[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen staging] memory: restrict XENMEM_remove_from_physmap to translated guests

commit f3694f3acba92d46479e2455fd74b32799a9eb02
Author:     Jan Beulich <jbeulich@xxxxxxxx>
AuthorDate: Mon May 13 17:49:39 2019 +0200
Commit:     Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Mon May 13 17:49:39 2019 +0200

    memory: restrict XENMEM_remove_from_physmap to translated guests
    
    The commit re-introducing it (14eb3b41d0 ["xen: reinstate previously
    unused XENMEM_remove_from_physmap hypercall"]) as well as the one having
    originally introduced it (d818f3cb7c ["hvm: Use main memory for video
    memory"]) and the one then purging it again (78c3097e4f ["Remove unused
    XENMEM_remove_from_physmap"]) make clear that this operation is intended
    for use on HVM (i.e. translated) guests only. Restrict it at least as
    much, because for PV guests documentation (in the public header) does
    not even match the implementation: It talks about GPFN as input, but
    get_page_from_gfn() assumes a GMFN in the non-translated case (and hands
    back the value passed in).
    
    Also lift the check in XENMEM_add_to_physmap{,_batch} handling up
    directly into top level hypercall handling, and clarify things in the
    public header accordingly.
    
    Take the liberty and also replace a pointless use of "current" with a
    more efficient use of an existing local variable (or function parameter
    to be precise).
    
    Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
    Reviewed-by: Julien Grall <julien.grall@xxxxxxx>
    Reviewed-by: George Dunlap <george.dunlap@xxxxxxxxxx>
---
 xen/arch/x86/mm.c           |  3 ---
 xen/common/memory.c         | 11 +++++++++--
 xen/include/public/memory.h |  4 ++--
 3 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/xen/arch/x86/mm.c b/xen/arch/x86/mm.c
index da3bcf7805..2f620d9aeb 100644
--- a/xen/arch/x86/mm.c
+++ b/xen/arch/x86/mm.c
@@ -4464,9 +4464,6 @@ int xenmem_add_to_physmap_one(
     mfn_t mfn = INVALID_MFN;
     p2m_type_t p2mt;
 
-    if ( !paging_mode_translate(d) )
-        return -EACCES;
-
     switch ( space )
     {
         case XENMAPSPACE_shared_info:
diff --git a/xen/common/memory.c b/xen/common/memory.c
index 20609e153d..edf6aaaa13 100644
--- a/xen/common/memory.c
+++ b/xen/common/memory.c
@@ -813,6 +813,8 @@ int xenmem_add_to_physmap(struct domain *d, struct 
xen_add_to_physmap *xatp,
     long rc = 0;
     union xen_add_to_physmap_batch_extra extra;
 
+    ASSERT(paging_mode_translate(d));
+
     if ( xatp->space != XENMAPSPACE_gmfn_foreign )
         extra.res0 = 0;
     else
@@ -995,12 +997,15 @@ static int get_reserved_device_memory(xen_pfn_t start, 
xen_ulong_t nr,
 
 static long xatp_permission_check(struct domain *d, unsigned int space)
 {
+    if ( !paging_mode_translate(d) )
+        return -EACCES;
+
     /*
      * XENMAPSPACE_dev_mmio mapping is only supported for hardware Domain
      * to map this kind of space to itself.
      */
     if ( (space == XENMAPSPACE_dev_mmio) &&
-         (!is_hardware_domain(current->domain) || (d != current->domain)) )
+         (!is_hardware_domain(d) || (d != current->domain)) )
         return -EACCES;
 
     return xsm_add_to_physmap(XSM_TARGET, current->domain, d);
@@ -1384,7 +1389,9 @@ long do_memory_op(unsigned long cmd, 
XEN_GUEST_HANDLE_PARAM(void) arg)
         if ( d == NULL )
             return -ESRCH;
 
-        rc = xsm_remove_from_physmap(XSM_TARGET, curr_d, d);
+        rc = paging_mode_translate(d)
+             ? xsm_remove_from_physmap(XSM_TARGET, curr_d, d)
+             : -EACCES;
         if ( rc )
         {
             rcu_unlock_domain(d);
diff --git a/xen/include/public/memory.h b/xen/include/public/memory.h
index 8638023e4a..68ddadbea8 100644
--- a/xen/include/public/memory.h
+++ b/xen/include/public/memory.h
@@ -231,7 +231,7 @@ DEFINE_XEN_GUEST_HANDLE(xen_machphys_mapping_t);
 
 /*
  * Sets the GPFN at which a particular page appears in the specified guest's
- * pseudophysical address space.
+ * physical address space (translated guests only).
  * arg == addr of xen_add_to_physmap_t.
  */
 #define XENMEM_add_to_physmap      7
@@ -298,7 +298,7 @@ DEFINE_XEN_GUEST_HANDLE(xen_add_to_physmap_range_t);
 
 /*
  * Unmaps the page appearing at a particular GPFN from the specified guest's
- * pseudophysical address space.
+ * physical address space (translated guests only).
  * arg == addr of xen_remove_from_physmap_t.
  */
 #define XENMEM_remove_from_physmap      15
--
generated by git-patchbot for /home/xen/git/xen.git#staging

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/xen-changelog

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.