WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] [RFC] x86: possible problem with guest_walk_tables()

from [Tim Deegan] [Permanent Link][Original]
To: Jan Beulich <JBeulich@xxxxxxxxxx>
Subject: Re: [Xen-devel] [RFC] x86: possible problem with guest_walk_tables()
From: Tim Deegan <Tim.Deegan@xxxxxxxxxx>
Date: Mon, 21 Mar 2011 12:33:50 +0000
Cc: "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>
Delivery-date: Mon, 21 Mar 2011 05:34:40 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <4D87486202000078000377F1@xxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <4D87486202000078000377F1@xxxxxxxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.5.20 (2009-06-14) 
At 11:45 +0000 on 21 Mar (1300707922), Jan Beulich wrote:
> The PSE handling doesn't check bits 1...8 (or 1...9 for non-PAE guests)
> being zero, thus allowing bad (not 2Mb/4Mb aligned) large pages to be
> handled (afaict potentially allowing the guest to access foreign memory).

I don't think this allows access to foreign memory, since these
pagetables are in GFN-space. 

> Below is a possible fix, but unfortunately it doesn't work for
> GUEST_PAGING_LEVELS == 2, since _PAGE_INVALID_BITS is zero
> there.

What does real hardware do in this case?  IIRC 32-bit non-PAE doesn't
have an "invlid bit set" error code to use in pagefaults.
/me supposes he had better check...

Tim.

> Would defining _PAGE_INVALID_BITS to any bit mask between
> 0x80000000 and  0xfffff000 there be in conflict with anything?
> 
> --- a/xen/arch/x86/mm/guest_walk.c
> +++ b/xen/arch/x86/mm/guest_walk.c
> @@ -231,9 +231,15 @@ guest_walk_tables(struct vcpu *v, struct
>              /* _PAGE_PSE_PAT not set: remove _PAGE_PAT from flags. */
>              flags &= ~_PAGE_PAT;
>  
> +#define GUEST_L2_GFN_ALIGN (1 << (GUEST_L2_PAGETABLE_SHIFT - \
> +                                  GUEST_L1_PAGETABLE_SHIFT))
> +        if ( gfn_x(start) & (GUEST_L2_GFN_ALIGN - 1) & ~0x1 )
> +            rc |= _PAGE_INVALID_BITS;
> +
>          /* Increment the pfn by the right number of 4k pages.  
> -         * The ~0x1 is to mask out the PAT bit mentioned above. */
> -        start = _gfn((gfn_x(start) & ~0x1) + guest_l1_table_offset(va));
> +         * Mask out PAT and invalid bits. */
> +        start = _gfn((gfn_x(start) & ~(GUEST_L2_GFN_ALIGN - 1)) +
> +                     guest_l1_table_offset(va));
>          gw->l1e = guest_l1e_from_gfn(start, flags);
>          gw->l1mfn = _mfn(INVALID_MFN);
>      } 
> 
> 
> 
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-devel

-- 
Tim Deegan <Tim.Deegan@xxxxxxxxxx>
Principal Software Engineer, Xen Platform Team
Citrix Systems UK Ltd.  (Company #02937203, SL9 0BG)

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Xen-devel] Build problem: note: 'xtl_createlogger_stdiostream' is defined in DSO .. so try adding it to the linker command line... libxenctrl.so.4.0: could not read symbols: Invalid operation, Konrad Rzeszutek Wilk
Next by Date:  Re: [Xen-devel] Build problem: note: 'xtl_createlogger_stdiostream' is defined in DSO .. so try adding it to the linker command line... libxenctrl.so.4.0: could not read symbols: Invalid operation, Ian Campbell
Previous by Thread:  [Xen-devel] [RFC] x86: possible problem with guest_walk_tables(), Jan Beulich
Next by Thread:  Re: [Xen-devel] [RFC] x86: possible problem with guest_walk_tables(), Jan Beulich
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy