Xen project Mailing List

Re: [Xen-devel] [PATCH v2 2/2] Xen: Use the ioreq-server API when available

To: Stefano Stabellini <Stefano.Stabellini@xxxxxxxxxx>

From: Paul Durrant <Paul.Durrant@xxxxxxxxxx>

Date: Mon, 13 Oct 2014 16:41:14 +0000

Accept-language: en-GB, en-US

Cc: Peter Maydell <peter.maydell@xxxxxxxxxx>, Olaf Hering <olaf@xxxxxxxxx>, Alexey Kardashevskiy <aik@xxxxxxxxx>, Stefan Weil <sw@xxxxxxxxxxx>, Michael Tokarev <mjt@xxxxxxxxxx>, "qemu-devel@xxxxxxxxxx" <qemu-devel@xxxxxxxxxx>, Alexander Graf <agraf@xxxxxxx>, Stefano Stabellini <Stefano.Stabellini@xxxxxxxxxx>, Gerd Hoffmann <kraxel@xxxxxxxxxx>, Stefan Hajnoczi <stefanha@xxxxxxxxxx>, Paolo Bonzini <pbonzini@xxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Mon, 13 Oct 2014 16:41:27 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

Thread-index: AQHP5uSZbkHAPdrQ/kOfv0wGEfnycpwuDBuAgAAu1rA=

Thread-topic: [PATCH v2 2/2] Xen: Use the ioreq-server API when available

> -----Original Message----- > From: Stefano Stabellini [mailto:stefano.stabellini@xxxxxxxxxxxxx] > Sent: 13 October 2014 16:53 > To: Paul Durrant > Cc: qemu-devel@xxxxxxxxxx; xen-devel@xxxxxxxxxxxxxxxxxxxx; Stefano > Stabellini; Peter Maydell; Paolo Bonzini; Michael Tokarev; Stefan Hajnoczi; > Stefan Weil; Olaf Hering; Gerd Hoffmann; Alexey Kardashevskiy; Alexander > Graf > Subject: Re: [PATCH v2 2/2] Xen: Use the ioreq-server API when available > > On Mon, 13 Oct 2014, Paul Durrant wrote: > > The ioreq-server API added to Xen 4.5 offers better security than > > the existing Xen/QEMU interface because the shared pages that are > > used to pass emulation request/results back and forth are removed > > from the guest's memory space before any requests are serviced. > > This prevents the guest from mapping these pages (they are in a > > well known location) and attempting to attack QEMU by synthesizing > > its own request structures. Hence, this patch modifies configure > > to detect whether the API is available, and adds the necessary > > code to use the API if it is. > > > > Signed-off-by: Paul Durrant <paul.durrant@xxxxxxxxxx> > > I think the patch is pretty good, just one comment below. > [snip] > > @@ -487,9 +494,52 @@ static void xen_region_del(MemoryListener > *listener, > > MemoryRegionSection *section) > > { > > xen_set_memory(listener, section, false); > > + > > + if (section->mr != &ram_memory) { > > + XenIOState *state = container_of(listener, XenIOState, > memory_listener); > > + > > + xen_unmap_memory_section(xen_xc, xen_domid, state->ioservid, > section); > > + } > > + > > memory_region_unref(section->mr); > > } > > I would prefer if you could move the xen_unmap_memory_section and > xen_map_memory_section calls to xen_set_memory, where we already > have a > ram_memory check. Could you reuse it? > Sure, I can do that. Paul _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.