hvm: Limit the size of large HVM op batches
authorTim Deegan <tim@xen.org>
Tue, 4 Dec 2012 18:38:05 +0000 (18:38 +0000)
committerTim Deegan <tim@xen.org>
Tue, 4 Dec 2012 18:38:05 +0000 (18:38 +0000)
commit24ff9723e0398e78355ea4b83df50eafb154d4dc
tree86ce84a13a30a696e8c0a2008a61a7608758856a
parent23d9492080ae7ce6e281b6ccae1ecff9d4d9ea3a
hvm: Limit the size of large HVM op batches

Doing large p2m updates for HVMOP_track_dirty_vram without preemption
ties up the physical processor. Integrating preemption into the p2m
updates is hard so simply limit to 1GB which is sufficient for a 15000
* 15000 * 32bpp framebuffer.

For HVMOP_modified_memory and HVMOP_set_mem_type preemptible add the
necessary machinery to handle preemption.

This is CVE-2012-5511 / XSA-27.

Signed-off-by: Tim Deegan <tim@xen.org>
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
Committed-by: Ian Jackson <ian.jackson.citrix.com>
xen/arch/x86/hvm/hvm.c