|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH] Make get_page_from_l1e refcount correctly onforeign pagetables.
On 14/05/2009 09:22, "Tim Deegan" <Tim.Deegan@xxxxxxxxxx> wrote: >> I have to admit that the change to mod_l1_entry() look suspicious to me - >> as I understand it, the third parameter of get_page_from_l1e_for() represents >> the target domain, and that's what FOREIGNDOM is to be used for. > > Possibly. IIUC get_page_from_l1e_for()'s first domain argument is the > domain whose rights we are testing; so e.g. dom0 mapping domU memory > uses FOREIGNDOM there to say "this should be domU's page". The second > argument (whose pagetables are these) has always implicitly been "mine", > i.e. current->domain. Again correct when dom0 maps domU's page. > > In the case we're trying to fix, although current->domain is dom0 (who > is making a shadow control hypercall) the pagetables belong to domU. Yes, there can be three domains involved: the one making the hypercall, the one who owns the PTE, and the one who owns the page being mapped into the PTE. I think some of the confusion around get_page_from_l1e() is that the domain argument is the page-owner not the PTE-owner. It would make sense for it to be the latter, and then as far as possible do the is-the-page-owner-valid checks hidden inside get_page_from_l1e(). The only fly in the ointment there is that FOREIGNDOM should only be permitted from mod_l1_entry(). Possibly that should be the only caller that directly accesses a more complex interface to get_page_from_l1e() (where the extra argument would be the page-owner, not the PTE-owner!). -- Keir _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |