From mboxrd@z Thu Jan 1 00:00:00 1970 From: Stefano Stabellini Subject: [PULL 08/21] xen: additionally restrict xenforeignmemory operations Date: Fri, 21 Apr 2017 13:14:49 -0700 Message-ID: <1492805702-19690-8-git-send-email-sstabellini@kernel.org> References: <1492805702-19690-1-git-send-email-sstabellini@kernel.org> Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Return-path: Received: from mail6.bemta6.messagelabs.com ([193.109.254.103]) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1d1exf-0008TZ-Ce for xen-devel@lists.xenproject.org; Fri, 21 Apr 2017 20:15:23 +0000 In-Reply-To: <1492805702-19690-1-git-send-email-sstabellini@kernel.org> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xen.org Sender: "Xen-devel" To: peter.maydell@linaro.org Cc: sstabellini@kernel.org, stefanha@gmail.com, qemu-devel@nongnu.org, Paul Durrant , stefanha@redhat.com, anthony.perard@citrix.com, xen-devel@lists.xenproject.org List-Id: xen-devel@lists.xenproject.org RnJvbTogUGF1bCBEdXJyYW50IDxwYXVsLmR1cnJhbnRAY2l0cml4LmNvbT4KCkNvbW1pdCBmMGYy NzJiYWYzYTcgInhlbjogdXNlIGxpYnhlbmRldmljZSBtb2RlbCB0byByZXN0cmljdCBvcGVyYXRp b25zIgphZGRlZCBhIGNvbW1hbmQtbGluZSBvcHRpb24gKC14ZW4tZG9taWQtcmVzdHJpY3QpIHRv IGxpbWl0IG9wZXJhdGlvbnMKdXNpbmcgdGhlIGxpYnhlbmRldmljZW1vZGVsIEFQSSB0byBhIHNw ZWNpZmllZCBkb21pZC4gVGhlIGNvbW1pdCBhbHNvCm5vdGVkIHRoYXQgdGhlIHJlc3RyaWN0aW9u IHdvdWxkIGJlIGV4dGVuZGVkIHRvIGNvdmVyIG9wZXJhdGlvbnMgaXNzdWVkCnZpYSBvdGhlciB4 ZW4gbGlicmFyaWVzIGJ5IHN1YnNlcXVlbnQgcGF0Y2hlcy4KCk15IHJlY2VudCBYZW4gcGF0Y2gg WzFdIGFkZGVkIGEgY2FsbCB0byB0aGUgeGVuZm9yZWlnbm1lbW9yeSBBUEkgdG8gYWxsb3cKaXQg dG8gYmUgcmVzdHJpY3RlZC4gVGhpcyBwYXRjaCBub3cgbWFrZXMgdXNlIG9mIHRoYXQgbmV3IGNh bGwgd2hlbiB0aGUKLXhlbi1kb21pZC1yZXN0cmljdCBvcHRpb24gaXMgcGFzc2VkLgoKWzFdIGh0 dHA6Ly94ZW5iaXRzLnhlbi5vcmcvZ2l0d2ViLz9wPXhlbi5naXQ7YT1jb21taXQ7aD01ODIzZDZl YgoKU2lnbmVkLW9mZi1ieTogUGF1bCBEdXJyYW50IDxwYXVsLmR1cnJhbnRAY2l0cml4LmNvbT4K U2lnbmVkLW9mZi1ieTogU3RlZmFubyBTdGFiZWxsaW5pIDxzc3RhYmVsbGluaUBrZXJuZWwub3Jn PgpSZXZpZXdlZC1ieTogU3RlZmFubyBTdGFiZWxsaW5pIDxzc3RhYmVsbGluaUBrZXJuZWwub3Jn PgotLS0KIGluY2x1ZGUvaHcveGVuL3hlbl9jb21tb24uaCB8IDEzNCArKysrKysrKysrKysrKysr KysrKysrKysrKy0tLS0tLS0tLS0tLS0tLS0tLQogMSBmaWxlIGNoYW5nZWQsIDc4IGluc2VydGlv bnMoKyksIDU2IGRlbGV0aW9ucygtKQoKZGlmZiAtLWdpdCBhL2luY2x1ZGUvaHcveGVuL3hlbl9j b21tb24uaCBiL2luY2x1ZGUvaHcveGVuL3hlbl9jb21tb24uaAppbmRleCAwZmNiYmE4Li5lMDBk ZGQ3IDEwMDY0NAotLS0gYS9pbmNsdWRlL2h3L3hlbi94ZW5fY29tbW9uLmgKKysrIGIvaW5jbHVk ZS9ody94ZW4veGVuX2NvbW1vbi5oCkBAIC0yNiw2ICsyNiw1OCBAQCBleHRlcm4geGNfaW50ZXJm YWNlICp4ZW5feGM7CiAgKiBXZSBkb24ndCBzdXBwb3J0IFhlbiBwcmlvciB0byA0LjIuMC4KICAq LwogCisvKiBYZW4gNC4yIHRocm91Z2ggNC42ICovCisjaWYgQ09ORklHX1hFTl9DVFJMX0lOVEVS RkFDRV9WRVJTSU9OIDwgNDA3MDEKKwordHlwZWRlZiB4Y19pbnRlcmZhY2UgeGVuZm9yZWlnbm1l bW9yeV9oYW5kbGU7Cit0eXBlZGVmIHhjX2V2dGNobiB4ZW5ldnRjaG5faGFuZGxlOwordHlwZWRl ZiB4Y19nbnR0YWIgeGVuZ250dGFiX2hhbmRsZTsKKworI2RlZmluZSB4ZW5ldnRjaG5fb3Blbihs LCBmKSB4Y19ldnRjaG5fb3BlbihsLCBmKTsKKyNkZWZpbmUgeGVuZXZ0Y2huX2Nsb3NlKGgpIHhj X2V2dGNobl9jbG9zZShoKQorI2RlZmluZSB4ZW5ldnRjaG5fZmQoaCkgeGNfZXZ0Y2huX2ZkKGgp CisjZGVmaW5lIHhlbmV2dGNobl9wZW5kaW5nKGgpIHhjX2V2dGNobl9wZW5kaW5nKGgpCisjZGVm aW5lIHhlbmV2dGNobl9ub3RpZnkoaCwgcCkgeGNfZXZ0Y2huX25vdGlmeShoLCBwKQorI2RlZmlu ZSB4ZW5ldnRjaG5fYmluZF9pbnRlcmRvbWFpbihoLCBkLCBwKSB4Y19ldnRjaG5fYmluZF9pbnRl cmRvbWFpbihoLCBkLCBwKQorI2RlZmluZSB4ZW5ldnRjaG5fdW5tYXNrKGgsIHApIHhjX2V2dGNo bl91bm1hc2soaCwgcCkKKyNkZWZpbmUgeGVuZXZ0Y2huX3VuYmluZChoLCBwKSB4Y19ldnRjaG5f dW5iaW5kKGgsIHApCisKKyNkZWZpbmUgeGVuZ250dGFiX29wZW4obCwgZikgeGNfZ250dGFiX29w ZW4obCwgZikKKyNkZWZpbmUgeGVuZ250dGFiX2Nsb3NlKGgpIHhjX2dudHRhYl9jbG9zZShoKQor I2RlZmluZSB4ZW5nbnR0YWJfc2V0X21heF9ncmFudHMoaCwgbikgeGNfZ250dGFiX3NldF9tYXhf Z3JhbnRzKGgsIG4pCisjZGVmaW5lIHhlbmdudHRhYl9tYXBfZ3JhbnRfcmVmKGgsIGQsIHIsIHAp IHhjX2dudHRhYl9tYXBfZ3JhbnRfcmVmKGgsIGQsIHIsIHApCisjZGVmaW5lIHhlbmdudHRhYl91 bm1hcChoLCBhLCBuKSB4Y19nbnR0YWJfbXVubWFwKGgsIGEsIG4pCisjZGVmaW5lIHhlbmdudHRh Yl9tYXBfZ3JhbnRfcmVmcyhoLCBjLCBkLCByLCBwKSBcCisgICAgeGNfZ250dGFiX21hcF9ncmFu dF9yZWZzKGgsIGMsIGQsIHIsIHApCisjZGVmaW5lIHhlbmdudHRhYl9tYXBfZG9tYWluX2dyYW50 