[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Bisected Xen-unstable: "Segment register inaccessible for d1v0" when starting HVM guest on intel

On 02/07/14 11:07, Jan Beulich wrote:
>>>> On 02.07.14 at 12:02, <andrew.cooper3@xxxxxxxxxx> wrote:
>>> Just like copy_to_user() would produce -EFAULT for a hypercall
>>> when used on a non-present page or a non-canonical address, it
>>> should (and afaict will with how things are right now) similarly
>>> produce -EFAULT for an attempted access to a guest-accessible
>>> page when the current mode of the guest is supervisor.
>>> To me it is a logical extension to also fail accesses outside of
>>> hypercalls or emulation.
>> Consider an HVM guest with SMAP in effect, making a hypercall.  If a
>> guest handle points to guest userspace, Xen would be unable to ever
>> complete the hypercall without an -EFAULT.
>> I don't think this is reasonable to fail.
> This is very reasonable to fail: Such an operation violates the SMAP
> guarantees. If the kernel wants to permit this, it needs to CLAC/STAC
> around the hypercall in its privcmd (or alike) driver.
> Jan

Hmm - I suppose.  At least this gives the guest operating system a choice.


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.