[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 2/4] x86/P2M: relax guarding of MMIO entries


  • To: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Tue, 31 Aug 2021 15:16:22 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=VOCakBQ237jmym/DcN2vwm4c7ns3zoEHzkpfEm1onUM=; b=VauR62PaVwQqqMFzXikJYAeqW6y4PAt0tNeYl6p9uTcJlR+nigP/+QWfHox+VjQZM8u9XvA7Sg7r6vzePmvC1d1oIW7hsRWqigt19uE3nT9fsmk1IzwMUv4igZELesjB7nOwxjrbYz9E9RBr0snFiMbwvfuO7rhUXpWK8yOG/I/rlm92V4RO4sBIWsxibZjgR+1Recw1dosn8ZSLuik4TdX7OZAMca7+YTB4jRUOZaekrWji4kRW4WohTp31aK4T/Qh2fYXzAnz9RpoLloDbShy+EBTHdEd0TMLjlJoezVqjgqHR/07qfKYdx4ODg4z8VxtkW7lgKxnQCmk9Ar0TAQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=EQacvW45w35QYBs88Uur7vYxf52jknnHGA+PAJVhmA4PMTolejLEkm91MbfhNc0KBfSrhn5N7BF4/Hl2d/JclEDuAEHMgqjB9Qkq0Tz9ci8Omaz3ufSPbIzeDN3lQJuC9jbL2OyucTzRlJPF9RfieJncqExboGcCOWr9dJsHT/G3Cl3paUo1r1DoyeVhvcys8LXbN6BDRJGTty1fI3wiOn0QE1r4aTjSacFWf1GGULAUjkmpUTnI20AQoI+nHQVBQHRrAXCZ277HHh5mQ9umBHk83Q6/rX8watG30yMIcKGwE6wuO0xn39vg83NzcGpZzxqLuS9Gwe9XSxMFucXABg==
  • Authentication-results: citrix.com; dkim=none (message not signed) header.d=none;citrix.com; dmarc=none action=none header.from=suse.com;
  • Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Delivery-date: Tue, 31 Aug 2021 13:16:31 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 30.08.2021 15:02, Jan Beulich wrote:
> One of the changes comprising the fixes for XSA-378 disallows replacing
> MMIO mappings by unintended (for this purpose) code paths. At least in
> the case of PVH Dom0 hitting an RMRR covered by an E820 ACPI region,
> this is too strict. Generally short-circuit requests establishing the
> same kind of mapping that's already in place.
> 
> Further permit "access" to differ in the "executable" attribute. While
> ideally only ROM regions would get mapped with X set, getting there is
> quite a bit of work. Therefore, as a temporary measure, permit X to
> vary. For Dom0 the more permissive of the types will be used, while for
> DomU it'll be the more restrictive one.
> 
> While there, also add a log message to the other domain_crash()
> invocation that did prevent PVH Dom0 from coming up after the XSA-378
> changes.
> 
> Fixes: 753cb68e6530 ("x86/p2m: guard (in particular) identity mapping 
> entries")
> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>

Btw, I had meant to have this post-commit-message remark here:

TBD: This could be generalized to all of R, W, and X. Dealing with just X
     is merely the minimum I found is immediately necessary.

Jan




 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.