From mboxrd@z Thu Jan 1 00:00:00 1970 From: Andrii Tseglytskyi Subject: Re: [PATCH v02 6/7] arm: introduce do_translate_pagetable hypercall Date: Tue, 22 Jul 2014 19:39:09 +0300 Message-ID: References: <1403780826-22123-1-git-send-email-andrii.tseglytskyi@globallogic.com> <1403780826-22123-7-git-send-email-andrii.tseglytskyi@globallogic.com> <53B6BB99.7060107@linaro.org> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <53B6BB99.7060107@linaro.org> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: Julien Grall Cc: Stefano Stabellini , Ian Campbell , xen-devel@lists.xen.org List-Id: xen-devel@lists.xenproject.org Hi Julien, On Fri, Jul 4, 2014 at 5:35 PM, Julien Grall wrote: > Hi Andrii, > > > On 26/06/14 12:07, Andrii Tseglytskyi wrote: >> >> +long do_translate_pagetable(int cmd, >> XEN_GUEST_HANDLE_PARAM(xen_pagetable_addr_t) pgt_addr) >> +{ >> + struct xen_pagetable_addr pgt; >> + struct mmu_info *mmu = NULL; >> + >> + if ( copy_from_guest(&pgt, pgt_addr, 1) ) >> + return -EFAULT; >> + >> + mmu = mmu_lookup(pgt.reg); >> + if ( !mmu ) >> + { >> + pr_mmu("can't get mmu for addr 0x%08x", pgt.reg); >> + return -EINVAL; >> + } >> + >> + pgt.maddr = mmu_translate_pagetable(mmu, pgt.paddr); >> + >> + return copy_to_guest(pgt_addr, &pgt, 1); >> +} >> + > > > AFAIU, nothing prevents a malicious guest to call this hypercall and screw > the pagetable of the MMU. Right. Do you think that some kind of security checks needed here? > > Regards, > > -- > Julien Grall -- Andrii Tseglytskyi | Embedded Dev GlobalLogic www.globallogic.com