[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH v4] x86: allow 64-bit PV guest kernels to suppress user mode exposure of M2P
On 04/05/2015 11:54, Jan Beulich wrote: > Xen L4 entries being uniformly installed into any L4 table and 64-bit > PV kernels running in ring 3 means that user mode was able to see the > read-only M2P presented by Xen to the guests. While apparently not > really representing an exploitable information leak, this still very > certainly was never meant to be that way. > > Building on the fact that these guests already have separate kernel and > user mode page tables we can allow guest kernels to tell Xen that they > don't want user mode to see this table. We can't, however, do this by > default: There is no ABI requirement that kernel and user mode page > tables be separate. Therefore introduce a new VM-assist flag allowing > the guest to control respective hypervisor behavior: > - when not set, L4 tables get created with the respective slot blank, > and whenever the L4 table gets used as a kernel one the missing > mapping gets inserted, > - when set, L4 tables get created with the respective slot initialized > as before, and whenever the L4 table gets used as a user one the > mapping gets zapped. > > Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> (although still better to defer to Tim to double check the shadow changes) ~Andrew _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |