From mboxrd@z Thu Jan 1 00:00:00 1970 From: Mathieu Ropert Subject: Re: [RESEND] Question about recursive mappings Date: Mon, 22 May 2006 17:18:12 +0200 Message-ID: <4471D634.10808@adviseo.fr> References: <4471814E.2070302@adviseo.fr> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <4471814E.2070302@adviseo.fr> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xensource.com Errors-To: xen-devel-bounces@lists.xensource.com To: xen-devel@lists.xensource.com List-Id: xen-devel@lists.xenproject.org Done some investingations in the mm code of Xen, i think the problem is that linear page tables entries are checked only on level 4 entries. In my case, my recursive entry is in a L3 table, already validated as another type, hence not "valid" for Xen. Will authorizing L3 or L2 recursive mappings induce a security hole or vulnerability? If not, I'll try to make a patch to address this issue (any hint welcome :)). Regards, Mathieu Mathieu Ropert wrote: > [Previous one didn't hit list after 3 days, trying a resend, sorry if > both finally show up] > > Hi, > > are recursive mappings (ie: a page table entry pointing back to itself) > supported by Xen (on x86_64 at least)? > I'm asking cause i'm seeing many error logs from get_page_type() telling > something like "saw L3_page_table expected L2_page_table" or "saw > L4_page_table expected L3_page_table" (finally leading to a failing > mmu_update, i guess others happens on user pagetables switches). > Or maybe is there any workaround needed? (I think i saw something like > setting entry to 0 first then to the recursive entry somewhere, but > can't remember where). > By the way, i'm using recursive mappings in kernel page directory (which > seems ok) and i temporay make user page directory recursive when i map > a user PGD in kernel space (mapping user PGD to a L4 entry of kernel > tables, then using kernel L4 slot and user PGD recursive entry to > access user page tables). > > [edit] > Done some little research about the problem. Seems like NetBSD use the > same thing and works, but there is no x86_64 ports for now. I'm > starting to think that may be a x86_64 issue, maybe because recursive > mappings don't lead to conflicting types with only 2 levels. > Xen interface states that a page can only be of one type (PGD, PT, > LDT, GDT and R/W). I don't know why there is a need to distinguish > page table levels, but i'm afraid this restriction will conflit with > some MMU implementation on x86_64 like NetBSD and OpenBSD, and maybe > others (FreeBSD on top of my mind, don't know how much the pmap > implementation diverged). > [/edit] > > Regards, > > Mathieu > > > _______________________________________________ > Xen-devel mailing list > Xen-devel@lists.xensource.com > http://lists.xensource.com/xen-devel