WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-ia64-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-ia64-devel] [rfc 13/15] Kexec: offsets for EFI runtime regions

from [Tristan Gingold] [Permanent Link][Original]
To: Horms <horms@xxxxxxxxxxxx>
Subject: Re: [Xen-ia64-devel] [rfc 13/15] Kexec: offsets for EFI runtime regions
From: Tristan Gingold <tgingold@xxxxxxx>
Date: Mon, 10 Sep 2007 05:20:49 +0200
Cc: xen-ia64-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date: Sun, 09 Sep 2007 20:15:21 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <20070910015427.GA15075@xxxxxxxxxxxx>
List-help: <mailto:xen-ia64-devel-request@lists.xensource.com?subject=help>
List-id: Discussion of the ia64 port of Xen <xen-ia64-devel.lists.xensource.com>
List-post: <mailto:xen-ia64-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-ia64-devel>, <mailto:xen-ia64-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-ia64-devel>, <mailto:xen-ia64-devel-request@lists.xensource.com?subject=unsubscribe>
References: <20070817065042.645546902@xxxxxxxxxxxx> <20070817065447.235858579@xxxxxxxxxxxx> <20070908040630.GA2588@saphi> <20070910015427.GA15075@xxxxxxxxxxxx>
Sender: xen-ia64-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.5.9i 
On Mon, Sep 10, 2007 at 10:54:29AM +0900, Horms wrote:
> On Sat, Sep 08, 2007 at 06:06:30AM +0200, Tristan Gingold wrote:
> > On Fri, Aug 17, 2007 at 03:50:55PM +0900, Simon Horman wrote:
> > > This is used by paches that move the EFI runtime regions into what is
> > > normally guest space.  A description of why this mapping is made is
> > > included in the patch that makes the mapping.
> > [...]
> > > +/* In order for Kexec between Xen and Linux to work EFI needs
> > > + * to be mapped into the same place by both. It seems most convenient
> > > + * to make Xen do the dirty work here */
> > > +#define __IA64_EFI_UNCACHED_OFFSET       0xc000000000000000UL
> > > +#define __IA64_EFI_CACHED_OFFSET 0xf000000000000000UL
> > 
> > Hi,
> > 
> > sorry or this late comment but doesn't this code creates a security hole ?
> > EFI_UNCACHED_OFFSET area will be visible inside vti domains as its virtual
> > address is valid in these domains.
> 
> Hi Tristan,
> 
> I think that you have a good point there.
> 
> Currently the code is checking psr.cpl to make sure that it is 0,
> and thus deny access to (non-vti?) domains. Is a similar check possible
> for vti domains, or is the problem a little deeper?
Unfortunately similar check is not possible for vti.  Hypervisor memory
is protected from guest domain by using a 1 bit wider virtual address.
(I think it would have been better to add a new bit in the mmu but...)

Tristan.

_______________________________________________
Xen-ia64-devel mailing list
Xen-ia64-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-ia64-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Xen-devel] Re: [Xen-ia64-devel] [IA64] Weekly benchmark results [ww36], Isaku Yamahata
Next by Date:  Re: [Xen-ia64-devel] Strange code in vmx_init.c, Tristan Gingold
Previous by Thread:  Re: [Xen-ia64-devel] [rfc 13/15] Kexec: offsets for EFI runtime regions, Horms
Next by Thread:  Re: [Xen-ia64-devel] [rfc 13/15] Kexec: offsets for EFI runtime regions, Horms
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy