|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH] add canonical address checks to HVM
>>> Keir Fraser <keir@xxxxxxxxxxxxx> 30.11.06 18:55 >>> >On 29/11/06 15:05, "Jan Beulich" <jbeulich@xxxxxxxxxx> wrote: > >> Add proper long mode canonical address checks to PIO emulation and MSR >> writes, the former paralleling the limit checks added for 32-bit guests. >> Also catches two more cases in the MSR handling code where only ECX >> (rather than RCX) should be used. >> >> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxxxx> > >I wonder if we would be better consistently *removing* the canonical-address >checks? It's not a security issue after all -- the check is done in hardware >only to prevent code from ever depending on being able to use the high >address bits for software flags. I think it is harmless to deviate from >native behaviour on this issue and makes our emulation code smaller and >simpler. I think it might be a security issue: - In MSR writes, are you certain there's not going to be any problem now or in the future when the state gets actually loaded into CPU registers? - In memory accesses, at least until no failures to read/write guest memory are being ignored anymore. Jan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |