[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v8 0/8] xen/arm: introduce GNTTABOP_cache_flush



>>> On 20.10.14 at 12:36, <stefano.stabellini@xxxxxxxxxxxxx> wrote:
> On Mon, 20 Oct 2014, Jan Beulich wrote:
>> >>> On 20.10.14 at 11:47, <stefano.stabellini@xxxxxxxxxxxxx> wrote:
>> > Hi all,
>> > this patch series introduces a new hypercall to perform cache
>> > maintenance operations on behalf of the guest. It is useful for dom0 to
>> > be able to cache flush pages involved in a dma operation with
>> > non-coherent devices.
>> > 
>> > It also removes XENFEAT_grant_map_identity as the feature is no longer
>> > necessary: it was used to achieve the same goal but the guest can now
>> > use the hypercall instead. Keeping the flag would also have a
>> > significant performance impact as a new p2m mapping gets created and
>> > then destroyed for every grant that is mapped and unmapped in dom0.
>> > 
>> > 
>> > Changes in v8:
>> > - remove unused #include;
>> > - set max_nr_grant_frames as __initdata;
>> > - set max_grant_frames and max_maptrack_frames as __read_mostly;
>> > - respent coding style for comments;
>> > - remove MAX_MAPTRACK_TO_GRANTS_RATIO;
>> > - avoid security issues, use two separate opaque variables to store the
>> > input argument and the output argument;
>> 
>> Security issues?
> 
> The user could have passed in an opaque value for a gnttabop that
> doesn't use it, causing Xen to keep looping over the continuation.
> I fixed it by using two different variable to save the opaque input and
> output.

Hmm, but that's not really a security issue, since the preemption
in between guarantees Xen's health. All it would end up being is a
guest vCPU looping indefinitely.

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.