Jan Beulich writes ("Re: [Xen-devel] Invalid VA => ptr conversion
with xc_dom_* API after XSA-55 fox"):
On 20.11.13 at 13:56, "Jean-Yves Migeon (NetBSD)" <jym%NetBSD.org@localhost>
wrote:
> Jeff and FastIce pointed out a regression between Xen 4.1.2 and
4.1.6
> when starting NetBSD domU; the kernel syms table gets slightly
corrupted
> [1].
>
> After dwelling into libxc code, FastIce noticed that changing back
the
> return value to "ptr + offset" (instead of just "ptr") for
> xc_dom_vaddr_to_ptr() makes it work again.
>
> According to [2] while fixing XSA-55, Ian changed the "ptr +
offset"
> return value to just "ptr". Is there a reason for this? IMHO the
VA =>
> ptr conversion should also take into account non-page aligned
addresses,
> hence the offset (except for NULL value of course).
I agree, but let's see what Ian (being the author of the whole
patch set) says.
It looks like I changed this in b5a86920. Having stared at the code
and the commit message I think that I did in fact break this, by
inadvertantly removing the "+ offset". Sorry to cause a regression.
I've examined the surrounding code and reread the relevant bits of
xc_dom_pfn_to_ptr_retcount and I think that simpy returning
"ptr + offset" is the correct fix. The calculation of
*safe_region_out is already correct.
Will someone write this up as a patch submission ?