Xen 		  
Home About Xen.org Xen Xen Summit Wiki Mailing List Bug Tracker Xen Downloads
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-devel] [PATCH] fix issue of accessing supervisor page from ring3 in

from [Ling, Xiaofeng] [Permanent Link][Original]
To: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxx>
Subject: [Xen-devel] [PATCH] fix issue of accessing supervisor page from ring3 in vmx guest
From: "Ling, Xiaofeng" <xiaofeng.ling@xxxxxxxxx>
Date: Tue, 29 Nov 2005 15:31:17 +0800
Delivery-date: Tue, 29 Nov 2005 07:33:48 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040510 
# HG changeset patch
# User Xiaofeng Ling <xiaofeng.ling@xxxxxxxxx>
# Node ID b832c9f342065a84991b4fbf0e30749225995228
# Parent  ff879b0ac94170c3b1354fa5e297684ecffb834f
Fix vmx guest issue of allowing accessing supervisor page
from user level program.
In shadow fault, we need to check U/S bit in error code.
It is just a fix for shadow32.c, for x86_64 code and
public code, it is already handled.

Signed-off-by: Xiaofeng Ling <xiaofeng.ling@xxxxxxxxx>

diff -r eb213ab53c9b xen/arch/x86/shadow32.c
--- a/xen/arch/x86/shadow32.c   Fri Nov 25 13:07:07 2005 +0800
+++ b/xen/arch/x86/shadow32.c   Fri Nov 25 13:47:48 2005 +0800
@@ -2693,6 +2693,16 @@
             domain_crash_synchronous();
         }

+        /* uer runlevel to access vilation error in guest? */
+        if ( unlikely((regs->error_code & 4) &&
+                      !(l1e_get_flags(gpte) & _PAGE_USER)))
+        {
+ SH_VVLOG("shadow_fault - EXIT: wr fault on super page (%" PRIpte ")", 
+                    l1e_get_intpte(gpte));
+            goto fail;
+
+        }
+
         if ( unlikely(!l1pte_write_fault(v, &gpte, &spte, va)) )
         {
             SH_VVLOG("shadow_fault - EXIT: l1pte_write_fault failed");
@@ -2706,6 +2716,16 @@
     }
     else
     {
+        /* protection violation error(read) in guest? */
+        if ( unlikely((regs->error_code & 1) ))
+        {
+ SH_VVLOG("shadow_fault - EXIT: read fault on super page (%" PRIpte ")", 
+                    l1e_get_intpte(gpte));
+            goto fail;
+
+        }
+
+
         if ( !l1pte_read_fault(d, &gpte, &spte) )
         {
             SH_VVLOG("shadow_fault - EXIT: l1pte_read_fault failed");

# HG changeset patch
# User Xiaofeng Ling <xiaofeng.ling@xxxxxxxxx>
# Node ID b832c9f342065a84991b4fbf0e30749225995228
# Parent  ff879b0ac94170c3b1354fa5e297684ecffb834f
Fix vmx guest issue of allowing accessing supervisor page
from user level program.
In shadow fault, we need to check U/S bit in error code.
It is just a fix for shadow32.c, for x86_64 code and 
public code, it is already handled.

Signed-off-by: Xiaofeng Ling <xiaofeng.ling@xxxxxxxxx>

diff -r eb213ab53c9b xen/arch/x86/shadow32.c
--- a/xen/arch/x86/shadow32.c   Fri Nov 25 13:07:07 2005 +0800
+++ b/xen/arch/x86/shadow32.c   Fri Nov 25 13:47:48 2005 +0800
@@ -2693,6 +2693,16 @@
             domain_crash_synchronous();
         }
 
+        /* uer runlevel to access vilation error in guest? */
+        if ( unlikely((regs->error_code & 4) && 
+                      !(l1e_get_flags(gpte) & _PAGE_USER)))
+        {
+            SH_VVLOG("shadow_fault - EXIT: wr fault on super page (%" PRIpte 
")", 
+                    l1e_get_intpte(gpte));
+            goto fail;
+
+        }
+
         if ( unlikely(!l1pte_write_fault(v, &gpte, &spte, va)) )
         {
             SH_VVLOG("shadow_fault - EXIT: l1pte_write_fault failed");
@@ -2706,6 +2716,16 @@
     }
     else
     {
+        /* protection violation error(read) in guest? */
+        if ( unlikely((regs->error_code & 1) ))
+        {
+            SH_VVLOG("shadow_fault - EXIT: read fault on super page (%" PRIpte 
")", 
+                    l1e_get_intpte(gpte));
+            goto fail;
+
+        }
+
+
         if ( !l1pte_read_fault(d, &gpte, &spte) )
         {
             SH_VVLOG("shadow_fault - EXIT: l1pte_read_fault failed");

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-devel] [PATCH] fix issue of accessing supervisor page from ring3 in vmx guest, Ling, Xiaofeng <=
Previous by Date:  [Xen-devel] [PATCH]small fix for shadow, Ling, Xiaofeng
Next by Date:  [Xen-devel] [PATCH] Cleanup one qemu vga workaround, Yu, Ke
Previous by Thread:  [Xen-devel] [PATCH]small fix for shadow, Ling, Xiaofeng
Next by Thread:  [Xen-devel] [PATCH] Cleanup one qemu vga workaround, Yu, Ke
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , XenSource, Inc. All rights reserved. Note: the xen.org trademark policy
is changing. For information please email legalxen.org, Legal and Privacy