[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v4 16/16] xen/arm: add SGI handling for GICv3

On Thu, 2014-06-12 at 22:56 +0100, Julien Grall wrote:
> On 12/06/14 07:53, Vijay Kilari wrote:
> >     In GICv3 case the sending SGI by guest raises sysreg trap where
> > as in GICv2 it raises mmio write trap. So these traps lands in respective
> > vgic driver. ( mmio write trap => vgic-v2.c and sysreg => vgic-v3.c)
> > These vgic-v{2,3}.c driver calls generic vgic driver to inject SGI to VCPU.
> What does prevent a malicious buggy gicv2 guest too call the sysreg 
> version? AFAIU nothing, so you will end up to interpret GICv2 data as 
> GICv3 data which will result to a possible security issue.

ICC_SRE_EL2.Enable should gate EL1's access to this register. We should
certainly set this to the appropriate value corresponding to what we
expose to the guest. (I haven't looked if this series does not).


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.