[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [RFC 15/16] xen/arm: traps: Don't inject a fault if the translation VA -> IPA fails

To: Stefano Stabellini <sstabellini@xxxxxxxxxx>
From: Julien Grall <julien.grall@xxxxxxx>
Date: Mon, 23 May 2016 14:45:49 +0100
Cc: andre.przywara@xxxxxxx, steve.capper@xxxxxxx, wei.chen@xxxxxxx, xen-devel@xxxxxxxxxxxxx
Delivery-date: Mon, 23 May 2016 13:45:59 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

Hi Stefano,

On 21/05/16 15:51, Stefano Stabellini wrote:

On Sat, 21 May 2016, Stefano Stabellini wrote:

On Thu, 5 May 2016, Julien Grall wrote:

Based on ARM ARM (D4.5.3 in ARM DDI 0486A and B3.12.7 in ARM DDI 0406C.c),
a Stage 1 translation error has priority over a Stage 2 translation error.

Therefore gva_to_ipa can only fail if another vCPU is playing with the
page table.

Rather than injecting a custom fault, replay the instruction and let the
processor injecting the correct fault.

Signed-off-by: Julien Grall <julien.grall@xxxxxxx>


Couldn't a guest purposely cause a DoS in the hypervisor this way?


Just double-checking. I am pretty sure it cannot, because the replayed
instruction won't cause another hypervisor trap the second time around.

Before returning to the guest vCPU, Xen is handling any pending softirqs(see leave_hypervisor_tail). It might be possible to have the vCPUrescheduled.

So even if the replay cause another hypervisor trap, it will only impactits timeslice.


I will update the commit message to explain why it is not possible.

Regards,

--
Julien Grall

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

References:
- [Xen-devel] [RFC 00/16] xen/arm: Introduce alternative runtime patching for ARM64
  - From: Julien Grall
- [Xen-devel] [RFC 15/16] xen/arm: traps: Don't inject a fault if the translation VA -> IPA fails
  - From: Julien Grall
- Re: [Xen-devel] [RFC 15/16] xen/arm: traps: Don't inject a fault if the translation VA -> IPA fails
  - From: Stefano Stabellini
- Re: [Xen-devel] [RFC 15/16] xen/arm: traps: Don't inject a fault if the translation VA -> IPA fails
  - From: Stefano Stabellini

Prev by Date: Re: [Xen-devel] [PATCH qemu-traditional] ioreq: Support 32-bit default_ioport_* accesses
Next by Date: [Xen-devel] [ovmf test] 94719: all pass - PUSHED
Previous by thread: Re: [Xen-devel] [RFC 15/16] xen/arm: traps: Don't inject a fault if the translation VA -> IPA fails
Next by thread: [Xen-devel] [RFC 16/16] xen/arm: arm64: Document Cortex-A57 erratum 834220
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.