On 04/03/2019 21:52, Arnd Bergmann wrote:
> The legacy hypercall handlers were originally added with
> a comment explaining that "copying the argument structures in
> HYPERVISOR_event_channel_op() and HYPERVISOR_physdev_op() into the local
> variable is sufficiently safe" and only made sure to not write
> past the end of the argument structure, the checks in linux/string.h
> disagree with that, when link-time optimizations are used:
>
> In function 'memcpy',
> inlined from 'pirq_query_unmask' at drivers/xen/fallback.c:53:2,
> inlined from '__startup_pirq' at drivers/xen/events/events_base.c:529:2,
> inlined from 'restore_pirqs' at drivers/xen/events/events_base.c:1439:3,
> inlined from 'xen_irq_resume' at drivers/xen/events/events_base.c:1581:2:
> include/linux/string.h:350:3: error: call to '__read_overflow2' declared with
> attribute error: detected read beyond size of object passed as 2nd parameter
> __read_overflow2();
> ^
>
> Further research turned out that only Xen 3.0.2 or earlier required the
> fallback at all, while all versions in use today don't need it.
> As far as I can tell, it is not even possible to run a mainline kernel
> on those old Xen releases, at the time when they were in use, only
> a patched kernel was supported anyway.
>
> Fixes: cf47a83fb06e ("xen/hypercall: fix hypercall fallback code for very old
> hypervisors")
> Reviewed-by: Boris Ostrovsky <boris.ostrov...@oracle.com>
> Cc: Jan Beulich <jbeul...@suse.com>
> Signed-off-by: Arnd Bergmann <a...@arndb.de>
Pushed to xen/tip.git for-linus-5.1a
Juergen
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
