[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 4/4] xen/public: arm: rework the macro set_xen_guest_handle_raw



On 04/11/15 14:29, Ian Campbell wrote:
>>>>> This looses out on the arm32 hypervisor sanity checking that the
>>>>> padding
>>>>> bytes are 0 (as required by the ABI) but TBH I haven't checked that
>>>>> the
>>>>> current version has that property either.
>>>>
>>>> It's done during the assignation by the compiler:
>>>>
>>>> (hnd).q = (uint64_t)(uintptr_t)(val);
>>>
>>> I meant on the reading side.
>>
>> It's the responsibility of the caller to zero the padding. There is
>> nothing to do on the reading side, the hypervisor will use "p" which
>> will be the size of the natural pointer.
> 
> For a 32-bit Xen the check would be that a guest was not inadvertently
> violating this rule, such a guest would crash if it was run on a 64-bit
> hypervisor (which would see the non-zero padding as part of the pointer),
> by rejecting such cases on 32-bit Xen we avoid such guests becoming
> established and therefore presenting a case for us to relax this rule in
> one way or another.

It would add overhead each time we want to copy to/from the guest memory.

TBH, I don't think it's our business to check if the guest properly
filling out the structure. It could happen only when the guest decides
to implement it's own set_guest_handle_macro.

As long as we don't crash the hypervisor it's fine.

Regards,

-- 
Julien Grall

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.