[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [PATCH v16 2/3] mem_sharing: allow forking domain with IOMMU enabled
On Tue, Apr 21, 2020 at 10:47:24AM -0700, Tamas K Lengyel wrote: > The memory sharing subsystem by default doesn't allow a domain to share memory > if it has an IOMMU active for obvious security reasons. However, when fuzzing > a > VM fork, the same security restrictions don't necessarily apply. While it > makes > no sense to try to create a full fork of a VM that has an IOMMU attached as > only > one domain can own the pass-through device at a time, creating a shallow fork > without a device model is still very useful for fuzzing kernel-mode drivers. > > By allowing the parent VM to initialize the kernel-mode driver with a real > device that's pass-through, the driver can enter into a state more suitable > for > fuzzing. Some of these initialization steps are quite complex and are easier > to > perform when a real device is present. After the initialization, shallow forks > can be utilized for fuzzing code-segments in the device driver that don't > directly interact with the device. > > Signed-off-by: Tamas K Lengyel <tamas.lengyel@xxxxxxxxx> Reviewed-by: Roger Pau Monné <roger.pau@xxxxxxxxxx> Thanks.
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |