|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH v0 3/3] xenpaging: updated code to use safer mem_event API's for setup and teardown.
tools/libxc/xc_mem_paging.c: updated mem_paging enable and disable API's to use
the mem event enable and disable routines. The mem event API's take care of
security issues mentioned in XSA-99 and also provide more coarse grained
behaviour.
tools/xenpaging/xenpaging.c: added calls to the new API's and removed the code
which duplicated the new API behaviour.
Signed-off-by: Dushyant Behl <myselfdushyantbehl@xxxxxxxxx>
---
tools/libxc/xc_mem_paging.c | 34 ++++++++++++++---------------
tools/libxc/xenctrl.h | 14 ++++++++++--
tools/xenpaging/xenpaging.c | 52 ++++++---------------------------------------
3 files changed, 36 insertions(+), 64 deletions(-)
diff --git a/tools/libxc/xc_mem_paging.c b/tools/libxc/xc_mem_paging.c
index 8aa7d4d..826bdb7 100644
--- a/tools/libxc/xc_mem_paging.c
+++ b/tools/libxc/xc_mem_paging.c
@@ -23,28 +23,28 @@
#include "xc_private.h"
-
+/*
+ * Enables mem_paging and sets arg ring page equal to mapped page.
+ * Will return 0 on success and -errno on error.
+ */
int xc_mem_paging_enable(xc_interface *xch, domid_t domain_id,
- uint32_t *port)
+ uint32_t *port, void *ring_page,
+ mem_event_back_ring_t *back_ring)
{
- if ( !port )
- {
- errno = EINVAL;
- return -1;
- }
-
- return xc_mem_event_control(xch, domain_id,
- XEN_DOMCTL_MEM_EVENT_OP_PAGING_ENABLE,
- XEN_DOMCTL_MEM_EVENT_OP_PAGING,
- port);
+ return xc_mem_event_enable(xch, domain_id,
+ HVM_PARAM_PAGING_RING_PFN,
+ port, ring_page, back_ring);
}
-int xc_mem_paging_disable(xc_interface *xch, domid_t domain_id)
+/*
+ * Disable mem_paging and unmap ring page.
+ * Will return 0 on success and -errno on error.
+ */
+int xc_mem_paging_disable(xc_interface *xch, domid_t domain_id, void
*ring_page)
{
- return xc_mem_event_control(xch, domain_id,
- XEN_DOMCTL_MEM_EVENT_OP_PAGING_DISABLE,
- XEN_DOMCTL_MEM_EVENT_OP_PAGING,
- NULL);
+ return xc_mem_event_teardown(xch, domain_id,
+ HVM_PARAM_ACCESS_RING_PFN,
+ ring_page);
}
int xc_mem_paging_nominate(xc_interface *xch, domid_t domain_id, unsigned long
gfn)
diff --git a/tools/libxc/xenctrl.h b/tools/libxc/xenctrl.h
index cfd6019..6acbfa9 100644
--- a/tools/libxc/xenctrl.h
+++ b/tools/libxc/xenctrl.h
@@ -2244,8 +2244,18 @@ int xc_tmem_restore_extra(xc_interface *xch, int dom,
int fd);
* Hardware-Assisted Paging (i.e. Intel EPT, AMD NPT). Moreover, AMD NPT
* support is considered experimental.
*/
-int xc_mem_paging_enable(xc_interface *xch, domid_t domain_id, uint32_t *port);
-int xc_mem_paging_disable(xc_interface *xch, domid_t domain_id);
+/*
+ * Enables mem_paging and sets arg ring page equal to mapped page.
+ * returns 0 on success and -errno on error.
+ */
+int xc_mem_paging_enable(xc_interface *xch, domid_t domain_id,
+ uint32_t *port, void *ring_page,
+ mem_event_back_ring_t *back_ring);
+/*
+ * Disables mem_paging and unmaps ring page.
+ * returns 0 on success and -errno on error.
