[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v3 1/2] x86/mm: Change default value for suppress #VE in set_mem_access()



Hello,

On Tue, Jul 18, 2017 at 11:26:45AM -0600, Tamas K Lengyel wrote:
> On Tue, Jul 18, 2017 at 9:25 AM, Adrian Pop <apop@xxxxxxxxxxxxxxx> wrote:
> > From: Vlad Ioan Topan <itopan@xxxxxxxxxxxxxxx>
> >
> > The default value for the "suppress #VE" bit set by set_mem_access()
> > currently depends on whether the call is made from the same domain (the
> > bit is set when called from another domain and cleared if called from
> > the same domain). This patch changes that behavior to inherit the old
> > suppress #VE bit value if it is already set and to set it to 1
> > otherwise, which is safer and more reliable.
> 
> With the way things are currently if the in-guest tool calls
> set_mem_access for an altp2m view, it implies it wants to receive #VE
> for it. Wouldn't this change in this patch effectively make it
> impossible for an in-guest tool to decide which pages it wants to
> receive #VE for? The new HVMOP you are introducing is only accessible
> from a privileged domain..

Yes, this change, along with the restrictions from the new HVMOP would
virtually prevent a guest from changing the suppress #VE bit for its
pages.  The current set_mem_access functionality, if I'm not mistaken,
is a bit odd since the guest can only clear the sve, but to set it,
another domain would have to call set_mem_access for it.

I think the issue would be whether to allow a domain to set/clear the
suppress #VE bit for its pages by calling the new HVMOP on itself.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.