[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] xen: grant-table: Check truncation when giving access to a frame

To: Julien Grall <julien.grall@xxxxxxx>, "boris.ostrovsky@xxxxxxxxxx" <boris.ostrovsky@xxxxxxxxxx>, David Vrabel <david.vrabel@xxxxxxxxxx>, "jgross@xxxxxxxx" <jgross@xxxxxxxx>, "sstabellini@xxxxxxxxxx" <sstabellini@xxxxxxxxxx>, "konrad.wilk@xxxxxxxxxx" <konrad.wilk@xxxxxxxxxx>
From: Paul Durrant <Paul.Durrant@xxxxxxxxxx>
Date: Mon, 13 Jun 2016 12:12:49 +0000
Accept-language: en-GB, en-US
Cc: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxx>, "linux-kernel@xxxxxxxxxxxxxxx" <linux-kernel@xxxxxxxxxxxxxxx>, "JBeulich@xxxxxxxx" <JBeulich@xxxxxxxx>, "steve.capper@xxxxxxx" <steve.capper@xxxxxxx>
Delivery-date: Mon, 13 Jun 2016 12:21:25 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>
Thread-index: AQHRxWGj1ni/LeDD50+bfNa7WAZ8Hp/nTuiQ
Thread-topic: [Xen-devel] [PATCH] xen: grant-table: Check truncation when giving access to a frame

> -----Original Message-----
> From: Xen-devel [mailto:xen-devel-bounces@xxxxxxxxxxxxx] On Behalf Of
> Julien Grall
> Sent: 13 June 2016 11:51
> To: boris.ostrovsky@xxxxxxxxxx; David Vrabel; jgross@xxxxxxxx;
> sstabellini@xxxxxxxxxx; konrad.wilk@xxxxxxxxxx
> Cc: steve.capper@xxxxxxx; Andrew Cooper; linux-kernel@xxxxxxxxxxxxxxx;
> xen-devel@xxxxxxxxxxxxx; Julien Grall; JBeulich@xxxxxxxx
> Subject: [Xen-devel] [PATCH] xen: grant-table: Check truncation when giving
> access to a frame
> 
> The version 1 of the grant-table protocol only supports frame encoded on
> 32-bit.
> 
> When the platform is supporting 48-bit physical address, the frame will
> be encoded on 36-bit which will lead a truncation and give access to
> the wrong frame.
> 
> On ARM Xen will always allow the guest to use all the physical address,
> although today the RAM is always located under 40-bits (see
> xen/include/public/arch-arm.h).
> 
> Add a truncation check in gnttab_update_entry_v1 to prevent the guest to
> give access to the wrong frame.
> 
> Signed-off-by: Julien Grall <julien.grall@xxxxxxx>
> 
> ---
>     This is limiting us to a 44-bit address space whilst ARM can support
>     up to 48-bit today. This number of bit will increase to 52-bit in
>     upcoming processors [1].
> 
>     It might be good to start thinking to extend the version 1 of the
>     protocol to use 64-bit frame number.

...or simply use version 2 of the protocol.

  Paul
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH] xen: grant-table: Check truncation when giving access to a frame
  - From: Julien Grall

References:
- [Xen-devel] [PATCH] xen: grant-table: Check truncation when giving access to a frame
  - From: Julien Grall

Prev by Date: Re: [Xen-devel] [PATCH 0/2] Validate host VMX MSRs before accessing them
Next by Date: Re: [Xen-devel] [PATCH] xen: grant-table: Check truncation when giving access to a frame
Previous by thread: Re: [Xen-devel] [PATCH] xen: grant-table: Check truncation when giving access to a frame
Next by thread: Re: [Xen-devel] [PATCH] xen: grant-table: Check truncation when giving access to a frame
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.