From mboxrd@z Thu Jan 1 00:00:00 1970 From: Daniel De Graaf Subject: Re: [PATCH 20/22] arch/x86: use XSM hooks for get_pg_owner access checks Date: Thu, 13 Sep 2012 09:55:46 -0400 Message-ID: <5051E5E2.50801@tycho.nsa.gov> References: <1347465586-20009-1-git-send-email-dgdegra@tycho.nsa.gov> <1347465586-20009-21-git-send-email-dgdegra@tycho.nsa.gov> <5051B1CC020000780009AFCE@nat28.tlf.novell.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <5051B1CC020000780009AFCE@nat28.tlf.novell.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: Jan Beulich Cc: Tim Deegan , Keir Fraser , xen-devel@lists.xen.org List-Id: xen-devel@lists.xenproject.org On 09/13/2012 04:13 AM, Jan Beulich wrote: >>>> On 12.09.12 at 17:59, Daniel De Graaf wrote: >> @@ -3353,9 +3357,14 @@ long do_mmu_update( >> mfn = req.ptr >> PAGE_SHIFT; >> gpfn = req.val; >> >> - rc = xsm_mmu_machphys_update(d, pg_owner, mfn); >> - if ( rc ) >> - break; >> + xsm_needed |= XSM_MMU_MACHPHYS_UPDATE; >> + if ( xsm_needed != xsm_checked ) >> + { >> + rc = xsm_mmu_update(d, pt_owner, pg_owner, xsm_needed); > > If you're already updating it this way, it would seem appropriate > to remove the over-checking here: pt_owner is meaningless for > this operation (there are no page tables involved), and hence > you could/should pass d instead. > > Jan > While this is safe, it makes thinking about the arguments to the XSM hook harder: the second argument would be defined as "pt_owner if called with XSM_MMU_NORMAL_UPDATE set and either XSM_MMU_MACHPHYS_UPDATE unset or XSM_MMU_MACHPHYS_UPDATE set in the previous call; otherwise, d." I would prefer the simpler method of passing pt_owner every time, and only checking it if XSM_MMU_NORMAL_UPDATE is set (which I now notice that the default XSM hook does not do, although the FLASK hook does; I'll fix that). -- Daniel De Graaf National Security Agency