[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH V13 3/7] xen/arm: Allow hypervisor access to mem_access protected pages



Hi Tamas,

On 06/03/15 21:24, Tamas K Lengyel wrote:
> +/*
> + * If mem_access is in use it might have been the reason why 
> get_page_from_gva
> + * failed to fetch the page, as it uses the MMU for the permission checking.
> + * Only in these cases we do a software-based type check and fetch the page 
> if
> + * we indeed found a conflicting mem_access setting.
> + */
> +static int check_type_get_page(vaddr_t gva, unsigned long flag,
> +                               struct page_info** page)
> +{
> +    long rc;
> +    paddr_t ipa;
> +    unsigned long maddr;
> +    unsigned long mfn;
> +    xenmem_access_t xma;
> +    p2m_type_t t;
> +
> +    rc = gva_to_ipa(gva, &ipa);

I though a bit more about this call.

gva_to_ipa only checks if the mapping has read-permission. That would
allow a guest to write on read-only mapping.

You have to pass the flags to gva_to_ipa in order to avoid
re-introducing XSA-98 [1]

Regards,

[1] http://xenbits.xen.org/xsa/advisory-98.html

-- 
Julien Grall

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.