[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v1 3/6] x86: Enable Supervisor Mode Execution Prevention (SMAP) for Xen

On 15/04/14 15:16, Jan Beulich wrote:
>>>> On 15.04.14 at 16:09, <andrew.cooper3@xxxxxxxxxx> wrote:
>> And having just sent this email, I further realise that functions like
>> show_page_walk() need protection against SMAP otherwise we will take a
>> recursive fault when trying to dump the error information from the first
>> fault.  I don't recall any of your other patches dealing with this.
> I don't follow: page table walks are done using map_domain_page(),
> which ought to not produce user mode accessible mappings. Or did
> you mean to say "may" instead of "will", and meant to do this just to
> be on the safe side?
> Jan

Hmm yes - in retrospect we shouldn't actually take faults from domain
mapped pages.

However for the safe side of things, we don't want to be taking
recursive faults in a panic scenario, so it might be a good idea to
preemptively stac() on terminal error paths.


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.