WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-changelog

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-changelog] [xen-unstable] x86: Fix GRANT_PTE_FLAGS.

from [Xen patchbot-unstable] [Permanent Link][Original]
To: xen-changelog@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-changelog] [xen-unstable] x86: Fix GRANT_PTE_FLAGS.
From: Xen patchbot-unstable <patchbot-unstable@xxxxxxxxxxxxxxxxxxx>
Date: Wed, 05 Nov 2008 07:00:56 -0800
Delivery-date: Wed, 05 Nov 2008 07:03:41 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-changelog-request@lists.xensource.com?subject=help>
List-id: BK change log <xen-changelog.lists.xensource.com>
List-post: <mailto:xen-changelog@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=unsubscribe>
Reply-to: xen-devel@xxxxxxxxxxxxxxxxxxx
Sender: xen-changelog-bounces@xxxxxxxxxxxxxxxxxxx 
# HG changeset patch
# User Keir Fraser <keir.fraser@xxxxxxxxxx>
# Date 1225708374 0
# Node ID 4ec25db9326a7e7f64a8471cbfd7b5852484757c
# Parent  540483d2a98f3fbabf06961cc0cc52e3c59c245b
x86: Fix GRANT_PTE_FLAGS.

Since page table entries created through e.g. GNTTABOP_map_grant_ref
are being passed through adjust_guest_l1e(), they must not generally
get _PAGE_USER set - this will be taken care of by adjust_guest_l1e(),
and it will ensure that these don't get _PAGE_GLOBAL set
inadvertently.

Due to the implied security aspect here (_PAGE_GLOBAL getting set on
kernel pages for x86-64), I'd like to ask that this also be applied to
older maintained branches.

At the same time, set _PAGE_NX for pte-s created for grants (as long
as hardware supports it), since it should be only data pages that remote
domains are being given access to.

Signed-off-by: Jan Beulich <jbeulich@xxxxxxxxxx>
---
 xen/include/asm-x86/page.h        |    3 +++
 xen/include/asm-x86/x86_32/page.h |    3 ---
 xen/include/asm-x86/x86_64/page.h |    3 ---
 3 files changed, 3 insertions(+), 6 deletions(-)

diff -r 540483d2a98f -r 4ec25db9326a xen/include/asm-x86/page.h
--- a/xen/include/asm-x86/page.h        Mon Nov 03 10:32:02 2008 +0000
+++ b/xen/include/asm-x86/page.h        Mon Nov 03 10:32:54 2008 +0000
@@ -314,6 +314,9 @@ unsigned long clone_idle_pagetable(struc
 #define __PAGE_HYPERVISOR_NOCACHE \
     (_PAGE_PRESENT | _PAGE_RW | _PAGE_DIRTY | _PAGE_PCD | _PAGE_ACCESSED)
 
+#define GRANT_PTE_FLAGS \
+    (_PAGE_PRESENT | _PAGE_ACCESSED | _PAGE_DIRTY | _PAGE_NX | _PAGE_GNTTAB)
+
 #ifndef __ASSEMBLY__
 
 static inline int get_order_from_bytes(paddr_t size)
diff -r 540483d2a98f -r 4ec25db9326a xen/include/asm-x86/x86_32/page.h
--- a/xen/include/asm-x86/x86_32/page.h Mon Nov 03 10:32:02 2008 +0000
+++ b/xen/include/asm-x86/x86_32/page.h Mon Nov 03 10:32:54 2008 +0000
@@ -105,9 +105,6 @@ extern unsigned int PAGE_HYPERVISOR_NOCA
 #define get_pte_flags(x) (((int)((x) >> 32) & ~0xFFF) | ((int)(x) & 0xFFF))
 #define put_pte_flags(x) (((intpte_t)((x) & ~0xFFF) << 32) | ((x) & 0xFFF))
 
-#define GRANT_PTE_FLAGS \
-    (_PAGE_PRESENT|_PAGE_ACCESSED|_PAGE_DIRTY|_PAGE_GNTTAB)
-
 /*
  * Disallow unused flag bits plus PAT/PSE, PCD, PWT and GLOBAL.
  * Permit the NX bit if the hardware supports it.
diff -r 540483d2a98f -r 4ec25db9326a xen/include/asm-x86/x86_64/page.h
--- a/xen/include/asm-x86/x86_64/page.h Mon Nov 03 10:32:02 2008 +0000
+++ b/xen/include/asm-x86/x86_64/page.h Mon Nov 03 10:32:54 2008 +0000
@@ -124,9 +124,6 @@ typedef l4_pgentry_t root_pgentry_t;
 #define PAGE_HYPERVISOR         (__PAGE_HYPERVISOR         | _PAGE_GLOBAL)
 #define PAGE_HYPERVISOR_NOCACHE (__PAGE_HYPERVISOR_NOCACHE | _PAGE_GLOBAL)
 
-#define GRANT_PTE_FLAGS \
-    (_PAGE_PRESENT|_PAGE_ACCESSED|_PAGE_DIRTY|_PAGE_GNTTAB|_PAGE_USER)
-
 #define USER_MAPPINGS_ARE_GLOBAL
 #ifdef USER_MAPPINGS_ARE_GLOBAL
 /*

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-changelog] [xen-unstable] x86: Fix GRANT_PTE_FLAGS., Xen patchbot-unstable <=
Previous by Date:  [Xen-changelog] [xen-unstable] x86: simplify page reference handling for partially (in-)validated pages, Xen patchbot-unstable
Next by Date:  [Xen-changelog] [xen-unstable] xentrace: Trace mmio/io read/write value, Xen patchbot-unstable
Previous by Thread:  [Xen-changelog] [xen-unstable] x86: simplify page reference handling for partially (in-)validated pages, Xen patchbot-unstable
Next by Thread:  [Xen-changelog] [xen-unstable] xentrace: Trace mmio/io read/write value, Xen patchbot-unstable
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy