On 03.03.2020 13:23, Alexandru Stefan ISAILA wrote: > At this moment a guest can call vmfunc to change the altp2m view. This > should be limited in order to avoid any unwanted view switch. > > The new xc_altp2m_set_visibility() solves this by making views invisible > to vmfunc. > This is done by having a separate arch.altp2m_working_eptp that is > populated and made invalid in the same places as altp2m_eptp. This is > written to EPTP_LIST_ADDR. > The views are made in/visible by marking them with INVALID_MFN or > copying them back from altp2m_eptp. > To have consistency the visibility also applies to > p2m_switch_domain_altp2m_by_id(). > > Note: If altp2m mode is set to mixed the guest is able to change the view > visibility and then call vmfunc. > > Signed-off-by: Alexandru Isaila <aisa...@bitdefender.com>
Hypervisor parts Reviewed-by: Jan Beulich <jbeul...@suse.com> _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
