[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH for-4.9] x86/pagewalk: Fix determination of Protection Key access rights



At 17:51 +0100 on 16 May (1494957116), Andrew Cooper wrote:
> c/s 4c5d78a10 was accidentally buggy when handling Protection Keys.
> Protection keys applies to all user translations, not just accesses which
> originate from user mode.

Reviewed-by: Tim Deegan <tim@xxxxxxx>

Does the test for write-protection just below have the opposite bug?
It seems to check whether the page is writable, when AFAICS it should
be checking whether the action is a write (modulo CR0.WP).

Tim.

> Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
> ---
> CC: Jan Beulich <JBeulich@xxxxxxxx>
> CC: Tim Deegan <tim@xxxxxxx>
> CC: George Dunlap <george.dunlap@xxxxxxxxxxxxx>
> CC: Julien Grall <julien.grall@xxxxxxx>
> 
> This regression was introducing during the 4.9 timeframe, so really should be
> fixed before 4.9 ships.
> ---
>  xen/arch/x86/mm/guest_walk.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/xen/arch/x86/mm/guest_walk.c b/xen/arch/x86/mm/guest_walk.c
> index 32d818e..ba72432 100644
> --- a/xen/arch/x86/mm/guest_walk.c
> +++ b/xen/arch/x86/mm/guest_walk.c
> @@ -408,7 +408,7 @@ guest_walk_tables(struct vcpu *v, struct p2m_domain *p2m,
>       * N.B. In the case that the walk ended with a superpage, the fabricated
>       * gw->l1e contains the appropriate leaf pkey.
>       */
> -    if ( (walk & PFEC_user_mode) && !(walk & PFEC_insn_fetch) &&
> +    if ( (ar & _PAGE_USER) && !(walk & PFEC_insn_fetch) &&
>           guest_pku_enabled(v) )
>      {
>          unsigned int pkey = guest_l1e_get_pkey(gw->l1e);
> -- 
> 2.1.4
> 

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.