On 16/06/2025 09:35, Jan Beulich wrote:
> On 16.06.2025 08:56, Michal Orzel wrote:
>> Fix the condition part of the for loop in p2m_invalidate_root() that
>> uses P2M_ROOT_LEVEL instead of P2M_ROOT_PAGES. The goal here is to
>> invalidate all root page tables (that can be concatenated), so the loop
>> must iterate through all these pages. Root level can be 0 or 1, whereas
>> there can be 1,2,8,16 root pages. The issue may lead to some pages
>> not being invalidated and therefore the guest access won't be trapped.
>> We use it to track pages accessed by guest for set/way emulation provided
>> no IOMMU, IOMMU not enabled for the domain or P2M not shared with IOMMU.
>
> IOW no security concerns?
I discussed this with Julien and we don't think there are any.
>
>> Fixes: 2148a125b73b ("xen/arm: Track page accessed between batch of Set/Way
>> operations")
>> Signed-off-by: Michal Orzel <michal.or...@amd.com>
>
> Credit Oleksii with a Reported-by?
Sure thing:
Reported-by: Oleksii Kurochko <oleksii.kuroc...@gmail.com>
~Michal