X3JlZnMoaCwgYywgZCwgciwgcCkgXAorICAgIHhjX2dudHRhYl9tYXBfZG9tYWluX2dyYW50X3Jl ZnMoaCwgYywgZCwgciwgcCkKKworI2RlZmluZSB4ZW5mb3JlaWdubWVtb3J5X29wZW4obCwgZikg eGVuX3hjCisjZGVmaW5lIHhlbmZvcmVpZ25tZW1vcnlfY2xvc2UoaCkKKworc3RhdGljIGlubGlu ZSB2b2lkICp4ZW5mb3JlaWdubWVtb3J5X21hcCh4Y19pbnRlcmZhY2UgKmgsIHVpbnQzMl90IGRv bSwKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgaW50IHByb3QsIHNp emVfdCBwYWdlcywKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgY29u c3QgeGVuX3Bmbl90IGFyclsvKnBhZ2VzKi9dLAorICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICBpbnQgZXJyWy8qcGFnZXMqL10pCit7CisgICAgaWYgKGVycikKKyAgICAg ICAgcmV0dXJuIHhjX21hcF9mb3JlaWduX2J1bGsoaCwgZG9tLCBwcm90LCBhcnIsIGVyciwgcGFn ZXMpOworICAgIGVsc2UKKyAgICAgICAgcmV0dXJuIHhjX21hcF9mb3JlaWduX3BhZ2VzKGgsIGRv bSwgcHJvdCwgYXJyLCBwYWdlcyk7Cit9CisKKyNkZWZpbmUgeGVuZm9yZWlnbm1lbW9yeV91bm1h cChoLCBwLCBzKSBtdW5tYXAocCwgcyAqIFhDX1BBR0VfU0laRSkKKworI2Vsc2UgLyogQ09ORklH X1hFTl9DVFJMX0lOVEVSRkFDRV9WRVJTSU9OID49IDQwNzAxICovCisKKyNpbmNsdWRlIDx4ZW5l dnRjaG4uaD4KKyNpbmNsdWRlIDx4ZW5nbnR0YWIuaD4KKyNpbmNsdWRlIDx4ZW5mb3JlaWdubWVt b3J5Lmg+CisKKyNlbmRpZgorCitleHRlcm4geGVuZm9yZWlnbm1lbW9yeV9oYW5kbGUgKnhlbl9m bWVtOworCiAjaWYgQ09ORklHX1hFTl9DVFJMX0lOVEVSRkFDRV9WRVJTSU9OIDwgNDA5MDAKIAog dHlwZWRlZiB4Y19pbnRlcmZhY2UgeGVuZGV2aWNlbW9kZWxfaGFuZGxlOwpAQCAtMTU4LDYgKzIx MCwxMyBAQCBzdGF0aWMgaW5saW5lIGludCB4ZW5kZXZpY2Vtb2RlbF9yZXN0cmljdCgKICAgICBy ZXR1cm4gLTE7CiB9CiAKK3N0YXRpYyBpbmxpbmUgaW50IHhlbmZvcmVpZ25tZW1vcnlfcmVzdHJp Y3QoCisgICAgeGVuZm9yZWlnbm1lbW9yeV9oYW5kbGUgKmZtZW0sIGRvbWlkX3QgZG9taWQpCit7 CisgICAgZXJybm8gPSBFTk9UVFk7CisgICAgcmV0dXJuIC0xOworfQorCiAjZWxzZSAvKiBDT05G SUdfWEVOX0NUUkxfSU5URVJGQUNFX1ZFUlNJT04gPj0gNDA5MDAgKi8KIAogI3VuZGVmIFhDX1dB TlRfQ09NUEFUX0RFVklDRU1PREVMX0FQSQpAQCAtMjE1LDY5ICsyNzQsMzIgQEAgc3RhdGljIGlu bGluZSBpbnQgeGVuX21vZGlmaWVkX21lbW9yeShkb21pZF90IGRvbWlkLCB1aW50NjRfdCBmaXJz dF9wZm4sCiAKIHN0YXRpYyBpbmxpbmUgaW50IHhlbl9yZXN0cmljdChkb21pZF90IGRvbWlkKQog ewotICAgIGludCByYyA9IHhlbmRldmljZW1vZGVsX3Jlc3RyaWN0KHhlbl9kbW9kLCBkb21pZCk7 CisgICAgaW50IHJjOwogCi0gICAgdHJhY2VfeGVuX2RvbWlkX3Jlc3RyaWN0KGVycm5vKTsKKyAg ICAvKiBBdHRlbXB0IHRvIHJlc3RyaWN0IGRldmljZW1vZGVsIG9wZXJhdGlvbnMgKi8KKyAgICBy YyA9IHhlbmRldmljZW1vZGVsX3Jlc3RyaWN0KHhlbl9kbW9kLCBkb21pZCk7CisgICAgdHJhY2Vf eGVuX2RvbWlkX3Jlc3RyaWN0KHJjID8gZXJybm8gOiAwKTsKIAotICAgIGlmIChlcnJubyA9PSBF Tk9UVFkpIHsKLSAgICAgICAgcmV0dXJuIDA7CisgICAgaWYgKHJjIDwgMCkgeworICAgICAgICAv KgorICAgICAgICAgKiBJZiBlcnJubyBpcyBFTk9UVFkgdGhlbiByZXN0cmljdGlvbiBpcyBub3Qg aW1wbGVtZW50ZWQgc28KKyAgICAgICAgICogdGhlcmUncyBubyBwb2ludCBpbiB0cnlpbmcgdG8g cmVzdHJpY3Qgb3RoZXIgdHlwZXMgb2YKKyAgICAgICAgICogb3BlcmF0aW9uLCBidXQgaXQgc2hv dWxkIG5vdCBiZSB0cmVhdGVkIGFzIGEgZmFpbHVyZS4KKyAgICAgICAgICovCisgICAgICAgIGlm IChlcnJubyA9PSBFTk9UVFkpIHsKKyAgICAgICAgICAgIHJldHVybiAwOworICAgICAgICB9CisK KyAgICAgICAgcmV0dXJuIHJjOwogICAgIH0KIAotICAgIHJldHVybiByYzsKLX0KLQotLyogWGVu IDQuMiB0aHJvdWdoIDQuNiAqLwotI2lmIENPTkZJR19YRU5fQ1RSTF9JTlRFUkZBQ0VfVkVSU0lP TiA8IDQwNzAxCi0KLXR5cGVkZWYgeGNfaW50ZXJmYWNlIHhlbmZvcmVpZ25tZW1vcnlfaGFuZGxl OwotdHlwZWRlZiB4Y19ldnRjaG4geGVuZXZ0Y2huX2hhbmRsZTsKLXR5cGVkZWYgeGNfZ250dGFi IHhlbmdudHRhYl9oYW5kbGU7Ci0KLSNkZWZpbmUgeGVuZXZ0Y2huX29wZW4obCwgZikgeGNfZXZ0 Y2huX29wZW4obCwgZik7Ci0jZGVmaW5lIHhlbmV2dGNobl9jbG9zZShoKSB4Y19ldnRjaG5fY2xv c2UoaCkKLSNkZWZpbmUgeGVuZXZ0Y2huX2ZkKGgpIHhjX2V2dGNobl9mZChoKQotI2RlZmluZSB4 ZW5ldnRjaG5fcGVuZGluZyhoKSB4Y19ldnRjaG5fcGVuZGluZyhoKQotI2RlZmluZSB4ZW5ldnRj aG5fbm90aWZ5KGgsIHApIHhjX2V2dGNobl9ub3RpZnkoaCwgcCkKLSNkZWZpbmUgeGVuZXZ0Y2hu X2JpbmRfaW50ZXJkb21haW4oaCwgZCwgcCkgeGNfZXZ0Y2huX2JpbmRfaW50ZXJkb21haW4oaCwg ZCwgcCkKLSNkZWZpbmUgeGVuZXZ0Y2huX3VubWFzayhoLCBwKSB4Y19ldnRjaG5fdW5tYXNrKGgs IHApCi0jZGVmaW5lIHhlbmV2dGNobl91bmJpbmQoaCwgcCkgeGNfZXZ0Y2huX3VuYmluZChoLCBw KQotCi0jZGVmaW5lIHhlbmdudHRhYl9vcGVuKGwsIGYpIHhjX2dudHRhYl9vcGVuKGwsIGYpCi0j ZGVmaW5lIHhlbmdudHRhYl9jbG9zZShoKSB4Y19nbnR0YWJfY2xvc2UoaCkKLSNkZWZpbmUgeGVu Z250dGFiX3NldF9tYXhfZ3JhbnRzKGgsIG4pIHhjX2dudHRhYl9zZXRfbWF4X2dyYW50cyhoLCBu KQotI2RlZmluZSB4ZW5nbnR0YWJfbWFwX2dyYW50X3JlZihoLCBkLCByLCBwKSB4Y19nbnR0YWJf bWFwX2dyYW50X3JlZihoLCBkLCByLCBwKQotI2RlZmluZSB4ZW5nbnR0YWJfdW5tYXAoaCwgYSwg bikgeGNfZ250dGFiX211bm1hcChoLCBhLCBuKQotI2RlZmluZSB4ZW5nbnR0YWJfbWFwX2dyYW50 X3JlZnMoaCwgYywgZCwgciwgcCkgXAotICAgIHhjX2dudHRhYl9tYXBfZ3JhbnRfcmVmcyhoLCBj LCBkLCByLCBwKQotI2RlZmluZSB4ZW5nbnR0YWJfbWFwX2RvbWFpbl9ncmFudF9yZWZzKGgsIGMs IGQsIHIsIHApIFwKLSAgICB4Y19nbnR0YWJfbWFwX2RvbWFpbl9ncmFudF9yZWZzKGgsIGMsIGQs IHIsIHApCi0KLSNkZWZpbmUgeGVuZm9yZWlnbm1lbW9yeV9vcGVuKGwsIGYpIHhlbl94YwotI2Rl ZmluZSB4ZW5mb3JlaWdubWVtb3J5X2Nsb3NlKGgpCisgICAgLyogUmVzdHJpY3QgZm9yZWlnbm1l bW9yeSBvcGVyYXRpb25zICovCisgICAgcmMgPSB4ZW5mb3JlaWdubWVtb3J5X3Jlc3RyaWN0KHhl bl9mbWVtLCBkb21pZCk7CisgICAgdHJhY2VfeGVuX2RvbWlkX3Jlc3RyaWN0KHJjID8gZXJybm8g OiAwKTsKIAotc3RhdGljIGlubGluZSB2b2lkICp4ZW5mb3JlaWdubWVtb3J5X21hcCh4Y19pbnRl cmZhY2UgKmgsIHVpbnQzMl90IGRvbSwKLSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgaW50IHByb3QsIHNpemVfdCBwYWdlcywKLSAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgY29uc3QgeGVuX3Bmbl90IGFyclsvKnBhZ2VzKi9dLAotICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBpbnQgZXJyWy8qcGFnZXMqL10pCi17 Ci0gICAgaWYgKGVycikKLSAgICAgICAgcmV0dXJuIHhjX21hcF9mb3JlaWduX2J1bGsoaCwgZG9t LCBwcm90LCBhcnIsIGVyciwgcGFnZXMpOwotICAgIGVsc2UKLSAgICAgICAgcmV0dXJuIHhjX21h cF9mb3JlaWduX3BhZ2VzKGgsIGRvbSwgcHJvdCwgYXJyLCBwYWdlcyk7CisgICAgcmV0dXJuIHJj OwogfQogCi0jZGVmaW5lIHhlbmZvcmVpZ25tZW1vcnlfdW5tYXAoaCwgcCwgcykgbXVubWFwKHAs IHMgKiBYQ19QQUdFX1NJWkUpCi0KLSNlbHNlIC8qIENPTkZJR19YRU5fQ1RSTF9JTlRFUkZBQ0Vf VkVSU0lPTiA+PSA0MDcwMSAqLwotCi0jaW5jbHVkZSA8eGVuZXZ0Y2huLmg+Ci0jaW5jbHVkZSA8 eGVuZ250dGFiLmg+Ci0jaW5jbHVkZSA8eGVuZm9yZWlnbm1lbW9yeS5oPgotCi0jZW5kaWYKLQot ZXh0ZXJuIHhlbmZvcmVpZ25tZW1vcnlfaGFuZGxlICp4ZW5fZm1lbTsKLQogdm9pZCBkZXN0cm95 X2h2bV9kb21haW4oYm9vbCByZWJvb3QpOwogCiAvKiBzaHV0ZG93bi9kZXN0cm95IGN1cnJlbnQg ZG9tYWluIGJlY2F1c2Ugb2YgYW4gZXJyb3IgKi8KLS0gCjEuOS4xCgoKX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KWGVuLWRldmVsIG1haWxpbmcgbGlzdApY ZW4tZGV2ZWxAbGlzdHMueGVuLm9yZwpodHRwczovL2xpc3RzLnhlbi5vcmcveGVuLWRldmVsCg==