[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH for-4.5 v10 15/19] xen/arm: Temporarily disable mem_access for hypervisor access
On Thu, Sep 25, 2014 at 6:19 PM, Julien Grall <julien.grall@xxxxxxxxxx> wrote: Hello Tamas, In the thread I mentioned in the previous discussion, on x86 mem_access doesn't trap on accesses performed by the hypervisor or if another domain is accessing the memory via grants. On x86 mem_access is purely EPT traps that the guest caused. This is not ideal and in the future it could be extended to make mem_access into a real memory-protection system, not just a memory-protection system against the particular guest, but that would require significant more work. The problem is that memory accesses are re-tried automatically after the second-stage trap was hit and the permission are cleared. Here we would need to make the hypervisor wait for a mem_access reply before it can continue (or fail), and that has a lot of pitfalls (faulty mem_access listener etc..).
I could check if access_in_use is flipped and only do the translation+lookup then.
That is a problem. The only way around that I see is to pause the domain for the duration of this copy in case the mem_access permissions need to be disabled.
So you mean only check the mem_access permissions when we failed to get the page. I'm not sure what you propose afterwards. If there is a mem_access restriction, just return an -errno? It would mean if a mem_access listener is trapped that page than the guest can't execute the hypercall. Since we would also want this system to be invisible to the guest, that I'm affraid is not a good approach. Tamas
_______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |