[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v1 2/6] x86: Temporary disable SMAP to legally access user pages in kernel mode



> From: Wu, Feng
> Sent: Tuesday, April 15, 2014 2:21 PM
> 
> > -----Original Message-----
> > From: Tian, Kevin
> > Sent: Tuesday, April 15, 2014 2:08 PM
> > To: Wu, Feng; JBeulich@xxxxxxxx; Ian.Campbell@xxxxxxxxxx;
> > xen-devel@xxxxxxxxxxxxx
> > Cc: Wu, Feng; Dong, Eddie; Nakajima, Jun
> > Subject: RE: [Xen-devel] [PATCH v1 2/6] x86: Temporary disable SMAP to
> legally
> > access user pages in kernel mode
> >
> > > From: Feng Wu
> > > Sent: Tuesday, April 15, 2014 9:02 PM
> > >
> > > Use STAC/CLAC to temporary disable SMAP to allow legal accesses to
> > > user pages in kernel mode
> > >
> > > Signed-off-by: Feng Wu <feng.wu@xxxxxxxxx>
> > > ---
> > >  xen/arch/x86/clear_page.S           |  3 +++
> > >  xen/arch/x86/domain_build.c         | 16 ++++++++++++++++
> > >  xen/arch/x86/usercopy.c             |  6 ++++++
> > >  xen/arch/x86/x86_64/compat/entry.S  |  2 ++
> > >  xen/arch/x86/x86_64/entry.S         |  4 ++++
> > >  xen/include/asm-x86/uaccess.h       |  4 ++++
> > >  xen/include/asm-x86/x86_64/system.h |  2 ++
> > >  7 files changed, 37 insertions(+)
> > >
> > > diff --git a/xen/arch/x86/domain_build.c b/xen/arch/x86/domain_build.c
> > > index 84ce392..1ba138b 100644
> > > --- a/xen/arch/x86/domain_build.c
> > > +++ b/xen/arch/x86/domain_build.c
> > > @@ -789,8 +789,10 @@ int __init construct_dom0(
> > >              rc = -1;
> > >              goto out;
> > >          }
> > > +        stac();
> > >          hypercall_page_initialise(
> > >              d, (void *)(unsigned long)parms.virt_hypercall);
> > > +        clac();
> > >      }
> >
> > construct_dom0 happens before dom0 starts execution. It should be fine to
> > keep AC cleared in the whole phase.
> 
> construct_dom0() accesses user pages in the supervisor mode, so I added the
> stac()/clac()
> one by one, otherwise, Xen hypervisor will receive an SMAP violation.
> 

I meant you can do once to enable user page accesses, and then disable it
at end of construct_dom0. There should be no security concern at this stage.

Thanks
Kevin

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.