+ */
+int xc_mem_paging_disable(xc_interface *xch, domid_t domain_id, void
*ring_page);
int xc_mem_paging_nominate(xc_interface *xch, domid_t domain_id,
unsigned long gfn);
int xc_mem_paging_evict(xc_interface *xch, domid_t domain_id, unsigned long
gfn);
diff --git a/tools/xenpaging/xenpaging.c b/tools/xenpaging/xenpaging.c
index 82c1ee4..4a841bf 100644
--- a/tools/xenpaging/xenpaging.c
+++ b/tools/xenpaging/xenpaging.c
@@ -337,40 +337,12 @@ static struct xenpaging *xenpaging_init(int argc, char
*argv[])
PERROR("Could not bind to xenpaging watch\n");
goto err;
}
-
- /* Map the ring page */
- xc_get_hvm_param(xch, paging->mem_event.domain_id,
- HVM_PARAM_PAGING_RING_PFN, &ring_pfn);
- mmap_pfn = ring_pfn;
- paging->mem_event.ring_page =
- xc_map_foreign_batch(xch, paging->mem_event.domain_id,
- PROT_READ | PROT_WRITE, &mmap_pfn, 1);
- if ( mmap_pfn & XEN_DOMCTL_PFINFO_XTAB )
- {
- /* Map failed, populate ring page */
- rc = xc_domain_populate_physmap_exact(paging->xc_handle,
- paging->mem_event.domain_id,
- 1, 0, 0, &ring_pfn);
- if ( rc != 0 )
- {
- PERROR("Failed to populate ring gfn\n");
- goto err;
- }
-
- mmap_pfn = ring_pfn;
- paging->mem_event.ring_page =
- xc_map_foreign_batch(xch, paging->mem_event.domain_id,
- PROT_READ | PROT_WRITE, &mmap_pfn, 1);
- if ( mmap_pfn & XEN_DOMCTL_PFINFO_XTAB )
- {
- PERROR("Could not map the ring page\n");
- goto err;
- }
- }
- /* Initialise Xen */
+ /* Enable mem paging and initialize shared ring to communicate with xen. */
rc = xc_mem_paging_enable(xch, paging->mem_event.domain_id,
- &paging->mem_event.evtchn_port);
+ &paging->mem_event.evtchn_port,
+ paging->mem_event.ring_page,
+ &paging->mem_event.back_ring);
if ( rc != 0 )
{
switch ( errno ) {
@@ -413,17 +385,6 @@ static struct xenpaging *xenpaging_init(int argc, char
*argv[])
paging->mem_event.port = rc;
- /* Initialise ring */
- SHARED_RING_INIT((mem_event_sring_t *)paging->mem_event.ring_page);
- BACK_RING_INIT(&paging->mem_event.back_ring,
- (mem_event_sring_t *)paging->mem_event.ring_page,
- PAGE_SIZE);
-
- /* Now that the ring is set, remove it from the guest's physmap */
- if ( xc_domain_decrease_reservation_exact(xch,
- paging->mem_event.domain_id, 1, 0, &ring_pfn) )
- PERROR("Failed to remove ring from guest physmap");
-
/* Get max_pages from guest if not provided via cmdline */
if ( !paging->max_pages )
{
@@ -523,9 +484,10 @@ static void xenpaging_teardown(struct xenpaging *paging)
xs_unwatch(paging->xs_handle, "@releaseDomain", watch_token);
paging->xc_handle = NULL;
+
/* Tear down domain paging in Xen */
- munmap(paging->mem_event.ring_page, PAGE_SIZE);
- rc = xc_mem_paging_disable(xch, paging->mem_event.domain_id);
+ rc = xc_mem_paging_disable(xch, paging->mem_event.domain_id,
+ paging->mem_event.ring_page);
if ( rc != 0 )
{
PERROR("Error tearing down domain paging in xen");
--
1.9.1
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |