Re: [Xen-devel] [PATCH v4] x86/mm: Add mem access rights to NPT

[Resending] On Wed, Sep 26, 2018 at 5:02 PM George Dunlap wrote: > > On Mon, Jul 23, 2018 at 2:48 PM Alexandru Isaila > wrote: > > > > From: Isaila Alexandru > > > > This patch adds access control for NPT mode. > > > > There aren’t enough extra bits to store the access rights in the NPT p2m > >

Re: [Xen-devel] [PATCH v4] x86/mm: Add mem access rights to NPT

On Mon, Jul 23, 2018 at 2:48 PM Alexandru Isaila wrote: > > From: Isaila Alexandru > > This patch adds access control for NPT mode. > > There aren’t enough extra bits to store the access rights in the NPT p2m > table, so we add a radix tree to store the rights. For efficiency, > remove entries w

Re: [Xen-devel] [PATCH v4] x86/mm: Add mem access rights to NPT

On 09/26/2018 09:17 AM, Isaila Alexandru wrote: > On Wed, 2018-07-25 at 04:37 -0600, Jan Beulich wrote: > On 25.07.18 at 11:25, wrote: >>> >>> On 07/24/2018 01:02 PM, Jan Beulich wrote: >>> On 24.07.18 at 13:26, wrote: > > On 07/24/2018 09:55 AM, Jan Beulich wrote: > On 23

Re: [Xen-devel] [PATCH v4] x86/mm: Add mem access rights to NPT

On Wed, 2018-07-25 at 04:37 -0600, Jan Beulich wrote: > > > > On 25.07.18 at 11:25, wrote: > > > > On 07/24/2018 01:02 PM, Jan Beulich wrote: > > > > > > On 24.07.18 at 13:26, wrote: > > > > > > > > On 07/24/2018 09:55 AM, Jan Beulich wrote: > > > > > > > > On 23.07.18 at 15:48, wrote: > > > >

Re: [Xen-devel] [PATCH v4] x86/mm: Add mem access rights to NPT

On Mi, 2018-07-25 at 04:37 -0600, Jan Beulich wrote: > > > > > > > > > > > > > On 25.07.18 at 11:25, wrote: > > On 07/24/2018 01:02 PM, Jan Beulich wrote: > > > > > > > > > > > > > > > > > > > > > > > > On 24.07.18 at 13:26, wrote: > > > > On 07/24/2018 09:55 AM, Jan Beulich wrote: > > > >

Re: [Xen-devel] [PATCH v4] x86/mm: Add mem access rights to NPT

>>> On 25.07.18 at 11:25, wrote: > On 07/24/2018 01:02 PM, Jan Beulich wrote: > On 24.07.18 at 13:26, wrote: >>> On 07/24/2018 09:55 AM, Jan Beulich wrote: >>> On 23.07.18 at 15:48, wrote: > +{ > +xfree(d->arch.monitor.msr_bitmap); > +return -E

Re: [Xen-devel] [PATCH v4] x86/mm: Add mem access rights to NPT

On Mi, 2018-07-25 at 03:14 -0600, Jan Beulich wrote: > > > > > > > > > > > > > On 25.07.18 at 10:29, wrote: > > > > > > > > +static void p2m_set_access(struct p2m_domain *p2m, unsigned > > > > long > > > > gfn, > > > > +  p2m_access_t a) > > > > +{ > > > > +

Re: [Xen-devel] [PATCH v4] x86/mm: Add mem access rights to NPT

On 07/24/2018 01:02 PM, Jan Beulich wrote: On 24.07.18 at 13:26, wrote: >> On 07/24/2018 09:55 AM, Jan Beulich wrote: >> On 23.07.18 at 15:48, wrote: --- a/xen/arch/x86/mm/mem_access.c +++ b/xen/arch/x86/mm/mem_access.c @@ -221,12 +221,12 @@ bool p2m_mem_access_check(paddr

Re: [Xen-devel] [PATCH v4] x86/mm: Add mem access rights to NPT

>>> On 25.07.18 at 10:29, wrote: >> > >> > +static void p2m_set_access(struct p2m_domain *p2m, unsigned long >> > gfn, >> > + p2m_access_t a) >> > +{ >> > +int rc; >> > + >> > +if ( !p2m->mem_access_settings ) >> > +return; >> No error indicati

Re: [Xen-devel] [PATCH v4] x86/mm: Add mem access rights to NPT

> > > > +static void p2m_set_access(struct p2m_domain *p2m, unsigned long > > gfn, > > +  p2m_access_t a) > > +{ > > +int rc; > > + > > +if ( !p2m->mem_access_settings ) > > +return; > No error indication? I would say ASSERT is a better choice i

Re: [Xen-devel] [PATCH v4] x86/mm: Add mem access rights to NPT

>>> On 24.07.18 at 13:26, wrote: > On 07/24/2018 09:55 AM, Jan Beulich wrote: > On 23.07.18 at 15:48, wrote: >>> --- a/xen/arch/x86/mm/mem_access.c >>> +++ b/xen/arch/x86/mm/mem_access.c >>> @@ -221,12 +221,12 @@ bool p2m_mem_access_check(paddr_t gpa, unsigned long > gla, >>> { >>>

Re: [Xen-devel] [PATCH v4] x86/mm: Add mem access rights to NPT

On 07/24/2018 09:55 AM, Jan Beulich wrote: On 23.07.18 at 15:48, wrote: >> --- a/xen/arch/x86/mm/mem_access.c >> +++ b/xen/arch/x86/mm/mem_access.c >> @@ -221,12 +221,12 @@ bool p2m_mem_access_check(paddr_t gpa, unsigned long >> gla, >> { >> req->u.mem_access.flags |= M

Re: [Xen-devel] [PATCH v4] x86/mm: Add mem access rights to NPT

>>> On 24.07.18 at 11:28, wrote: > On 07/24/2018 11:55 AM, Jan Beulich wrote: >>> +if ( cpu_has_svm && !p2m->mem_access_settings ) >>> +{ >>> +p2m->mem_access_settings = xmalloc(struct radix_tree_root); >>> + >>> +if( !p2m->mem_access_settings ) >> Style. >> >>> +{

Re: [Xen-devel] [PATCH v4] x86/mm: Add mem access rights to NPT

On 07/24/2018 11:55 AM, Jan Beulich wrote: >> +if ( cpu_has_svm && !p2m->mem_access_settings ) >> +{ >> +p2m->mem_access_settings = xmalloc(struct radix_tree_root); >> + >> +if( !p2m->mem_access_settings ) > Style. > >> +{ >> +xfree(d->arch.monitor.msr_b

Re: [Xen-devel] [PATCH v4] x86/mm: Add mem access rights to NPT

>>> On 23.07.18 at 15:48, wrote: > --- a/xen/arch/x86/mm/mem_access.c > +++ b/xen/arch/x86/mm/mem_access.c > @@ -221,12 +221,12 @@ bool p2m_mem_access_check(paddr_t gpa, unsigned long > gla, > { > req->u.mem_access.flags |= MEM_ACCESS_GLA_VALID; > req->u.mem_acc

[Xen-devel] [PATCH v4] x86/mm: Add mem access rights to NPT

From: Isaila Alexandru This patch adds access control for NPT mode. There aren’t enough extra bits to store the access rights in the NPT p2m table, so we add a radix tree to store the rights. For efficiency, remove entries which match the default permissions rather than continuing to store them