[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [v8][PATCH 13/17] xen/mem_access: don't allow accessing reserved device memory
>>> On 01.12.14 at 10:24, <tiejun.chen@xxxxxxxxx> wrote: > --- a/xen/common/mem_access.c > +++ b/xen/common/mem_access.c > @@ -55,6 +55,43 @@ void mem_access_resume(struct domain *d) > } > } > > +/* We can't expose reserved device memory. */ > +static int mem_access_check_rdm(struct domain *d, uint64_aligned_t start, > + uint32_t nr) > +{ > + uint32_t i; > + struct p2m_get_reserved_device_memory pgrdm; > + int rc = 0; > + > + if ( !is_hardware_domain(d) && iommu_use_hap_pt(d) ) Why? > + { > + for ( i = 0; i < nr; i++ ) > + { > + pgrdm.gfn = start + i; > + pgrdm.domain = d; > + rc = > iommu_get_reserved_device_memory(p2m_check_reserved_device_memory, > + &pgrdm); > + if ( rc < 0 ) > + { > + printk(XENLOG_WARNING > + "Domain %d can't check reserved device memory.\n", If I saw this text in a log file, it wouldn't mean anything to me. Additionally this is only partly useful without also listing the offending domain (which isn't d afaict) and the GFN. > + d->domain_id); > + return rc; > + } > + > + if ( rc == 1 ) > + { > + printk(XENLOG_WARNING > + "Domain %d: we shouldn't mem_access reserved device > memory.\n", This one's only marginally better than the one above. > + d->domain_id); > + return rc; > + } > + } > + } > + > + return rc; > +} > + > int mem_access_memop(unsigned long cmd, > XEN_GUEST_HANDLE_PARAM(xen_mem_access_op_t) arg) > { > @@ -99,6 +136,10 @@ int mem_access_memop(unsigned long cmd, > ((mao.pfn + mao.nr - 1) > domain_get_maximum_gpfn(d))) ) > break; > > + rc = mem_access_check_rdm(d, mao.pfn, mao.nr); > + if ( rc == 1 ) > + break; So you decided to return 1 from the hypercall - what is that supposed to mean to an unaware caller? Jan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |