[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [Xen-ia64-devel] domU address space
Kouya Shimura wrote: > tgingold@xxxxxxx writes: >>> Do we have checks when inserting guest TLB for PV dom? Seems not, >> >> Yes, we do. See vcpu.c:check_xen_space_overlap > > It's only for xen area (region 7). domU can use full 60 bit VA on > other region in spite of IMPL_VA_MSB = 50. Yes, Shimura san, thanks! So the hole is still there. > > Eddie, > Ideally we should check it. > But current xen implementation requires full 64bit VA and there is no > such an Itanium2 with IMPL_VA_MSB <60. (except VTi) So mis-using TLB > cannot be. (i.e. unimplemented VA fault never be happened) Yes. That is why we are lucky so far :) While from architecture point of view we need to fix it. > > If we support xen on xen, it should be fixed in order to prevent a > guest xen crashing. :) Yes, thanks! Besides running Xen on Xen, there is issue here with current solution. If we don;t check guest VA bits at emulating guest TLB insertion time per architecture requirement, i.e. check IMPL_VA_MSB, a malicious guest can mis-lead hypervisor to die if the guest use same VA (but in different region) with hypervisor if rid of this region is same with region 7. We can simply fix this in check_xen_space_overlap as temp solution, or implement a full solution to check IMPL_VA_MSB. I prefer later one since it is not complicated to check VA bits #. Converting (alt)tlb_miss to unimplemented VA bits fault can be another task since it only infect guest itself (not Xen). thx, eddie _______________________________________________ Xen-ia64-devel mailing list Xen-ia64-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-ia64-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |