|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH] Xen: Use the ioreq-server API when available
Il 10/10/2014 16:52, Paul Durrant ha scritto: >> -----Original Message----- >> From: Stefano Stabellini [mailto:stefano.stabellini@xxxxxxxxxxxxx] >> Sent: 10 October 2014 15:40 >> To: Paul Durrant >> Cc: qemu-devel@xxxxxxxxxx; xen-devel@xxxxxxxxxxxxxxxxxxxx; Michael S. >> Tsirkin; Stefano Stabellini; Peter Maydell; Paolo Bonzini; Michael Tokarev; >> Stefan Hajnoczi; Stefan Weil; Andreas Faerber"; Thomas Huth; Peter >> Crosthwaite; Eduardo Habkost; Gerd Hoffmann; Alexey Kardashevskiy; >> Alexander Graf >> Subject: Re: [PATCH] Xen: Use the ioreq-server API when available >> >> On Fri, 10 Oct 2014, Paul Durrant wrote: >>> The ioreq-server API added to Xen 4.5 offers better security than >>> the existing Xen/QEMU interface because the shared pages that are >>> used to pass emulation request/results back and forth are removed >>> from the guest's memory space before any requests are serviced. >>> This prevents the guest from mapping these pages (they are in a >>> well known location) and attempting to attack QEMU by synthesizing >>> its own request structures. Hence, this patch modifies configure >>> to detect whether the API is available, and adds the necessary >>> code to use the API if it is. >>> >>> The ioreq-server API does require that PCI device models explicitly >>> register with Xen for config space accesses, so to use the API the >>> code in xen-hvm.c needs to be informed as PCI devices are added or >>> removed from PCI buses. This patch therefore also adds a PCI bus >>> listener interface akin to the memory listener interface to fulfil >>> this need. >>> >>> Signed-off-by: Paul Durrant <paul.durrant@xxxxxxxxxx> >>> Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> >>> Cc: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> >>> Cc: Peter Maydell <peter.maydell@xxxxxxxxxx> >>> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> >>> Cc: Michael Tokarev <mjt@xxxxxxxxxx> >>> Cc: Stefan Hajnoczi <stefanha@xxxxxxxxxx> >>> Cc: Stefan Weil <sw@xxxxxxxxxxx> >>> Cc: Andreas Faerber" <afaerber@xxxxxxx> >>> Cc: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> >>> Cc: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> >>> Cc: Eduardo Habkost <ehabkost@xxxxxxxxxx> >>> Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> >>> Cc: Alexey Kardashevskiy <aik@xxxxxxxxx> >>> Cc: Alexander Graf <agraf@xxxxxxx> >>> --- >>> configure | 29 ++++++ >>> hw/pci/pci.c | 65 ++++++++++++ >>> include/hw/pci/pci.h | 9 ++ >>> include/qemu/typedefs.h | 1 + >>> trace-events | 8 ++ >>> xen-hvm.c | 251 >> +++++++++++++++++++++++++++++++++++++++++++---- >>> 6 files changed, 345 insertions(+), 18 deletions(-) >> >> Please split this patch into two: one to introduce the PCI listener >> stuff and another for the Xen specific changes. >> > > Originally it was, but I was uneasy about introducing an interface with no > consumers. Is that generally acceptable? It is the suggested way as long as the two patches are part of the same series. Paolo _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |