[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] hvmloader / qemu-xen: Getting rid of resource conflict for OpRegion.



>>
>> This shoud be the OpRegion base: cd996018 is the host address.
>> igd_write_opregion: Map OpRegion: cd996018 -> feff4018
>>
>> Other info are available in the attachment, including pci info && the
>> xl dmesg log (for e820 map).
>
> Well unfortunately not much else in that ACPI NVS region is defined. There
> is the GNVS region that is defined but it is tiny and at the tail end of
> it. So it is not clear what else is in that region or around the IGD
> region (frankly it could be unused or contain other bits not related the
> graphics at all). Some of the values in GNVS could be pointers to other
> regions in that NVS too.
>
> I guess the only truly 100% secure way to deal with it is to trap to qemu
> (as was suggested) and block access to the area around IGD. It didn't
> sound like this was a popular option. Anyway sorry I could not be
> more helpful but it looks like your patch to map the extra page made
> it in unstable.
>

Anyway, thanks for your help, Ross.

Hi Ian,
Unfortunately, our effort does not lead to clear result.
We still have no idea what is around the OpRegion, or even whether it
is supposed to be
a fixed layout. I not sure how to judge the security risk in this case.
So if you believe this is not acceptable, I'll stop wasting time on this...

Thanks,
Timothy

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.