[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v3 1/2] x86/mm: Change default value for suppress #VE in set_mem_access()

To: Tamas K Lengyel <tamas@xxxxxxxxxxxxx>
From: Adrian Pop <apop@xxxxxxxxxxxxxxx>
Date: Wed, 19 Jul 2017 14:47:06 +0300
Cc: Wei Liu <wei.liu2@xxxxxxxxxx>, Razvan Cojocaru <rcojocaru@xxxxxxxxxxxxxxx>, Adrian Pop <apop@xxxxxxxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, Vlad Ioan Topan <itopan@xxxxxxxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
Delivery-date: Wed, 19 Jul 2017 11:47:29 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

Hello,

On Tue, Jul 18, 2017 at 11:26:45AM -0600, Tamas K Lengyel wrote:
> On Tue, Jul 18, 2017 at 9:25 AM, Adrian Pop <apop@xxxxxxxxxxxxxxx> wrote:
> > From: Vlad Ioan Topan <itopan@xxxxxxxxxxxxxxx>
> >
> > The default value for the "suppress #VE" bit set by set_mem_access()
> > currently depends on whether the call is made from the same domain (the
> > bit is set when called from another domain and cleared if called from
> > the same domain). This patch changes that behavior to inherit the old
> > suppress #VE bit value if it is already set and to set it to 1
> > otherwise, which is safer and more reliable.
> 
> With the way things are currently if the in-guest tool calls
> set_mem_access for an altp2m view, it implies it wants to receive #VE
> for it. Wouldn't this change in this patch effectively make it
> impossible for an in-guest tool to decide which pages it wants to
> receive #VE for? The new HVMOP you are introducing is only accessible
> from a privileged domain..

Yes, this change, along with the restrictions from the new HVMOP would
virtually prevent a guest from changing the suppress #VE bit for its
pages.  The current set_mem_access functionality, if I'm not mistaken,
is a bit odd since the guest can only clear the sve, but to set it,
another domain would have to call set_mem_access for it.

I think the issue would be whether to allow a domain to set/clear the
suppress #VE bit for its pages by calling the new HVMOP on itself.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH v3 1/2] x86/mm: Change default value for suppress #VE in set_mem_access()
  - From: Tamas K Lengyel

References:
- [Xen-devel] [PATCH v3 0/2] Add a hvmop for setting the #VE suppress bit
  - From: Adrian Pop
- [Xen-devel] [PATCH v3 1/2] x86/mm: Change default value for suppress #VE in set_mem_access()
  - From: Adrian Pop
- Re: [Xen-devel] [PATCH v3 1/2] x86/mm: Change default value for suppress #VE in set_mem_access()
  - From: Tamas K Lengyel

Prev by Date: Re: [Xen-devel] [PATCH 4.12 26/84] x86/xen/efi: Initialize only the EFI struct members used by Xen
Next by Date: Re: [Xen-devel] [PATCH v3 2/2] x86/altp2m: Add a hvmop for setting the suppress #VE bit
Previous by thread: Re: [Xen-devel] [PATCH v3 1/2] x86/mm: Change default value for suppress #VE in set_mem_access()
Next by thread: Re: [Xen-devel] [PATCH v3 1/2] x86/mm: Change default value for suppress #VE in set_mem_access()
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.