Re: [Xen-devel] [V2 PATCH 7/8] pvh dom0: Add and remove foreign pages

[Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>]

On 11/25/2013 04:03 AM, Jan Beulich wrote:
> > > > On 23.11.13 at 01:03, Mukesh Rathor <mukesh.rathor@xxxxxxxxxx> wrote:
> > +static int xenmem_add_foreign_to_pmap(unsigned long fgfn, unsigned long gpfn,
> > +                                      domid_t foreign_domid)
> > +{
> > +    p2m_type_t p2mt, p2mt_prev;
> > +    int rc = 0;
> > +    unsigned long prev_mfn, mfn = 0;
> > +    struct domain *fdom, *currd = current->domain;
> > +    struct page_info *page = NULL;
> > +
> > +    if ( currd->domain_id == foreign_domid || foreign_domid == DOMID_SELF ||
> > +         !is_pvh_domain(currd) )
> > +        return -EINVAL;
> > +
> > +    if ( !is_control_domain(currd) ||
> > +         (fdom = get_pg_owner(foreign_domid)) == NULL )
> > +        return -EPERM;
> Is this the right approach (i.e. shouldn't this be an XSM call)? Cc-ing
> Daniel...
Yes, this should be an XSM call; it needs to explicitly check if currd
has the right to access pages from fdom.

For efficiency, rather than checking permissions here for each page,
check once in xenmem_add_to_physmap_range or next to the existing check
in arch_memory_op; in that case, combining the two checks into one as is
done for xsm_mmu_update may be preferred.  Moving the other EINVAL
checks in addition could also be useful, although that requires
duplicating them in xenmem_add_to_physmap.

--
Daniel De Graaf
National Security Agency

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel