[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Xen-devel] [RFC PATCH 2/2] x86/mm: Add mem access rights to NPT
On 6/13/19 6:19 PM, Tamas Lengyel wrote:
On Wed, Sep 26, 2018 at 10:49 AM George Dunlap <george.dunlap@xxxxxxxxxx> wrote:
From: Isaila Alexandru <aisaila@xxxxxxxxxxxxxxx>
This patch adds access control for NPT mode.
There aren’t enough extra bits to store the access rights in the NPT p2m
table, so we add a radix tree to store extra information.
For efficiency:
- Only allocate this radix tree when we first store "non-default"
extra information
- Remove entires which match the default extra information rather
than continuing to store them
- For superpages, only store an entry for the first gfn in the
superpage. Use the order of the p2m entry being read to determine
the proper place to look in the radix table.
Modify p2m_type_to_flags() to accept and interpret an access value,
parallel to the ept code.
Add a set_default_access() method to the p2m-pt and p2m-ept versions
of the p2m rather than setting it directly, to deal with different
default permitted access values.
Signed-off-by: Alexandru Isaila <aisaila@xxxxxxxxxxxxxxx>
Signed-off-by: George Dunlap <george.dunlap@xxxxxxxxxx>
The mem_access/monitor bits are fairly trivial:
Acked-by: Tamas K Lengyel <tamas@xxxxxxxxxxxxx>
---
NB, this is compile-tested only.
Are you planning to do some actual testing? I would highly recommend
that we see real test results before this is merged to verify
functionality.
We did do some testing with xen-access at the time, but limited testing
with the actual full-blown introspection agent (because not all the
needed pieces align yet).
Things did appear to work as intended.
Thanks,
Razvan
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel
|
