[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v2 REPOST 02/12] x86/mm: allow a privileged PV domain to map guest mfns



> -----Original Message-----
> From: Wei Liu [mailto:wei.liu2@xxxxxxxxxx]
> Sent: 28 August 2017 15:38
> To: Paul Durrant <Paul.Durrant@xxxxxxxxxx>
> Cc: Wei Liu <wei.liu2@xxxxxxxxxx>; xen-devel@xxxxxxxxxxxxxxxxxxxx; Andrew
> Cooper <Andrew.Cooper3@xxxxxxxxxx>; Jan Beulich <jbeulich@xxxxxxxx>
> Subject: Re: [Xen-devel] [PATCH v2 REPOST 02/12] x86/mm: allow a
> privileged PV domain to map guest mfns
> 
> On Fri, Aug 25, 2017 at 11:05:54AM +0100, Paul Durrant wrote:
> > > -----Original Message-----
> > > From: Wei Liu [mailto:wei.liu2@xxxxxxxxxx]
> > > Sent: 24 August 2017 17:33
> > > To: Paul Durrant <Paul.Durrant@xxxxxxxxxx>
> > > Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx; Andrew Cooper
> > > <Andrew.Cooper3@xxxxxxxxxx>; Jan Beulich <jbeulich@xxxxxxxx>; Wei
> Liu
> > > <wei.liu2@xxxxxxxxxx>
> > > Subject: Re: [Xen-devel] [PATCH v2 REPOST 02/12] x86/mm: allow a
> > > privileged PV domain to map guest mfns
> > >
> > > On Tue, Aug 22, 2017 at 03:50:56PM +0100, Paul Durrant wrote:
> > > > In the case where a PV domain is mapping guest resources then it
> needs
> > > make
> > > > the HYPERVISOR_mmu_update call using DOMID_SELF, rather than the
> > > guest
> > > > domid, so that the passed in gmfn values are correctly treated as mfns
> > > > rather than gfns present in the guest p2m.
> > > >
> > >
> > > What would be the callchain like in this case?
> 
> >
> > It's exactly like foreign mapping but passing DOMID_SELF. I.e. in
> > privcmd (in a PV domain) you have an mfn in your hand that already
> > belongs to you rather than the gmfn of a foreign domain.
> >
> > >
> > > I don't quite understand how this fits with the resource mapping
> > > code in this series.
> > >
> >
> > Because (for a PV caller) mapping a resource gives you back mfns that
> > are assigned to the calling domain, and the most convenient way of
> > using them is to use the existing code that normally deals with priv
> > mapping from a foreign domain, but just allow it to use DOMID_SELF.
> > This patch is all that's required to make that work.
> >
> 
> So the use case is as followed for PV guests:
> 
> 1. A guest calls acquire_resource to obtain a list of mfns
> 2. The guest calls the foreign map API to map those mfns into its own
>    address space via HYPERVISOR_mmu_update
> 
> The mfns belong to the guest itself.
> 
> In get_page_from_l1e, l1e contains a valid mfn, real_pg_owner is the
> real owner of the page, pg_owner is the nominally owner of the page.
> Shouldn't they be the same domain? I'm still quite baffled how you
> manage to hit that place.

The issue I hit was l1e_owner and pg_owner being dom0, but real_pg_owner was 
the guest. Obviously dom0 has privilege to map anything, but it was being 
denied because pg_owner == l1e_owner.

  Paul

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.