[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 3 of 7] Use a reserved pfn in the guest address space to store mem event rings

To: "Tim Deegan" <tim@xxxxxxx>
From: "Andres Lagar-Cavilla" <andres@xxxxxxxxxxxxxxxx>
Date: Thu, 1 Mar 2012 09:44:25 -0800
Cc: "olaf@xxxxxxxxx" <olaf@xxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>, Ian Campbell <ian.campbell@xxxxxxxxxx>, "andres@xxxxxxxxxxxxxx" <andres@xxxxxxxxxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, "keir.xen@xxxxxxxxx" <keir.xen@xxxxxxxxx>, "adin@xxxxxxxxxxxxxx" <adin@xxxxxxxxxxxxxx>
Delivery-date: Thu, 01 Mar 2012 17:44:42 +0000
Domainkey-signature: a=rsa-sha1; c=nofws; d=lagarcavilla.org; h=message-id :in-reply-to:references:date:subject:from:to:cc:reply-to :mime-version:content-type:content-transfer-encoding; q=dns; s= lagarcavilla.org; b=DViWxcreCXxggVZiryQcSlpA571cNlcKdlMGbTSanVIZ m7kDNvtcONZrUoKSdrjSdp7pfUi7vJ/4jxnP5kQ0Uf0VKMe5Ai8jAzowpqKYzsBq acpC3mx+/A7FOEqTxnQ98V1BwX4X/JDlGxjb4vnV2rSaDQhVseHHdY8vTY3AEq0=
List-id: Xen developer discussion <xen-devel.lists.xen.org>

> At 08:30 -0800 on 01 Mar (1330590637), Andres Lagar-Cavilla wrote:
>> > At 07:47 +0000 on 01 Mar (1330588073), Ian Campbell wrote:
>> >> > > Is there no scope for making these pages owned by the domain but
>> not
>> >> > > actually part of the P2M? We can cope with that for other types
>> of
>> >> magic
>> >> > > page, can't we?
>> >
>> > It would need a new operation to map the ring into the tool that uses
>> > it; normal map-foreign-page ops need a GFN.
>>
>> Actually, confirmed: we can call xc_domain_decrease_reservation on the
>> ring after it's mapped by the helper. Guest won't get at it. Nothing
>> breaks.
>
> But that would only work if:
>  - the helper always attaches before the guest gets to run; and

The helper will ignore whatever contents there were on the page. And if
the guest is out there poking in e820 reserved ranges, then the guest has
it coming. Note that we've narrowed the window of "vulnerability".

>  - you never need to restart the helper.

The helper can re-populate the pfn every time it starts. That's
contemplated in the current patch series. In fact it can do it
"atomically" by pausing the guest.

So, it's an improvement, but it's not water-tight fool-proof.

Andres

>
> Tim.
>

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH 3 of 7] Use a reserved pfn in the guest address space to store mem event ringsg
  - From: Tim Deegan

References:
- Re: [Xen-devel] [PATCH 3 of 7] Use a reserved pfn in the guest address space to store mem event rings
  - From: Ian Campbell
- Re: [Xen-devel] [PATCH 3 of 7] Use a reserved pfn in the guest address space to store mem event rings
  - From: Tim Deegan
- Re: [Xen-devel] [PATCH 3 of 7] Use a reserved pfn in the guest address space to store mem event rings
  - From: Andres Lagar-Cavilla
- Re: [Xen-devel] [PATCH 3 of 7] Use a reserved pfn in the guest address space to store mem event rings
  - From: Tim Deegan

Prev by Date: Re: [Xen-devel] [PATCH v5 0/7] arm: compile tools
Next by Date: Re: [Xen-devel] [PATCH] tools/qemu-xen: remove CFLAGS for qemu build
Previous by thread: Re: [Xen-devel] [PATCH 3 of 7] Use a reserved pfn in the guest address space to store mem event rings
Next by thread: Re: [Xen-devel] [PATCH 3 of 7] Use a reserved pfn in the guest address space to store mem event ringsg
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.