|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-ia64-devel] PATCH: cleanup of tlbflush
Le Jeudi 11 Mai 2006 10:24, Tian, Kevin a écrit : > From: Tristan Gingold [mailto:Tristan.Gingold@xxxxxxxx] > > >Sent: 2006年5月11日 16:04 > > > >> I think the logic here is simple: domain assigns a virtual address to > > > >map > > > >> granted frame, and then later domain itself passes in same virtual > > > >address > > > >> to unmap granted frame. Xen simply helps domain upon its request. > > > >However we can't trust domU. This model is too simple from a security > >point > >of view. > > No one talks about trusting domU. I'm not digging into xen/x86's code > to see how they prevent such malicious behavior by passing an incorrect > virtual address at domain unmap request. Maybe the solution is there, > maybe not. Anyway it's a common security issue, not specific to ia64. No, it is specific to ia64, because x86 purges the tlb. Our main problem is purge time: it is a simple instruction on x86 (reloading cr3, maybe through IPI), while a lot of works on ia64. > Please do things step by step. First to purge vhpt entry by gva based > on current grant table arch, and then propose to xen-devel for common > solution later if there. Tristan. _______________________________________________ Xen-ia64-devel mailing list Xen-ia64-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-ia64-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |