[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [xen master] x86/altp2m: p2m_altp2m_get_or_propagate() should honor ap2m->default_access
commit 7e5b662b289ac66ee347113f94c46c89d127e774 Author: Petr Beneš <w1benny@xxxxxxxxx> AuthorDate: Tue Feb 6 10:08:22 2024 +0000 Commit: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> CommitDate: Fri Feb 23 17:43:06 2024 +0000 x86/altp2m: p2m_altp2m_get_or_propagate() should honor ap2m->default_access This patch addresses a behavior discrepancy in the handling of altp2m views, where upon the creation and subsequent EPT violation, the page access permissions were incorrectly inherited from the hostp2m instead of respecting the altp2m default_access. Previously, when a new altp2m view was established with restrictive default_access permissions and activated via xc_altp2m_switch_to_view(), it failed to trigger an event on the first access violation. This behavior diverged from the intended mechanism, where the altp2m's default_access should dictate the initial permissions, ensuring proper event triggering on access violations. The correction involves modifying the handling mechanism to respect the altp2m view's default_access upon its activation, eliminating the need for setting memory access permissions for the entire altp2m range (e.g. within xen-access.c). This change not only aligns the behavior with the expected access control logic but also results in a significant performance improvement by reducing the overhead associated with setting memory access permissions across the altp2m range. Signed-off-by: Petr Beneš <w1benny@xxxxxxxxx> Acked-by: Tamas K Lengyel <tamas@xxxxxxxxxxxxx> --- tools/misc/xen-access.c | 14 -------------- xen/arch/x86/mm/p2m.c | 3 +++ 2 files changed, 3 insertions(+), 14 deletions(-) diff --git a/tools/misc/xen-access.c b/tools/misc/xen-access.c index 4097eebe6f..6cf3b6a42c 100644 --- a/tools/misc/xen-access.c +++ b/tools/misc/xen-access.c @@ -517,9 +517,6 @@ int main(int argc, char *argv[]) /* With altp2m we just create a new, restricted view of the memory */ if ( memaccess && altp2m ) { - xen_pfn_t gfn = 0; - unsigned long perm_set = 0; - if( altp2m_write_no_gpt ) { rc = xc_monitor_inguest_pagefault(xch, domain_id, 1); @@ -551,17 +548,6 @@ int main(int argc, char *argv[]) } DPRINTF("altp2m view created with id %u\n", altp2m_view_id); - DPRINTF("Setting altp2m mem_access permissions.. "); - - for(; gfn < xenaccess->max_gpfn; ++gfn) - { - rc = xc_altp2m_set_mem_access( xch, domain_id, altp2m_view_id, gfn, - default_access); - if ( !rc ) - perm_set++; - } - - DPRINTF("done! Permissions set on %lu pages.\n", perm_set); rc = xc_altp2m_switch_to_view( xch, domain_id, altp2m_view_id ); if ( rc < 0 ) diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c index d118d27ab9..4dd41193f5 100644 --- a/xen/arch/x86/mm/p2m.c +++ b/xen/arch/x86/mm/p2m.c @@ -1850,6 +1850,9 @@ bool p2m_altp2m_get_or_propagate(struct p2m_domain *ap2m, unsigned long gfn_l, amfn = _mfn(mfn_x(*mfn) & mask); gfn = _gfn(gfn_l & mask); + /* Override the altp2m entry with its default access. */ + *p2ma = ap2m->default_access; + rc = p2m_set_entry(ap2m, gfn, amfn, cur_order, *p2mt, *p2ma); p2m_unlock(ap2m); -- generated by git-patchbot for /home/xen/git/xen.git#master
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |