[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [PATCH v16 2/3] mem_sharing: allow forking domain with IOMMU enabled
On Wed, Apr 22, 2020 at 3:09 AM Roger Pau Monné <roger.pau@xxxxxxxxxx> wrote: > > On Tue, Apr 21, 2020 at 10:47:24AM -0700, Tamas K Lengyel wrote: > > The memory sharing subsystem by default doesn't allow a domain to share > > memory > > if it has an IOMMU active for obvious security reasons. However, when > > fuzzing a > > VM fork, the same security restrictions don't necessarily apply. While it > > makes > > no sense to try to create a full fork of a VM that has an IOMMU attached as > > only > > one domain can own the pass-through device at a time, creating a shallow > > fork > > without a device model is still very useful for fuzzing kernel-mode drivers. > > > > By allowing the parent VM to initialize the kernel-mode driver with a real > > device that's pass-through, the driver can enter into a state more suitable > > for > > fuzzing. Some of these initialization steps are quite complex and are > > easier to > > perform when a real device is present. After the initialization, shallow > > forks > > can be utilized for fuzzing code-segments in the device driver that don't > > directly interact with the device. > > > > Signed-off-by: Tamas K Lengyel <tamas.lengyel@xxxxxxxxx> > > Reviewed-by: Roger Pau Monné <roger.pau@xxxxxxxxxx> Thanks! This can be merged independent of the other patches in the series. Tamas
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |