|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH] common/gnttab: Introduce command line feature controls
This patch was originally released as part of XSA-226. It retains the same
command line syntax (as various downstreams are mitigating XSA-226 using this
mechanism) but the defaults have been updated due to the revised XSA-226
patched, after which transitive grants are believed to functioning
properly.
Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
---
CC: Jan Beulich <JBeulich@xxxxxxxx>
CC: George Dunlap <George.Dunlap@xxxxxxxxxxxxx>
CC: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>
CC: Stefano Stabellini <sstabellini@xxxxxxxxxx>
CC: Tim Deegan <tim@xxxxxxx>
CC: Wei Liu <wei.liu2@xxxxxxxxxx>
v2:
* Rebase over command-line parsing changes.
v3:
* Switch to 'max-ver', leaving max_ver as an undocumented alias.
* Check the end pointer from simple_strtol() to check for trailing characters.
* Tollerate set_version(1) even if failing set_version(2) with -ENOSYS.
---
docs/misc/xen-command-line.markdown | 13 ++++++++++++
xen/common/grant_table.c | 42 ++++++++++++++++++++++++++++++++++++-
2 files changed, 54 insertions(+), 1 deletion(-)
diff --git a/docs/misc/xen-command-line.markdown
b/docs/misc/xen-command-line.markdown
index 8317639..a95195f 100644
--- a/docs/misc/xen-command-line.markdown
+++ b/docs/misc/xen-command-line.markdown
@@ -920,6 +920,19 @@ Controls EPT related features.
Specify which console gdbstub should use. See **console**.
+### gnttab
+> `= List of [ max-ver:<integer>, transitive=<bool> ]`
+
+> Default: `gnttab=max-ver:2,transitive`
+
+Control various aspects of the grant table behaviour available to guests.
+
+* `max-ver` Select the maximum grant table version to offer to guests. Valid
+version are 1 and 2.
+* `transitive` Permit or disallow the use of transitive grants. Note that the
+use of grant table v2 without transitive grants is an ABI breakage from the
+guests point of view.
+
### gnttab\_max\_frames
> `= <integer>`
diff --git a/xen/common/grant_table.c b/xen/common/grant_table.c
index 48c5479..36a182e 100644
--- a/xen/common/grant_table.c
+++ b/xen/common/grant_table.c
@@ -97,6 +97,41 @@ static unsigned int __read_mostly max_maptrack_frames =
DEFAULT_MAX_MAPTRACK_FRAMES;
integer_runtime_param("gnttab_max_maptrack_frames", max_maptrack_frames);
+static unsigned int __read_mostly opt_gnttab_max_version = 2;
+static bool __read_mostly opt_transitive_grants = true;
+
+static int __init parse_gnttab(const char *s)
+{
+ const char *ss, *e;
+ int val, rc = 0;
+
+ do {
+ ss = strchr(s, ',');
+ if ( !ss )
+ ss = strchr(s, '\0');
+
+ if ( !strncmp(s, "max-ver:", 8) ||
+ !strncmp(s, "max_ver:", 8) ) /* Alias for original XSA-226 patch
*/
+ {
+ long ver = simple_strtol(s + 8, &e, 10);
+
+ if ( e == ss && ver >= 1 && ver <= 2 )
+ opt_gnttab_max_version = ver;
+ else
+ rc = -EINVAL;
+ }
+ else if ( (val = parse_boolean("transitive", s, ss)) >= 0 )
+ opt_transitive_grants = val;
+ else
+ rc = -EINVAL;
+
+ s = ss + 1;
+ } while ( *ss );
+
+ return rc;
+}
+custom_param("gnttab", parse_gnttab);
+
/*
* Note that the three values below are effectively part of the ABI, even if
* we don't need to make them a formal part of it: A guest suspended for
@@ -2674,7 +2709,8 @@ static int gnttab_copy_claim_buf(const struct gnttab_copy
*op,
current->domain->domain_id,
buf->read_only,
&buf->frame, &buf->page,
- &buf->ptr.offset, &buf->len, true);
+ &buf->ptr.offset, &buf->len,
+ opt_transitive_grants);
if ( rc != GNTST_okay )
goto out;
buf->ptr.u.ref = ptr->u.ref;
@@ -2876,6 +2912,10 @@
gnttab_set_version(XEN_GUEST_HANDLE_PARAM(gnttab_set_version_t) uop)
if ( op.version != 1 && op.version != 2 )
goto out;
+ res = -ENOSYS;
+ if ( op.version == 2 && opt_gnttab_max_version == 1 )
+ goto out; /* Behave as before set_version was introduced. */
+
res = 0;
if ( gt->gt_version == op.version )
goto out;
--
2.1.4
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |