[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[UNIKRAFT PATCH RFCv4 28/35] plat/kvm/arm: Add a memory hole at the beginning 128M



Previously, arm64 kvm will setup 0x0-0x3fffffff as a device mmio area.
Hence user can even read/write 0x0 arbitrarily without panic.

After whis patch, we can prevent the memory corruption to some extent
since this set the beginning 128M as NONE attr.

Signed-off-by: Jia He <justin.he@xxxxxxx>
---
 plat/kvm/arm/pagetable64.S          | 42 ++++++++++++++++++++++-------
 plat/kvm/include/kvm-arm/arm64/mm.h |  7 ++---
 2 files changed, 36 insertions(+), 13 deletions(-)

diff --git a/plat/kvm/arm/pagetable64.S b/plat/kvm/arm/pagetable64.S
index 1c2a349..6fd9f3b 100644
--- a/plat/kvm/arm/pagetable64.S
+++ b/plat/kvm/arm/pagetable64.S
@@ -38,13 +38,17 @@
 #include <arm/cpu_defs.h>
 /*
  * The following is the Memory Layout of AArch64 Virtual Machine
- * | 0 - 0x3FFFFFFF |   0x40000000 - 0x7FFFFFFFFF           |  512GB - 1TB   |
- * --------------------------------------------------------------------------
- * |  DEVICES MMIO  | DTB|TEXT|DATA|BSS|PAGETABLE|BOOTSTACK | PCI-e High Mem |
- * --------------------------------------------------------------------------
+ * | 0-0x7FFFFFF | 0x8000000-0x3FFFFFFF | 0x40000000-0x7FFFFFFFFF | 512GB-1TB |
+ * ----------------------------------------------------------------------------
+ * | HOLE        | DEVICES MMIO         | <1>                     | <2>       |
+ * ----------------------------------------------------------------------------
+ * <1> DTB|TEXT|DATA|BSS|PAGETABLE|BOOTSTACK
+ * <2> PCI-e High Mem
  */
-#define DEVICE_ADDR_START 0
-#define DEVICE_ADDR_SIZE  0x40000000
+#define HOLE_START 0
+#define HOLE_MEM_ENTRIES  64 /* 128M */
+#define DEVICE_ADDR_START 0x8000000
+#define DEVICE_ENTRIES    448 /* 512-64 */
 #define RAM_ADDR_START    0x40000000
 #define RAM_L2_ENTRIES    255
 #define RAM_ADDR_SIZE     (0x40000000 * RAM_L2_ENTRIES)
@@ -83,14 +87,29 @@ ENTRY(create_pagetables)
        bl  link_l0_pagetable
 
        /*
-        * Using 1GiB block to map device address space (0x0 ~ 0x3fffffff)
+        * Using 1GiB block to map the hole memory (0x0 ~ 0x7ffffff) and device
+        * address space (0x0 ~ 0x3fffffff)
         */
-       add x6, x14, #L1_TABLE_OFFSET
+       /* Build a L2 block pagetable */
+       add x6, x14, #L2_TABLE_OFFSET
+       ldr x7, =0 /* NONE ATTR*/
+       mov x8, #HOLE_START
+       mov x9, x8
+       ldr x10, =HOLE_MEM_ENTRIES
+       bl  build_l2_block_pagetable
+
+       add x6, x14, #L2_TABLE_OFFSET
        ldr x7, =SECT_ATTR_DEVICE_nGnRE
        mov x8, #DEVICE_ADDR_START
        mov x9, x8
-       mov x10, #1
-       bl  build_l1_block_pagetable
+       ldr x10, =DEVICE_ENTRIES
+       bl  build_l2_block_pagetable
+
+       /* Link this L2 block pagetable to L1 entry */
+       add x6, x14, #L1_TABLE_OFFSET
+       mov x8, #HOLE_START
+       add x9, x14, #L2_TABLE_OFFSET
+       bl  link_l1_pagetable
 
        /*
         * Using 1GiB block to map RAM address space
@@ -135,6 +154,7 @@ ENTRY(create_pagetables)
         */
        /* 1st: Build a L2 block pagetable */
        add x6, x14, #L2_TABLE_OFFSET
+       add x6, x6, #__PAGE_SIZE
        ldr x7, =SECT_ATTR_NORMAL
        mov x8, #RAM_ADDR_START
        mov x9, x8
@@ -145,6 +165,7 @@ ENTRY(create_pagetables)
        add x6, x14, #L1_TABLE_OFFSET
        mov x8, #RAM_ADDR_START
        add x9, x14, #L2_TABLE_OFFSET
+       add x9, x9, #__PAGE_SIZE
        bl  link_l1_pagetable
 
        /* 3rd: Build a L3 pagetable for image occupied memory */
@@ -160,6 +181,7 @@ ENTRY(create_pagetables)
 
        /* 4th: Link this L3 pagetable to L2 entry */
        add x6, x14, #L2_TABLE_OFFSET
+       add x6, x6, #__PAGE_SIZE
 1:
        mov x8, x17
        mov x9, x16
diff --git a/plat/kvm/include/kvm-arm/arm64/mm.h 
b/plat/kvm/include/kvm-arm/arm64/mm.h
index 9ec1273..612b9ec 100644
--- a/plat/kvm/include/kvm-arm/arm64/mm.h
+++ b/plat/kvm/include/kvm-arm/arm64/mm.h
@@ -62,11 +62,12 @@
  * Each entry in L2_TABLE can map to a 2MiB block memory or link to a
  * L3_TABLE which supports 2MiB memory mapping. We need a L3_TABLE to
  * cover image area for us to manager different sections attributes.
- * So, we need one page for L2_TABLE to provide 511 enties for 2MiB
- * block mapping and 1 entry for L3_TABLE link.
+ * So, we need two page for L2_TABLE. One is to provide a protecting hole
+ * from memory corrupting. One is to provide 511 enties for 2MiB block
+ * mapping and 1 entry for L3_TABLE link.
  */
 #define L2_TABLE_OFFSET (L1_TABLE_OFFSET + L1_TABLE_SIZE)
-#define L2_TABLE_SIZE   __PAGE_SIZE
+#define L2_TABLE_SIZE   (__PAGE_SIZE * 2)
 
 /*
  * We will use Unikraft image's size to caculate the L3_TABLE_SIZE.
-- 
2.17.1




 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.