|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH 1/2] x86/hvm: Always do SMAP check when updating runstate_guest(v)
At 13:11 +0100 on 23 Jul (1406117492), Jan Beulich wrote: > >>> On 10.07.14 at 12:56, <tim@xxxxxxx> wrote: > > At 07:18 +0800 on 08 Jul (1404800297), Feng Wu wrote: > >> In the current implementation, we honor the guest's CPL and AC > >> to determain whether do the SMAP check or not for runstate_guest(v). > >> However, this doesn't work. The VMCS feild is invalid when we try > >> to get geust's SS by hvm_get_segment_register(), since the > >> right VMCS has not beed loaded for the current VCPU. > >> > >> In this patch, we always do the SMAP check when updating > >> runstate_guest(v) for the guest when SMAP is enabled by it. > > > > Surely the correct behaviour is _not_ to do the check -- this is the > > context switch path in the _hypervisor_, not a guest-kernel operation. > > But it is being "asked for" by the kernel, and hence should be treated > as implicit supervisor mode access just like e.g. descriptor table > accesses (see also the earlier discussion in the thread where the problem > got reported). OK, that makes sense. Tim. _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |