[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v3 07/15] argo: implement the register op

To: Christopher Clark <christopher.w.clark@xxxxxxxxx>
From: Wei Liu <wei.liu2@xxxxxxxxxx>
Date: Wed, 9 Jan 2019 15:55:53 +0000
Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, Ross Philipson <ross.philipson@xxxxxxxxx>, Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Jason Andryuk <jandryuk@xxxxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, Rich Persaud <persaur@xxxxxxxxx>, Tim Deegan <tim@xxxxxxx>, Daniel Smith <dpsmith@xxxxxxxxxxxxxxxxxxxx>, Julien Grall <julien.grall@xxxxxxx>, Paul Durrant <paul.durrant@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx, James McKenzie <james@xxxxxxxxxxx>, Eric Chanudet <eric.chanudet@xxxxxxxxx>, Roger Pau Monne <roger.pau@xxxxxxxxxx>
Delivery-date: Wed, 09 Jan 2019 15:56:04 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Sun, Jan 06, 2019 at 11:42:40PM -0800, Christopher Clark wrote:
> The register op is used by a domain to register a region of memory for
> receiving messages from either a specified other domain, or, if specifying a
> wildcard, any domain.
> 
> This operation creates a mapping within Xen's private address space that
> will remain resident for the lifetime of the ring. In subsequent commits,
> the hypervisor will use this mapping to copy data from a sending domain into
> this registered ring, making it accessible to the domain that registered the
> ring to receive data.
> 
> Wildcard any-sender rings are default disabled and registration will be
> refused with EPERM unless they have been specifically enabled with the
> argo-mac boot option introduced here. The reason why the default for
> wildcard rings is 'deny' is that there is currently no means to protect the
> ring from DoS by a noisy domain spamming the ring, affecting other domains
> ability to send to it. This will be addressed with XSM policy controls in
> subsequent work.
> 
> Since denying access to any-sender rings is a significant functional
> constraint, a new bootparam is provided to enable overriding this:
>  "argo-mac" variable has allowed values: 'permissive' and 'enforcing'.
> Even though this is a boolean variable, use these descriptive strings in
> order to make it obvious to an administrator that this has potential
> security impact.
> 
> The p2m type of the memory supplied by the guest for the ring must be
> p2m_ram_rw and the memory will be pinned as PGT_writable_page while the ring
> is registered.
> 
> xen_argo_page_descr_t type is introduced as a page descriptor, to convey
> both the physical address of the start of the page and its granularity. The
> smallest granularity page is assumed to be 4096 bytes and the lower twelve
> bits of the type are used to indicate the size of page of memory supplied.
> The implementation of the hypercall op currently only supports 4K pages.
> 

What is the resolution for the Arm issues mentioned by Julien? I read
the conversation in previous thread. A solution seemed to have been
agreed upon, but the changelog doesn't say anything about it.

Wei.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH v3 07/15] argo: implement the register op
  - From: Christopher Clark

References:
- [Xen-devel] [PATCH v3 00/15] Argo: hypervisor-mediated interdomain communication
  - From: Christopher Clark
- [Xen-devel] [PATCH v3 07/15] argo: implement the register op
  - From: Christopher Clark

Prev by Date: Re: [Xen-devel] [PATCH RFC v1] x86/emulate: Send vm_event form emulate
Next by Date: Re: [Xen-devel] [PATCH RFC v1] x86/emulate: Send vm_event form emulate
Previous by thread: [Xen-devel] [PATCH v3 07/15] argo: implement the register op
Next by thread: Re: [Xen-devel] [PATCH v3 07/15] argo: implement the register op
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.