Julien Grall writes:
> At the moment, do_trap_brk() is using a BUG_ON() to check the hardware
> has been correctly configured during boot.
>
> Any error when configuring the hardware could result to a guest 'brk'
> trapping in the hypervisor and crash it.
>
> This is pretty harsh to kill Xen when actually killing the guest would
> be enough as misconfiguring this trap would not lead to exposing
> sensitive data. Replace the BUG_ON() with crashing the guest.
>
> Signed-off-by: Julien Grall <julien.gr...@arm.com>
Reviewed-by: Volodymyr Babchuk <volodymyr_babc...@epam.com>
> ---
> xen/arch/arm/traps.c | 11 ++++++++---
> 1 file changed, 8 insertions(+), 3 deletions(-)
>
> diff --git a/xen/arch/arm/traps.c b/xen/arch/arm/traps.c
> index 132686ee0f..ef37ca6bde 100644
> --- a/xen/arch/arm/traps.c
> +++ b/xen/arch/arm/traps.c
> @@ -1304,10 +1304,15 @@ int do_bug_frame(const struct cpu_user_regs *regs,
> vaddr_t pc)
> #ifdef CONFIG_ARM_64
> static void do_trap_brk(struct cpu_user_regs *regs, const union hsr hsr)
> {
> - /* HCR_EL2.TGE and MDCR_EL2.TDE are not set so we never receive
> - * software breakpoint exception for EL1 and EL0 here.
> + /*
> + * HCR_EL2.TGE and MDCR_EL2.TDR are currently not set. So we should
> + * never receive software breakpoing exception for EL1 and EL0 here.
> */
> - BUG_ON(!hyp_mode(regs));
> + if ( !hyp_mode(regs) )
> + {
> + domain_crash(current->domain);
> + return;
> + }
>
> switch ( hsr.brk.comment )
> {
--
Volodymyr Babchuk at EPAM
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
