[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen-3.2-testing] x86: Fix GRANT_PTE_FLAGS.

# HG changeset patch
# User Keir Fraser <keir.fraser@xxxxxxxxxx>
# Date 1225804511 0
# Node ID 2d5d030ea5501e797848d5269cb8801a927bcdc4
# Parent  9f8ba7a4c8afc21f3ba2978040cdb6537d02bfb3
x86: Fix GRANT_PTE_FLAGS.

Since page table entries created through e.g. GNTTABOP_map_grant_ref
are being passed through adjust_guest_l1e(), they must not generally
get _PAGE_USER set - this will be taken care of by adjust_guest_l1e(),
and it will ensure that these don't get _PAGE_GLOBAL set
inadvertently.

Due to the implied security aspect here (_PAGE_GLOBAL getting set on
kernel pages for x86-64), I'd like to ask that this also be applied to
older maintained branches.

At the same time, set _PAGE_NX for pte-s created for grants (as long
as hardware supports it), since it should be only data pages that
remote
domains are being given access to.

Signed-off-by: Jan Beulich <jbeulich@xxxxxxxxxx>
xen-unstable changeset:   18748:4ec25db9326a7e7f64a8471cbfd7b5852484757c
xen-unstable date:        Mon Nov 03 10:32:54 2008 +0000
---
 xen/include/asm-x86/page.h        |    3 +++
 xen/include/asm-x86/x86_32/page.h |    3 ---
 xen/include/asm-x86/x86_64/page.h |    3 ---
 3 files changed, 3 insertions(+), 6 deletions(-)

diff -r 9f8ba7a4c8af -r 2d5d030ea550 xen/include/asm-x86/page.h
--- a/xen/include/asm-x86/page.h        Tue Nov 04 13:14:45 2008 +0000
+++ b/xen/include/asm-x86/page.h        Tue Nov 04 13:15:11 2008 +0000
@@ -327,6 +327,9 @@ void setup_idle_pagetable(void);
 #define __PAGE_HYPERVISOR_NOCACHE \
     (_PAGE_PRESENT | _PAGE_RW | _PAGE_DIRTY | _PAGE_PCD | _PAGE_ACCESSED)
 
+#define GRANT_PTE_FLAGS \
+    (_PAGE_PRESENT | _PAGE_ACCESSED | _PAGE_DIRTY | _PAGE_NX | _PAGE_GNTTAB)
+
 #ifndef __ASSEMBLY__
 
 static inline int get_order_from_bytes(paddr_t size)
diff -r 9f8ba7a4c8af -r 2d5d030ea550 xen/include/asm-x86/x86_32/page.h
--- a/xen/include/asm-x86/x86_32/page.h Tue Nov 04 13:14:45 2008 +0000
+++ b/xen/include/asm-x86/x86_32/page.h Tue Nov 04 13:15:11 2008 +0000
@@ -29,9 +29,6 @@ extern unsigned int PAGE_HYPERVISOR_NOCA
 extern unsigned int PAGE_HYPERVISOR_NOCACHE;
 #endif
 
-#define GRANT_PTE_FLAGS \
-    (_PAGE_PRESENT|_PAGE_ACCESSED|_PAGE_DIRTY|_PAGE_GNTTAB)
-
 /*
  * Disallow unused flag bits plus PAT/PSE, PCD, PWT and GLOBAL.
  * Permit the NX bit if the hardware supports it.
diff -r 9f8ba7a4c8af -r 2d5d030ea550 xen/include/asm-x86/x86_64/page.h
--- a/xen/include/asm-x86/x86_64/page.h Tue Nov 04 13:14:45 2008 +0000
+++ b/xen/include/asm-x86/x86_64/page.h Tue Nov 04 13:15:11 2008 +0000
@@ -124,9 +124,6 @@ typedef l4_pgentry_t root_pgentry_t;
 #define PAGE_HYPERVISOR         (__PAGE_HYPERVISOR         | _PAGE_GLOBAL)
 #define PAGE_HYPERVISOR_NOCACHE (__PAGE_HYPERVISOR_NOCACHE | _PAGE_GLOBAL)
 
-#define GRANT_PTE_FLAGS \
-    (_PAGE_PRESENT|_PAGE_ACCESSED|_PAGE_DIRTY|_PAGE_GNTTAB|_PAGE_USER)
-
 #define USER_MAPPINGS_ARE_GLOBAL
 #ifdef USER_MAPPINGS_ARE_GLOBAL
 /*

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.