[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] x86/altp2m: Add a subop for obtaining the mem access of a page

To: "Razvan Cojocaru" <rcojocaru@xxxxxxxxxxxxxxx>
From: "Jan Beulich" <JBeulich@xxxxxxxx>
Date: Mon, 02 Jul 2018 00:34:21 -0600
Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, Adrian Pop <apop@xxxxxxxxxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>, Tim Deegan <tim@xxxxxxx>, Julien Grall <julien.grall@xxxxxxx>, tamas@xxxxxxxxxxxxx, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
Delivery-date: Mon, 02 Jul 2018 06:34:28 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

>>> On 29.06.18 at 18:39, <rcojocaru@xxxxxxxxxxxxxxx> wrote:
> On 06/29/2018 06:38 PM, Jan Beulich wrote:
>>>>> On 28.06.18 at 15:00, <apop@xxxxxxxxxxxxxxx> wrote:
>>> @@ -4666,6 +4667,23 @@ static int do_altp2m_op(
>>>          }
>>>          break;
>>>  
>>> +    case HVMOP_altp2m_get_mem_access:
>>> +        if ( a.u.mem_access.pad )
>>> +            rc = -EINVAL;
>>> +        else
>>> +        {
>>> +            xenmem_access_t access;
>>> +
>>> +            rc = p2m_get_mem_access(d, _gfn(a.u.mem_access.gfn), &access,
>>> +                                    a.u.mem_access.view);
>>> +            if ( !rc )
>>> +            {
>>> +                a.u.mem_access.hvmmem_access = access;
>>> +                rc = __copy_to_guest(arg, &a, 1) ? -EFAULT : 0;
>> 
>> __copy_field_to_guest()? Or wait, no, the function argument is still a
>> handle of void.
>> 
>> And then - here we are again: Is it reasonable to permit a domain inquiring
>> for itself?
> 
> A good question. Perhaps the following are decision factors:
> 
> 1. It is already possible for a domain to set mem_access restrictions
> (via HVMOP_altp2m_set_mem_access) on itself.

Which, as before, I consider a flaw.

> 2. Tamas' patch allows setting this externally:
> 
> https://patchwork.kernel.org/patch/9639779/ 
> 
> Specifically, we have altp2m = disabled, mixed, external and limited to
> control who is allowed to do what:
> 
> https://xenbits.xen.org/docs/unstable/man/xl.cfg.5.html 

Indeed this has at least made the situation less bad.

Jan



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH] x86/altp2m: Add a subop for obtaining the mem access of a page
  - From: George Dunlap
- Re: [Xen-devel] [PATCH] x86/altp2m: Add a subop for obtaining the mem access of a page
  - From: Razvan Cojocaru

Prev by Date: Re: [Xen-devel] xen crash with 4.17 kernel on Fedora
Next by Date: Re: [Xen-devel] [PATCH v2] x86/mm: Add mem access rights to NPT
Previous by thread: Re: [Xen-devel] [PATCH for-4.11 v2 3/3] VMX: check host CR0 before entering guest
Next by thread: Re: [Xen-devel] [PATCH] x86/altp2m: Add a subop for obtaining the mem access of a page
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.