[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 00/14] XSA-277 followup

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
From: Tamas K Lengyel <tamas@xxxxxxxxxxxxx>
Date: Wed, 21 Nov 2018 10:19:56 -0700
Cc: Kevin Tian <kevin.tian@xxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, Jun Nakajima <jun.nakajima@xxxxxxxxx>, Razvan Cojocaru <rcojocaru@xxxxxxxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxxxxx>, Tim Deegan <tim@xxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxx>, Julien Grall <julien.grall@xxxxxxx>, Paul Durrant <paul.durrant@xxxxxxxxxx>, Jan Beulich <JBeulich@xxxxxxxx>, Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx>, Brian Woods <brian.woods@xxxxxxx>, Suravee Suthikulpanit <suravee.suthikulpanit@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
Delivery-date: Wed, 21 Nov 2018 17:20:58 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Wed, Nov 21, 2018 at 6:21 AM Andrew Cooper <andrew.cooper3@xxxxxxxxxx> wrote:
>
> This covers various fixes related to XSA-277 which weren't in security
> supported areas, and associated cleanup.
>
> The biggest issue noticed here is that altp2m's use of hardware #VE support
> will cause general memory corruption if the guest ever balloons out the VEINFO
> page.  The only safe way I think of doing this is for Xen to alloc annonymous
> domheap pages for the VEINFO, and for the guest to map them in a similar way
> to the shared info and grant table frames.

Since ballooning presents all sorts of problems when used with altp2m
I would suggest just making the two explicitly incompatible during
domain creation. Beside the info page being possibly ballooned out the
other problem is when ballooning causes altp2m views to be reset
completely, removing mem_access permissions and remapped entries.

Tamas

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH 00/14] XSA-277 followup
  - From: Andrew Cooper

References:
- [Xen-devel] [PATCH 00/14] XSA-277 followup
  - From: Andrew Cooper

Prev by Date: Re: [Xen-devel] [PATCH v6 07/11] libxl_dm: Pre-open QMP socket for QEMU
Next by Date: [Xen-devel] [xen-4.11-testing test] 130614: trouble: blocked/broken/fail/pass
Previous by thread: Re: [Xen-devel] [PATCH 10/14] x86/mm: Switch {get, put}_gfn() infrastructure to using gfn_t
Next by thread: Re: [Xen-devel] [PATCH 00/14] XSA-277 followup
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.