[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] x86/altp2m: Add a subop for obtaining the mem access of a page

To: Razvan Cojocaru <rcojocaru@xxxxxxxxxxxxxxx>
From: Tamas K Lengyel <tamas@xxxxxxxxxxxxx>
Date: Wed, 4 Jul 2018 13:16:22 -0600
Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, Adrian Pop <apop@xxxxxxxxxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>, Tim Deegan <tim@xxxxxxx>, Julien Grall <julien.grall@xxxxxxx>, Jan Beulich <JBeulich@xxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
Delivery-date: Wed, 04 Jul 2018 19:17:24 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Mon, Jul 2, 2018 at 5:14 AM Razvan Cojocaru
<rcojocaru@xxxxxxxxxxxxxxx> wrote:
>
> On 07/02/2018 09:34 AM, Jan Beulich wrote:
> >>>> On 29.06.18 at 18:39, <rcojocaru@xxxxxxxxxxxxxxx> wrote:
> >> On 06/29/2018 06:38 PM, Jan Beulich wrote:
> >>>>>> On 28.06.18 at 15:00, <apop@xxxxxxxxxxxxxxx> wrote:
> >>>> @@ -4666,6 +4667,23 @@ static int do_altp2m_op(
> >>>>          }
> >>>>          break;
> >>>>
> >>>> +    case HVMOP_altp2m_get_mem_access:
> >>>> +        if ( a.u.mem_access.pad )
> >>>> +            rc = -EINVAL;
> >>>> +        else
> >>>> +        {
> >>>> +            xenmem_access_t access;
> >>>> +
> >>>> +            rc = p2m_get_mem_access(d, _gfn(a.u.mem_access.gfn), 
> >>>> &access,
> >>>> +                                    a.u.mem_access.view);
> >>>> +            if ( !rc )
> >>>> +            {
> >>>> +                a.u.mem_access.hvmmem_access = access;
> >>>> +                rc = __copy_to_guest(arg, &a, 1) ? -EFAULT : 0;
> >>>
> >>> __copy_field_to_guest()? Or wait, no, the function argument is still a
> >>> handle of void.
> >>>
> >>> And then - here we are again: Is it reasonable to permit a domain 
> >>> inquiring
> >>> for itself?
> >>
> >> A good question. Perhaps the following are decision factors:
> >>
> >> 1. It is already possible for a domain to set mem_access restrictions
> >> (via HVMOP_altp2m_set_mem_access) on itself.
> >
> > Which, as before, I consider a flaw.
> >
> >> 2. Tamas' patch allows setting this externally:
> >>
> >> https://patchwork.kernel.org/patch/9639779/
> >>
> >> Specifically, we have altp2m = disabled, mixed, external and limited to
> >> control who is allowed to do what:
> >>
> >> https://xenbits.xen.org/docs/unstable/man/xl.cfg.5.html
> >
> > Indeed this has at least made the situation less bad.
>
> Should we then switch this to a DOMCTL? Tamas, any thoughts on this?
> For us at least a DOMCTL is sufficient.

I pretty much agree with George in this thread. Being able to set the
memaccess permission from the guest is already an allowed setup with
the proper altp2m setting (and that is not on by default). So I don't
see why being able to get that permission should be any different.

Tamas

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

References:
- Re: [Xen-devel] [PATCH] x86/altp2m: Add a subop for obtaining the mem access of a page
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH] x86/altp2m: Add a subop for obtaining the mem access of a page
  - From: Razvan Cojocaru

Prev by Date: Re: [Xen-devel] [PATCH 13/13] x86/domctl: Implement XEN_DOMCTL_set_cpumsr_policy
Next by Date: [Xen-devel] [qemu-upstream-4.10-testing baseline-only test] 74935: regressions - FAIL
Previous by thread: Re: [Xen-devel] [PATCH] x86/altp2m: Add a subop for obtaining the mem access of a page
Next by thread: Re: [Xen-devel] [PATCH] x86/altp2m: Add a subop for obtaining the mem access of a page
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.