Re: [PATCH] mini-os: correct memory access rights for pvh mode

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Samuel Thibault <samuel.thibault@ens-lyon.org>
To: Juergen Gross <jgross@suse.com>
Cc: minios-devel@lists.xenproject.org,
	xen-devel@lists.xenproject.org, wl@xen.org
Subject: Re: [PATCH] mini-os: correct memory access rights for pvh mode
Date: Sat, 15 Aug 2020 23:40:02 +0200	[thread overview]
Message-ID: <20200815214002.vow2zqlqhtxw6jmb@function> (raw)
In-Reply-To: <20200815111557.29564-1-jgross@suse.com>

Juergen Gross, le sam. 15 août 2020 13:15:57 +0200, a ecrit:
> When running as a PVH guest the memory access rights are not set
> correctly: _PAGE_USER should not be set and CR0.WP should be set.
> Especially CR0.WP is important in order to let the allocate on
> demand feature work, as it requires a page fault when writing to a
> read-only page.
> 
> Signed-off-by: Juergen Gross <jgross@suse.com>

Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>

> ---
>  arch/x86/x86_hvm.S    |  2 +-
>  include/x86/arch_mm.h | 18 ++++++++++++------
>  include/x86/os.h      |  1 +
>  3 files changed, 14 insertions(+), 7 deletions(-)
> 
> diff --git a/arch/x86/x86_hvm.S b/arch/x86/x86_hvm.S
> index 6e8ad98..42a5f02 100644
> --- a/arch/x86/x86_hvm.S
> +++ b/arch/x86/x86_hvm.S
> @@ -20,7 +20,7 @@ _start:
>  #endif /* __x86_64__ */
>  
>          mov %cr0, %eax
> -        or $X86_CR0_PG, %eax
> +        or $(X86_CR0_PG | X86_CR0_WP), %eax
>          mov %eax, %cr0
>  
>          lgdt gdt_ptr
> diff --git a/include/x86/arch_mm.h b/include/x86/arch_mm.h
> index cbbeb21..ffbec5a 100644
> --- a/include/x86/arch_mm.h
> +++ b/include/x86/arch_mm.h
> @@ -171,17 +171,23 @@ typedef unsigned long pgentry_t;
>  #define _PAGE_PSE      CONST(0x080)
>  #define _PAGE_GLOBAL   CONST(0x100)
>  
> +#ifdef CONFIG_PARAVIRT
> +#define PAGE_USER _PAGE_USER
> +#else
> +#define PAGE_USER CONST(0)
> +#endif
> +
>  #if defined(__i386__)
>  #define L1_PROT (_PAGE_PRESENT|_PAGE_RW|_PAGE_ACCESSED)
>  #define L1_PROT_RO (_PAGE_PRESENT|_PAGE_ACCESSED)
> -#define L2_PROT (_PAGE_PRESENT|_PAGE_RW|_PAGE_ACCESSED|_PAGE_DIRTY |_PAGE_USER)
> +#define L2_PROT (_PAGE_PRESENT|_PAGE_RW|_PAGE_ACCESSED|_PAGE_DIRTY |PAGE_USER)
>  #define L3_PROT (_PAGE_PRESENT)
>  #elif defined(__x86_64__)
> -#define L1_PROT (_PAGE_PRESENT|_PAGE_RW|_PAGE_ACCESSED|_PAGE_USER)
> -#define L1_PROT_RO (_PAGE_PRESENT|_PAGE_ACCESSED|_PAGE_USER)
> -#define L2_PROT (_PAGE_PRESENT|_PAGE_RW|_PAGE_ACCESSED|_PAGE_DIRTY|_PAGE_USER)
> -#define L3_PROT (_PAGE_PRESENT|_PAGE_RW|_PAGE_ACCESSED|_PAGE_DIRTY|_PAGE_USER)
> -#define L4_PROT (_PAGE_PRESENT|_PAGE_RW|_PAGE_ACCESSED|_PAGE_DIRTY|_PAGE_USER)
> +#define L1_PROT (_PAGE_PRESENT|_PAGE_RW|_PAGE_ACCESSED|PAGE_USER)
> +#define L1_PROT_RO (_PAGE_PRESENT|_PAGE_ACCESSED|PAGE_USER)
> +#define L2_PROT (_PAGE_PRESENT|_PAGE_RW|_PAGE_ACCESSED|_PAGE_DIRTY|PAGE_USER)
> +#define L3_PROT (_PAGE_PRESENT|_PAGE_RW|_PAGE_ACCESSED|_PAGE_DIRTY|PAGE_USER)
> +#define L4_PROT (_PAGE_PRESENT|_PAGE_RW|_PAGE_ACCESSED|_PAGE_DIRTY|PAGE_USER)
>  #endif /* __i386__ || __x86_64__ */
>  
>  /* flags for ioremap */
> diff --git a/include/x86/os.h b/include/x86/os.h
> index a73b63e..46a824d 100644
> --- a/include/x86/os.h
> +++ b/include/x86/os.h
> @@ -27,6 +27,7 @@
>  #define MSR_EFER          0xc0000080
>  #define _EFER_LME         8             /* Long mode enable */
>  
> +#define X86_CR0_WP        0x00010000    /* Write protect */
>  #define X86_CR0_PG        0x80000000    /* Paging */
>  #define X86_CR4_PAE       0x00000020    /* enable physical address extensions */
>  #define X86_CR4_OSFXSR    0x00000200    /* enable fast FPU save and restore */
> -- 
> 2.26.2
> 

-- 
Samuel
<y> la vraie vie, c'est quand le prompt passe de $ à #

next prev parent reply	other threads:[~2020-08-15 21:40 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-08-15 11:15 [PATCH] mini-os: correct memory access rights for pvh mode Juergen Gross
2020-08-15 21:40 ` Samuel Thibault [this message]
2020-08-17  9:56   ` Wei Liu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200815214002.vow2zqlqhtxw6jmb@function \
    --to=samuel.thibault@ens-lyon.org \
    --cc=jgross@suse.com \
    --cc=minios-devel@lists.xenproject.org \
    --cc=wl@xen.org \
    --cc=xen-devel@lists.xenproject.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.