| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
 Re: [PATCH v1 02/13] xen/arm: introduce a special domain DOMID_SHARED
 
To: Stefano Stabellini <sstabellini@xxxxxxxxxx>From: Julien Grall <julien.grall@xxxxxxxxx>Date: Fri, 15 Apr 2022 23:45:29 +0000Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Bertrand Marquis <Bertrand.Marquis@xxxxxxx>, 	George Dunlap <george.dunlap@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, 	Julien Grall <julien@xxxxxxx>, Penny Zheng <penzhe01@xxxxxxxxxxxxxxxxxxxxxxxx>, 	Penny Zheng <Penny.Zheng@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, 	Wei Chen <Wei.Chen@xxxxxxx>, Wei Liu <wl@xxxxxxx>, nd <nd@xxxxxxx>, 	"xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>Delivery-date: Fri, 15 Apr 2022 23:45:44 +0000List-id: Xen developer discussion <xen-devel.lists.xenproject.org> 
 Hi, --On Fri, 15 Apr 2022, Penny Zheng wrote:> > Hi Stefano,
 > >
 > > On 21/03/2022 20:03, Stefano Stabellini wrote:
 > > > On Mon, 21 Mar 2022, Jan Beulich wrote:
 > > >> On 18.03.2022 22:50, Stefano Stabellini wrote:
 > > >>> On Fri, 18 Mar 2022, Jan Beulich wrote:
 > > >>>> On 11.03.2022 07:11, Penny Zheng wrote:
 > > >>>>> In case to own statically shared pages when owner domain is not
 > > >>>>> explicitly defined, this commits propose a special domain
 > > >>>>> DOMID_SHARED, and we assign it 0x7FF5, as one of the system domains.
 > > >>>>>
 > > >>>>> Statically shared memory reuses the same way of initialization
 > > >>>>> with static memory, hence this commits proposes a new Kconfig
 > > >>>>> CONFIG_STATIC_SHM to wrap related codes, and this option depends
 > > on static memory(CONFIG_STATIC_MEMORY).
 > > >>>>>
 > > >>>>> We intends to do shared domain creation after setup_virt_paging so
 > > >>>>> shared domain could successfully do p2m initialization.
 > > >>>>
 > > >>>> There's nothing said here, in the earlier patch, or in the cover
 > > >>>> letter about the security aspects of this. There is a reason we
 > > >>>> haven't been allowing arbitrary, un-supervised sharing of memory
 > > >>>> between domains. It wants clarifying why e.g. grants aren't an
 > > >>>> option to achieve what you need, and how you mean to establish
 > > >>>> which domains are / aren't permitted to access any individual page
 > > owned by this domain.
 > > >>>
 > > >>>
 > > >>> I'll let Penny write a full reply but I'll chime in to try to help
 > > >>> with the explanation.
 > > >>>
 > > >>> This is not arbitrary un-supervised sharing of memory between
 > > >>> domains, which indeed is concerning.
 > > >>>
 > > >>> This is statically-configured, supervised by the system
 > > >>> configurator, sharing of memory between domains.
 > > >>>
 > > >>> And in fact safety (which is just a different aspect of security) is
 > > >>> one of the primary goals for this work.
 > > >>>
 > > >>> In safety-critical environments, it is not considered safe to
 > > >>> dynamically change important configurations at runtime. Everything
 > > >>> should be statically defined and statically verified.
 > > >>>
 > > >>> In this case, if the system configuration knows a priori that there
 > > >>> are only 2 VM and they need to communication over shared memory, it
 > > >>> is safer to pre-configure the shared memory at build time rather
 > > >>> than let the VMs attempt to share memory at runtime. It is faster too.
 > > >>>
 > > >>> The only way to trigger this static shared memory configuration
 > > >>> should be via device tree, which is at the same level as the XSM
 > > >>> rules themselves.
 > > >>>
 > > >>> Hopefully I made things clearer and not murkier :-)
 > > >>
 > > >> It adds some helpful background, yes, but at the same time it doesn't
 > > >> address the security concern at all: How are access permissions
 > > >> managed when the owning domain is a special one? I haven't spotted
 > > >> any recording of the domains which are actually permitted to map /
 > > >> access the pages in questions. (But of course I also only looked at
 > > >> non-Arm-specific code. I'd expect such code not to live in arch-
 > > >> specific files.)
 > > >
 > > > All this static memory sharing is statically done at __init time only.
 > > > It should not be possible to trigger any further memory sharing at
 > > > runtime (if there is, that would be a bug).
 > >
 > > Looking at the code, get_pg_owner() will be able to handle DOMID_SHARED.
 > > So anyone that is permitted to access DOMID_SHARED will be able to map any
 > > memory region at runtime.
 > >
 > > > There are no new interfaces for the guest to map this memory because
 > > > it is already "pre-mapped".
 > >
 > > It can via XENMAPSPACE_gmfn_foreign (assuming proper permission).
 > >
 >
 > Correct me if I'm wrong:
 > The existing XENMAPSPACE_gmfn_foreign only allows privileged Dom0 to map
 > memory pages from one foreign DomU to itself. So It can happen that Dom0 is
 > using XENMAPSPACE_gmfn_foreign to (maliciously?) access shared memory owned
 > by DOMID_SHARED, and for now only Dom0 could.
 
 No, currently there is no protection against dom0 doing malicious
 operations. Dom0 can poweroff the entire system.
 
 This is the classic argument… Yes, on a default setup, dom0 is fully trusted today. However there are way to reduce the trust via XSM. 
 For new interfaces we should also try to avoid  considering dom0 as fully trusted whenever it is possible. This is one of the example where I think this should be done. The more if we use DOMID_IO as we may add more than shared pages there… 
 
 If we are certain that only dom0 (and not other domains) can use
 XENMAPSPACE_gmfn_foreign to access shared memory owned by DOMID_SHARED
 then we are good. Looking at the code, and also considering that we have
 agreed to move to DOMID_IO, get_pg_owner can already handle DOMID_IO.
 
 AFAIK, dom0 cannot map DOMID_IO page for now because get_page_from_gfn would not work. This would change with this approach.
 
 
 Next is the xsm_map_gmfn_foreign(XSM_TARGET, d, od) check, which would
 fail unless the asking domain is privileged over the target domain.
 xsm_map_gmfn_foreign would fail for all domains except dom0.
 
 This depends your XSM policy. In this case, think we need to prevent runtime mapping via the hypercall interface. We can relax it afterwards if we have use cases for it.
 
 
 So I think we are OK. I don't think we need to do anything else.
 
 
 Cheers,
 Julien Grall 
 |