[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Bisected Xen-unstable: "Segment register inaccessible for d1v0" when starting HVM guest on intel

>>> On 02.07.14 at 12:02, <andrew.cooper3@xxxxxxxxxx> wrote:
>> Just like copy_to_user() would produce -EFAULT for a hypercall
>> when used on a non-present page or a non-canonical address, it
>> should (and afaict will with how things are right now) similarly
>> produce -EFAULT for an attempted access to a guest-accessible
>> page when the current mode of the guest is supervisor.
>> To me it is a logical extension to also fail accesses outside of
>> hypercalls or emulation.
> Consider an HVM guest with SMAP in effect, making a hypercall.  If a
> guest handle points to guest userspace, Xen would be unable to ever
> complete the hypercall without an -EFAULT.
> I don't think this is reasonable to fail.

This is very reasonable to fail: Such an operation violates the SMAP
guarantees. If the kernel wants to permit this, it needs to CLAC/STAC
around the hypercall in its privcmd (or alike) driver.


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.