This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


RE: [Xen-ia64-devel] domU address space

Kouya Shimura wrote:
> tgingold@xxxxxxx writes:
>>> Do we have checks when inserting guest TLB for PV dom? Seems not,
>> Yes, we do.  See vcpu.c:check_xen_space_overlap
> It's only for xen area (region 7).  domU can use full 60 bit VA on
> other region in spite of IMPL_VA_MSB = 50. 

Yes, Shimura san, thanks! So the hole is still there.

> Eddie,
> Ideally we should check it.
> But current xen implementation requires full 64bit VA and there is no
> such an Itanium2 with IMPL_VA_MSB <60. (except VTi) So mis-using TLB
> cannot be. (i.e. unimplemented VA fault never be happened) 

Yes. That is why we are lucky so far :) While from architecture point of
we need to fix it.

> If we support xen on xen, it should be fixed in order to prevent a
> guest xen crashing. :) 

Yes, thanks! Besides running Xen on Xen, there is issue here with 
current solution. If we don;t check guest VA bits at emulating guest TLB
insertion time per architecture requirement, i.e. check IMPL_VA_MSB, 
a malicious guest can mis-lead hypervisor to die if the guest use 
same VA (but in different region) with hypervisor if rid of this region
is same
with region 7. We can simply fix this in check_xen_space_overlap as temp
solution, or implement a full solution to check IMPL_VA_MSB.

I prefer later one since it is not complicated to check VA bits #.
(alt)tlb_miss to unimplemented VA bits fault can be another task since
it only infect guest itself (not Xen).

thx, eddie

Xen-ia64-devel mailing list

<Prev in Thread] Current Thread [Next in Thread>