[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH for-4.14] mm: fix public declaration of struct xen_mem_acquire_resource

To: Roger Pau Monné <roger.pau@xxxxxxxxxx>
From: Jan Beulich <jbeulich@xxxxxxxx>
Date: Wed, 24 Jun 2020 12:05:17 +0200
Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Wei Liu <wl@xxxxxxx>, paul@xxxxxxx, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
Delivery-date: Wed, 24 Jun 2020 10:05:27 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 23.06.2020 19:32, Roger Pau Monné wrote:
> On Tue, Jun 23, 2020 at 05:04:53PM +0200, Jan Beulich wrote:
>> On 23.06.2020 15:52, Roger Pau Monne wrote:
>>> XENMEM_acquire_resource and it's related structure is currently inside
>>> a __XEN__ or __XEN_TOOLS__ guarded section to limit it's scope to the
>>> hypervisor or the toolstack only. This is wrong as the hypercall is
>>> already being used by the Linux kernel at least, and as such needs to
>>> be public.
>>
>> Actually - how does this work for the Linux kernel, seeing
>>
>>     rc = rcu_lock_remote_domain_by_id(xmar.domid, &d);
>>     if ( rc )
>>         return rc;
>>
>>     rc = xsm_domain_resource_map(XSM_DM_PRIV, d);
>>     if ( rc )
>>         goto out;
>>
>> in the function?
> 
> It's my understanding (I haven't tried to use that hypercall yet on
> FreeBSD, so I cannot say I've tested it), that xmar.domid is the
> remote domain, which the functions locks and then uses
> xsm_domain_resource_map to check whether the current domain has
> permissions to do privileged operations against it.

Yes, but that's a tool stack operation, not something the kernel
would do all by itself. The kernel would only ever pass DOMID_SELF
(or the actual local domain ID), I would think.

Jan

Follow-Ups:
- Re: [PATCH for-4.14] mm: fix public declaration of struct xen_mem_acquire_resource
  - From: Julien Grall

References:
- [PATCH for-4.14] mm: fix public declaration of struct xen_mem_acquire_resource
  - From: Roger Pau Monne
- Re: [PATCH for-4.14] mm: fix public declaration of struct xen_mem_acquire_resource
  - From: Jan Beulich
- Re: [PATCH for-4.14] mm: fix public declaration of struct xen_mem_acquire_resource
  - From: Roger Pau Monné

Prev by Date: Re: [PATCH v2 4/7] x86/vmx: add do_vmtrace_op
Next by Date: Re: [PATCH for-4.14] mm: fix public declaration of struct xen_mem_acquire_resource
Previous by thread: Re: [PATCH for-4.14] mm: fix public declaration of struct xen_mem_acquire_resource
Next by thread: Re: [PATCH for-4.14] mm: fix public declaration of struct xen_mem_acquire_resource
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.