[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 00/14] XSA-277 followup

On Wed, Nov 21, 2018 at 09:22:25PM +0000, Andrew Cooper wrote:
> The only way I see of fixing this to teach Xen about the guests gfn
> layout (as chosen by the domainbuilder), and include within that "space
> which definitely doesn't have anything in, and is safe to put shared
> mappings into".  Beyond that, we'll need some administrator level
> knowledge of which guests are safe to have XENMEM_decrease_reservation
> prohibited, or some interlocks inside Xen to disable unsafe features as
> soon as we spot a guest which isn't playing by the new rules.

I agree, this is becoming quite cumbersome for PVH Dom0 specially,
where Xen has to keep track of MMIO regions, emulated regions that
must not have anything else mapped in and normal RAM ranges. Since the
hypervisor doesn't keep track of the memory layout every time there's
a p2m change (ie: BAR mapping and unmapping for example) there's a lot
of logic to avoid overlaps.

Having some kind of memory map that can be used to look up what's
supposed to be in a memory region would be quite helpful IMO.


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.