[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v3 1/2] x86/mm: Change default value for suppress #VE in set_mem_access()

To: George Dunlap <george.dunlap@xxxxxxxxxx>
From: Tamas K Lengyel <tamas@xxxxxxxxxxxxx>
Date: Thu, 20 Jul 2017 11:36:38 -0600
Cc: Wei Liu <wei.liu2@xxxxxxxxxx>, Vlad Ioan Topan <itopan@xxxxxxxxxxxxxxx>, Razvan Cojocaru <rcojocaru@xxxxxxxxxxxxxxx>, Adrian Pop <apop@xxxxxxxxxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
Delivery-date: Thu, 20 Jul 2017 17:37:22 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On Thu, Jul 20, 2017 at 11:03 AM, Tamas K Lengyel <tamas@xxxxxxxxxxxxx> wrote:
> On Thu, Jul 20, 2017 at 10:57 AM, George Dunlap
> <george.dunlap@xxxxxxxxxx> wrote:
>> On 07/20/2017 05:46 PM, Tamas K Lengyel wrote:
>>> On Thu, Jul 20, 2017 at 10:43 AM, George Dunlap
>>> <George.Dunlap@xxxxxxxxxxxxx> wrote:
>>>> On Wed, Jul 19, 2017 at 7:24 PM, Tamas K Lengyel <tamas@xxxxxxxxxxxxx> 
>>>> wrote:
>>>>>> I think the issue would be whether to allow a domain to set/clear the
>>>>>> suppress #VE bit for its pages by calling the new HVMOP on itself.
>>>>>
>>>>> This problem is not limited to setting the SVE bit. It also applies to
>>>>> swapping altp2m views. Pretty much all altp2m HVMOPs can be issued
>>>>> from a user-space program without any way to check whether that
>>>>> process is allowed to do that or not. If you don't think it is safe
>>>>> for a domain to set SVE, the none of the altp2m ops are safe for the
>>>>> domain to issue on itself. If we could say ensure only the kernel can
>>>>> issue the hvmops, that would be OK. But that's not possible at the
>>>>> moment AFAICT.
>>>>
>>>> Wait, is that right?  I think we normally restrict hypercalls to only
>>>> being made from the guest kernel, don't we?
>>>>
>>>
>>> If that's the case then it's good to know (can you point me where that
>>> restriction is done?) I was just referring to the fact that
>>> technically a userspace program can issue VMCALL.
>>
>> Well for vmcall in particular, it's in
>> xen/arch/x86/hvm/hypercall/hvm_hypercall().  The check for PV guests is
>> in xen/arch/x86/x86_64/entry.S:lstar_enter.  Other checks are left as an
>> exercise for the reader. :-)
>
> Thanks ;) I'm looking through it.

All checks out, we can ignore my concerns above. (Some comments around
vmx_get_cpl would have been helpful, took me a bit to find in the
manual why the bitshift is needed)

Tamas

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

References:
- [Xen-devel] [PATCH v3 0/2] Add a hvmop for setting the #VE suppress bit
  - From: Adrian Pop
- [Xen-devel] [PATCH v3 1/2] x86/mm: Change default value for suppress #VE in set_mem_access()
  - From: Adrian Pop
- Re: [Xen-devel] [PATCH v3 1/2] x86/mm: Change default value for suppress #VE in set_mem_access()
  - From: Tamas K Lengyel
- Re: [Xen-devel] [PATCH v3 1/2] x86/mm: Change default value for suppress #VE in set_mem_access()
  - From: Adrian Pop
- Re: [Xen-devel] [PATCH v3 1/2] x86/mm: Change default value for suppress #VE in set_mem_access()
  - From: Tamas K Lengyel
- Re: [Xen-devel] [PATCH v3 1/2] x86/mm: Change default value for suppress #VE in set_mem_access()
  - From: George Dunlap
- Re: [Xen-devel] [PATCH v3 1/2] x86/mm: Change default value for suppress #VE in set_mem_access()
  - From: Tamas K Lengyel
- Re: [Xen-devel] [PATCH v3 1/2] x86/mm: Change default value for suppress #VE in set_mem_access()
  - From: George Dunlap
- Re: [Xen-devel] [PATCH v3 1/2] x86/mm: Change default value for suppress #VE in set_mem_access()
  - From: Tamas K Lengyel

Prev by Date: Re: [Xen-devel] [OSSTEST PATCH v12 20/21] Create a flight to test OpenStack with xen-unstable and libvirt
Next by Date: [Xen-devel] [xen-unstable-smoke test] 112058: tolerable trouble: broken/pass - PUSHED
Previous by thread: Re: [Xen-devel] [PATCH v3 1/2] x86/mm: Change default value for suppress #VE in set_mem_access()
Next by thread: Re: [Xen-devel] [PATCH v3 1/2] x86/mm: Change default value for suppress #VE in set_mem_access()
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.