[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH V13 3/7] xen/arm: Allow hypervisor access to mem_access protected pages

To: Tamas K Lengyel <tklengyel@xxxxxxxxxxxxx>, xen-devel@xxxxxxxxxxxxx
From: Julien Grall <julien.grall@xxxxxxxxxx>
Date: Thu, 12 Mar 2015 13:50:14 +0000
Cc: wei.liu2@xxxxxxxxxx, ian.campbell@xxxxxxxxxx, stefano.stabellini@xxxxxxxxxxxxx, ian.jackson@xxxxxxxxxxxxx, tim@xxxxxxx, stefano.stabellini@xxxxxxxxxx, jbeulich@xxxxxxxx, keir@xxxxxxx
Delivery-date: Thu, 12 Mar 2015 13:50:54 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

Hi Tamas,

On 06/03/15 21:24, Tamas K Lengyel wrote:
> +/*
> + * If mem_access is in use it might have been the reason why 
> get_page_from_gva
> + * failed to fetch the page, as it uses the MMU for the permission checking.
> + * Only in these cases we do a software-based type check and fetch the page 
> if
> + * we indeed found a conflicting mem_access setting.
> + */
> +static int check_type_get_page(vaddr_t gva, unsigned long flag,
> +                               struct page_info** page)
> +{
> +    long rc;
> +    paddr_t ipa;
> +    unsigned long maddr;
> +    unsigned long mfn;
> +    xenmem_access_t xma;
> +    p2m_type_t t;
> +
> +    rc = gva_to_ipa(gva, &ipa);

I though a bit more about this call.

gva_to_ipa only checks if the mapping has read-permission. That would
allow a guest to write on read-only mapping.

You have to pass the flags to gva_to_ipa in order to avoid
re-introducing XSA-98 [1]

Regards,

[1] http://xenbits.xen.org/xsa/advisory-98.html

-- 
Julien Grall

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH V13 3/7] xen/arm: Allow hypervisor access to mem_access protected pages
  - From: Tamas K Lengyel

References:
- [Xen-devel] [PATCH V13 0/7] Mem_access for ARM
  - From: Tamas K Lengyel
- [Xen-devel] [PATCH V13 3/7] xen/arm: Allow hypervisor access to mem_access protected pages
  - From: Tamas K Lengyel

Prev by Date: Re: [Xen-devel] [PATCH v2] x86emul: simplify asm() constraints
Next by Date: Re: [Xen-devel] [PATCH V13 1/7] xen/arm: p2m changes for mem_access support
Previous by thread: Re: [Xen-devel] [PATCH V13 3/7] xen/arm: Allow hypervisor access to mem_access protected pages
Next by thread: Re: [Xen-devel] [PATCH V13 3/7] xen/arm: Allow hypervisor access to mem_access protected pages
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.