN) d4v2 Hit #DB in Xen context: e008:ffff82d08036eb00 [overflow], stk >>> 0000:ffff8301bf077f78, dr6 ffff0ff0 >> I presume you're running a XSA-263 (MovSS) exploit in testing? > Not intentionally, these are the NetBSD test suite and I don't think any > specifically targets this (there are 759 tests at this time). > But these includes network tests, so there is probably in kernel bpf code > tests.
This specific message can only be triggered (so far as we know) by a MovSS-deferred #DB, in this case over an `into` instruction. If this isn't a dedicated test, then whatever you've got in your test suite came dangerously close to discovering the MovSS issue. Anyway - it was more of an observation than anything else, to point out that it isn't liable to be related to the assertion failure. ~Andrew _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
