Re: [Xen-devel] [PATCH RFC 2/2] xen/pvh: enable mmu_update hypercall

[Roger Pau Monné <roger.pau@xxxxxxxxxx>]

El 16/10/14 a les 10.45, Jan Beulich ha escrit:
>>>> On 16.10.14 at 09:53, <tim@xxxxxxx> wrote:
>> At 12:53 +0200 on 15 Oct (1413374025), Roger Pau Monne wrote:
>>> This is needed for performing save/restore of PV guests.
>>
>> On IRC I suggested that this would be OK as long as there were other
>> checks to make sure that the target of all these ops is PV (in
>> particular that a PVH/HVM guest can't end up calling PV MM operations
>> on itself).

Silly question, but shouldn't all this checks already be in place in
case a PV Dom0 tries to execute mmu_update hypercalls against an HVM guest?

> And not just that - I can't even see how this would work at present:
> paging_write_guest_entry() uses
> v->arch.paging.mode->write_guest_entry, yet that actor gets filled
> by shadow code only. I don't currently see how for PVH, requiring
> HAP, this wouldn't end up in NULL dereferences. Am I overlooking
> some (non-grep-able) initialization of this and .cmpxchg_guest_entry?

It "works" because this is only used by the migration code, and the page
that's modified is never of the type PGT_writable_page. Should I look
into implementing this operations for HAP, or should I just prevent it's
usage from do_mmu_update if the caller turns out to be a HAP guest?

Roger.


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel