RE: Changing semantics of ioperm() on Xen x86-64?

RE: Changing semantics of ioperm() on Xen x86-64?

[Ian Pratt]

> As part of the Xen x86-64 Linux port, we've changed the 
> ioperm() syscall to always modify the IOPL instead of 
> actually modifying the IO bitmap in the TSS like we do on 
> x86-32.  Is there a particular reason for doing this?

I don't believe so. io bitmap support was added to the hypervisor and
the corresponding ioperm support got added on i386, but was never
carried across to x86_64.

We would definitely benefit from someone doing a code review of x86_64
with a view to unifying as many of the xen patches with i386 as
possible. There's certainly some needless/unhelpful divergence.

Ian 
 
> I'm completely guessing here that this may allow us to avoid 
> changing the TR when changing from user/kernel mode but that 
> doesn't seem like that huge of a gain.
> 
> I don't expect that there are many apps that would rely on 
> using ioperm to restrict access to only certain ranges of 
> ports so I don't think this is a security problem but it 
> still is a little discomforting.
> 
> Comments?
> 
> Regards,
> 
> Anthony Liguori
> 
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xensource.com
> http://lists.xensource.com/xen-devel
> 

Re: Changing semantics of ioperm() on Xen x86-64?

[Nivedita Singhvi]

Ian Pratt wrote:
>>As part of the Xen x86-64 Linux port, we've changed the 
>>ioperm() syscall to always modify the IOPL instead of 
>>actually modifying the IO bitmap in the TSS like we do on 
>>x86-32.  Is there a particular reason for doing this?
> 
> 
> I don't believe so. io bitmap support was added to the hypervisor and
> the corresponding ioperm support got added on i386, but was never
> carried across to x86_64.
> 
> We would definitely benefit from someone doing a code review of x86_64
> with a view to unifying as many of the xen patches with i386 as
> possible. There's certainly some needless/unhelpful divergence.
> 
> Ian 

Above issue was caught by a LTP test case failure, btw...

thanks,
Nivedita

Changing semantics of ioperm() on Xen x86-64?

[Anthony Liguori]

As part of the Xen x86-64 Linux port, we've changed the ioperm() syscall 
to always modify the IOPL instead of actually modifying the IO bitmap in 
the TSS like we do on x86-32.  Is there a particular reason for doing this?

I'm completely guessing here that this may allow us to avoid changing 
the TR when changing from user/kernel mode but that doesn't seem like 
that huge of a gain.

I don't expect that there are many apps that would rely on using ioperm 
to restrict access to only certain ranges of ports so I don't think this 
is a security problem but it still is a little discomforting.

Comments?

Regards,

Anthony Liguori

Re: Changing semantics of ioperm() on Xen x86-64?

[Keir Fraser]

On 18 Apr 2006, at 22:50, Anthony Liguori wrote:

> As part of the Xen x86-64 Linux port, we've changed the ioperm() 
> syscall to always modify the IOPL instead of actually modifying the IO 
> bitmap in the TSS like we do on x86-32.  Is there a particular reason 
> for doing this?
>
> I'm completely guessing here that this may allow us to avoid changing 
> the TR when changing from user/kernel mode but that doesn't seem like 
> that huge of a gain.
>
> I don't expect that there are many apps that would rely on using 
> ioperm to restrict access to only certain ranges of ports so I don't 
> think this is a security problem but it still is a little 
> discomforting.

As Ian said, x86/64 port took an old snap of the i386 port and has gone 
stale in quite a few ways. It needs some maintenance TLC. i386 did the 
same thing with ioperm() until io bitmap support was added to Xen.

  -- Keir