[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Xen-devel] Bisected Xen-unstable: "Segment register inaccessible for d1v0" when starting HVM guest on intel
On 02/07/14 11:07, Jan Beulich wrote:
>>>> On 02.07.14 at 12:02, <andrew.cooper3@xxxxxxxxxx> wrote:
>>> Just like copy_to_user() would produce -EFAULT for a hypercall
>>> when used on a non-present page or a non-canonical address, it
>>> should (and afaict will with how things are right now) similarly
>>> produce -EFAULT for an attempted access to a guest-accessible
>>> page when the current mode of the guest is supervisor.
>>>
>>> To me it is a logical extension to also fail accesses outside of
>>> hypercalls or emulation.
>> Consider an HVM guest with SMAP in effect, making a hypercall. If a
>> guest handle points to guest userspace, Xen would be unable to ever
>> complete the hypercall without an -EFAULT.
>>
>> I don't think this is reasonable to fail.
> This is very reasonable to fail: Such an operation violates the SMAP
> guarantees. If the kernel wants to permit this, it needs to CLAC/STAC
> around the hypercall in its privcmd (or alike) driver.
>
> Jan
>
Hmm - I suppose. At least this gives the guest operating system a choice.
~Andrew
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel
|