[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Xen-devel] [PATCH 0 of 2] Fix correctness race in xc_mem_paging_prep
On Tue, Nov 29, Andres Lagar-Cavilla wrote:
> P2m_mem_paging_prep ensures that an mfn is backing the paged-out gfn, and
> transitions to the next state in the paging state machine for this page.
> Foreign mappings of the gfn will now succeed. This is the key idea, as it
> allows the pager to now map the gfn and fill in its contents.
> Unfortunately, it also allows any other foreign mapper to map the gfn and read
> its contents. This is particularly dangerous when the populate is launched
> by a foreign mapper in the first place, which will be actively retrying the
> map operation and might race with the pager. Qemu-dm being a prime example.
Yes, I think thats a real issue. The concept looks ok to me.
Xen-devel mailing list