WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-ia64-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-ia64-devel] [rfc 13/15] Kexec: offsets for EFI runtime regions

from [Horms] [Permanent Link][Original]
To: Tristan Gingold <tgingold@xxxxxxx>
Subject: Re: [Xen-ia64-devel] [rfc 13/15] Kexec: offsets for EFI runtime regions
From: Horms <horms@xxxxxxxxxxxx>
Date: Mon, 10 Sep 2007 10:54:29 +0900
Cc: xen-ia64-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date: Sun, 09 Sep 2007 18:55:05 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <20070908040630.GA2588@saphi>
List-help: <mailto:xen-ia64-devel-request@lists.xensource.com?subject=help>
List-id: Discussion of the ia64 port of Xen <xen-ia64-devel.lists.xensource.com>
List-post: <mailto:xen-ia64-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-ia64-devel>, <mailto:xen-ia64-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-ia64-devel>, <mailto:xen-ia64-devel-request@lists.xensource.com?subject=unsubscribe>
References: <20070817065042.645546902@xxxxxxxxxxxx> <20070817065447.235858579@xxxxxxxxxxxx> <20070908040630.GA2588@saphi>
Sender: xen-ia64-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: mutt-ng/devel-r804 (Debian) 
On Sat, Sep 08, 2007 at 06:06:30AM +0200, Tristan Gingold wrote:
> On Fri, Aug 17, 2007 at 03:50:55PM +0900, Simon Horman wrote:
> > This is used by paches that move the EFI runtime regions into what is
> > normally guest space.  A description of why this mapping is made is
> > included in the patch that makes the mapping.
> [...]
> > +/* In order for Kexec between Xen and Linux to work EFI needs
> > + * to be mapped into the same place by both. It seems most convenient
> > + * to make Xen do the dirty work here */
> > +#define __IA64_EFI_UNCACHED_OFFSET 0xc000000000000000UL
> > +#define __IA64_EFI_CACHED_OFFSET   0xf000000000000000UL
> 
> Hi,
> 
> sorry or this late comment but doesn't this code creates a security hole ?
> EFI_UNCACHED_OFFSET area will be visible inside vti domains as its virtual
> address is valid in these domains.

Hi Tristan,

I think that you have a good point there.

Currently the code is checking psr.cpl to make sure that it is 0,
and thus deny access to (non-vti?) domains. Is a similar check possible
for vti domains, or is the problem a little deeper?

-- 
Horms
  H: http://www.vergenet.net/~horms/
  W: http://www.valinux.co.jp/en/


_______________________________________________
Xen-ia64-devel mailing list
Xen-ia64-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-ia64-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [Xen-ia64-devel] Strange code in vmx_init.c, Zhang, Xing Z
Next by Date:  Re: [Xen-devel] [PATCH] xc_map_foreign_pages(), a convenient alternative to xc_map_foreign_batch(), Isaku Yamahata
Previous by Thread:  Re: [Xen-ia64-devel] [rfc 13/15] Kexec: offsets for EFI runtime regions, Tristan Gingold
Next by Thread:  Re: [Xen-ia64-devel] [rfc 13/15] Kexec: offsets for EFI runtime regions, Tristan Gingold
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy