[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] x86/VMX: sanitize VM86 TSS handling

To: "Tim Deegan" <tim@xxxxxxx>
From: "Jan Beulich" <JBeulich@xxxxxxxx>
Date: Wed, 15 Feb 2017 04:35:02 -0700
Cc: Kevin Tian <kevin.tian@xxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>, Jun Nakajima <jun.nakajima@xxxxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Roger Pau Monne <roger.pau@xxxxxxxxxx>
Delivery-date: Wed, 15 Feb 2017 11:35:10 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

>>> On 15.02.17 at 12:21, <tim@xxxxxxx> wrote:
> At 01:18 -0700 on 15 Feb (1487121525), Jan Beulich wrote:
>> >>> On 14.02.17 at 18:33, <tim@xxxxxxx> wrote:
>> >> TBD: Do we really want to re-init the TSS every time we are about to
>> >>      use it?
>> > 
>> > No - I think we should init it when the guest writes the param(s) and
>> > leave it at that.  Hvmloader marks it as reserved so the guest should
>> > know better than to write to it, and we can't protect it against all
>> > the possible ways the guest could break itself.
>> > 
>> > If you do want to re-init it more often, then I think it would still
>> > be better to legacy guests' (lack of a) size limit once, when the guest
>> > writes the base param.
>> 
>> The only problem with this being that at the time the base gets
>> written we don't know the size yet (nor whether the guest is
>> going to write it), and hence we don't know how must space to
>> initialize. The lower limit we enforce on the size (if being set) is
>> below the 128 byte default for old guests.
> 
> Why not make the lower limit 128?  I'd happily exchange simpler
> hypervisor code for the theoretical case of a guest that needs to run
> realmode code and cares about those few bytes.

Well, this would seem a pretty arbitrary limit to me, which I
dislike (but could probably live with).

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

References:
- [Xen-devel] [PATCH] x86/VMX: sanitize VM86 TSS handling
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH] x86/VMX: sanitize VM86 TSS handling
  - From: Tim Deegan
- Re: [Xen-devel] [PATCH] x86/VMX: sanitize VM86 TSS handling
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH] x86/VMX: sanitize VM86 TSS handling
  - From: Tim Deegan

Prev by Date: Re: [Xen-devel] [PATCH 2/2] x86: package up context switch hook pointers
Next by Date: Re: [Xen-devel] [PATCH 1/2] VMX: fix VMCS race on context-switch paths
Previous by thread: Re: [Xen-devel] [PATCH] x86/VMX: sanitize VM86 TSS handling
Next by thread: Re: [Xen-devel] [PATCH] x86/VMX: sanitize VM86 TSS handling
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.