[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [v8][PATCH 13/17] xen/mem_access: don't allow accessing reserved device memory
On Mon, Dec 01, 2014 at 05:24:31PM +0800, Tiejun Chen wrote: > We can't expost those reserved device memory in case of mem_access s/expost/expose/ > since any access may corrupt device usage. Could you explain this in more details please? > > Signed-off-by: Tiejun Chen <tiejun.chen@xxxxxxxxx> > --- > xen/common/mem_access.c | 41 +++++++++++++++++++++++++++++++++++++++++ > 1 file changed, 41 insertions(+) > > diff --git a/xen/common/mem_access.c b/xen/common/mem_access.c > index 6c2724b..72a807a 100644 > --- a/xen/common/mem_access.c > +++ b/xen/common/mem_access.c > @@ -55,6 +55,43 @@ void mem_access_resume(struct domain *d) > } > } > > +/* We can't expose reserved device memory. */ > +static int mem_access_check_rdm(struct domain *d, uint64_aligned_t start, > + uint32_t nr) > +{ > + uint32_t i; > + struct p2m_get_reserved_device_memory pgrdm; > + int rc = 0; > + > + if ( !is_hardware_domain(d) && iommu_use_hap_pt(d) ) > + { > + for ( i = 0; i < nr; i++ ) > + { > + pgrdm.gfn = start + i; > + pgrdm.domain = d; > + rc = > iommu_get_reserved_device_memory(p2m_check_reserved_device_memory, > + &pgrdm); > + if ( rc < 0 ) > + { > + printk(XENLOG_WARNING > + "Domain %d can't check reserved device memory.\n", > + d->domain_id); > + return rc; > + } > + > + if ( rc == 1 ) > + { > + printk(XENLOG_WARNING > + "Domain %d: we shouldn't mem_access reserved device > memory.\n", > + d->domain_id); > + return rc; > + } > + } > + } > + > + return rc; > +} > + > int mem_access_memop(unsigned long cmd, > XEN_GUEST_HANDLE_PARAM(xen_mem_access_op_t) arg) > { > @@ -99,6 +136,10 @@ int mem_access_memop(unsigned long cmd, > ((mao.pfn + mao.nr - 1) > domain_get_maximum_gpfn(d))) ) > break; > > + rc = mem_access_check_rdm(d, mao.pfn, mao.nr); > + if ( rc == 1 ) > + break; > + > rc = p2m_set_mem_access(d, mao.pfn, mao.nr, start_iter, > MEMOP_CMD_MASK, mao.access); > if ( rc > 0 ) > -- > 1.9.1 > _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |