From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753170AbbIKO54 (ORCPT ); Fri, 11 Sep 2015 10:57:56 -0400 Received: from smtp.citrix.com ([66.165.176.89]:5669 "EHLO SMTP.CITRIX.COM" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753109AbbIKO5z (ORCPT ); Fri, 11 Sep 2015 10:57:55 -0400 X-IronPort-AV: E=Sophos;i="5.17,511,1437436800"; d="scan'208";a="299461296" Message-ID: <55F2EBA6.6060008@citrix.com> Date: Fri, 11 Sep 2015 15:56:38 +0100 From: Julien Grall User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Icedove/31.8.0 MIME-Version: 1.0 To: Ian Campbell , CC: , , , "Riku Voipio" , Russell King Subject: Re: [PATCH] arm/xen: Enable user access to the kernel before issuing a privcmd call References: <1441980963-9002-1-git-send-email-julien.grall@citrix.com> <1441981760.3549.57.camel@citrix.com> <55F2E909.70600@citrix.com> <1441983304.3549.73.camel@citrix.com> In-Reply-To: <1441983304.3549.73.camel@citrix.com> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-DLP: MIA2 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 11/09/15 15:55, Ian Campbell wrote: > On Fri, 2015-09-11 at 15:45 +0100, Julien Grall wrote: >> On 11/09/15 15:29, Ian Campbell wrote: >>> On Fri, 2015-09-11 at 15:16 +0100, Julien Grall wrote: >>>> When Xen is copyin data to/from the guest it will check if the kernel >>> >>> "copying" >>> >>>> has the right to do the access. If not, the hypercall will return an >>>> error. >>>> >>>> After the commit a5e090acbf545c0a3b04080f8a488b17ec41fe02 "ARM: >>>> software-based priviledged-no-access support", the kernel can't >>>> access >>> >>> "privileged" >>> >>>> anymore the user space by default. This will result to fail on every >>> >>> "any more" (or "any longer") >>> >>>> hypercall made by the userspace (i.e via privcmd). >>>> >>>> We have to enable the userspace access and then restore the correct >>>> permission everytime the privmcd is used to made an hypercall. >>> >>> "every time" and "privcmd" >>> >>>> HYPERCALL1(tmem_op); >>>> HYPERCALL2(multicall); >>>> >>>> -ENTRY(privcmd_call) >>>> +ENTRY(__privcmd_call) >>> >>> arch/arm/include/asm/assembler.h seems to contain uaccess_* macros >>> which >>> could be used right here directly I think? That would be preferable to >>> wrapping I think. >> >> Looking to the uaccess_save macro: > > I was thinking more about uaccess_enable/disable. Well, we can't assume that the function will be called with uaccess disabled. So we have to save the state and restore it after issuing the hypercall. Regards, -- Julien Grall