ia64/xen-unstable

changeset 18756:4ec25db9326a

x86: Fix GRANT_PTE_FLAGS.

Since page table entries created through e.g. GNTTABOP_map_grant_ref
are being passed through adjust_guest_l1e(), they must not generally
get _PAGE_USER set - this will be taken care of by adjust_guest_l1e(),
and it will ensure that these don't get _PAGE_GLOBAL set
inadvertently.

Due to the implied security aspect here (_PAGE_GLOBAL getting set on
kernel pages for x86-64), I'd like to ask that this also be applied to
older maintained branches.

At the same time, set _PAGE_NX for pte-s created for grants (as long
as hardware supports it), since it should be only data pages that remote
domains are being given access to.

Signed-off-by: Jan Beulich <jbeulich@novell.com>
author Keir Fraser <keir.fraser@citrix.com>
date Mon Nov 03 10:32:54 2008 +0000 (2008-11-03)
parents 540483d2a98f
children 43a079fd50fd
files xen/include/asm-x86/page.h xen/include/asm-x86/x86_32/page.h xen/include/asm-x86/x86_64/page.h
line diff
     1.1 --- a/xen/include/asm-x86/page.h	Mon Nov 03 10:32:02 2008 +0000
     1.2 +++ b/xen/include/asm-x86/page.h	Mon Nov 03 10:32:54 2008 +0000
     1.3 @@ -314,6 +314,9 @@ unsigned long clone_idle_pagetable(struc
     1.4  #define __PAGE_HYPERVISOR_NOCACHE \
     1.5      (_PAGE_PRESENT | _PAGE_RW | _PAGE_DIRTY | _PAGE_PCD | _PAGE_ACCESSED)
     1.6  
     1.7 +#define GRANT_PTE_FLAGS \
     1.8 +    (_PAGE_PRESENT | _PAGE_ACCESSED | _PAGE_DIRTY | _PAGE_NX | _PAGE_GNTTAB)
     1.9 +
    1.10  #ifndef __ASSEMBLY__
    1.11  
    1.12  static inline int get_order_from_bytes(paddr_t size)
     2.1 --- a/xen/include/asm-x86/x86_32/page.h	Mon Nov 03 10:32:02 2008 +0000
     2.2 +++ b/xen/include/asm-x86/x86_32/page.h	Mon Nov 03 10:32:54 2008 +0000
     2.3 @@ -105,9 +105,6 @@ extern unsigned int PAGE_HYPERVISOR_NOCA
     2.4  #define get_pte_flags(x) (((int)((x) >> 32) & ~0xFFF) | ((int)(x) & 0xFFF))
     2.5  #define put_pte_flags(x) (((intpte_t)((x) & ~0xFFF) << 32) | ((x) & 0xFFF))
     2.6  
     2.7 -#define GRANT_PTE_FLAGS \
     2.8 -    (_PAGE_PRESENT|_PAGE_ACCESSED|_PAGE_DIRTY|_PAGE_GNTTAB)
     2.9 -
    2.10  /*
    2.11   * Disallow unused flag bits plus PAT/PSE, PCD, PWT and GLOBAL.
    2.12   * Permit the NX bit if the hardware supports it.
     3.1 --- a/xen/include/asm-x86/x86_64/page.h	Mon Nov 03 10:32:02 2008 +0000
     3.2 +++ b/xen/include/asm-x86/x86_64/page.h	Mon Nov 03 10:32:54 2008 +0000
     3.3 @@ -124,9 +124,6 @@ typedef l4_pgentry_t root_pgentry_t;
     3.4  #define PAGE_HYPERVISOR         (__PAGE_HYPERVISOR         | _PAGE_GLOBAL)
     3.5  #define PAGE_HYPERVISOR_NOCACHE (__PAGE_HYPERVISOR_NOCACHE | _PAGE_GLOBAL)
     3.6  
     3.7 -#define GRANT_PTE_FLAGS \
     3.8 -    (_PAGE_PRESENT|_PAGE_ACCESSED|_PAGE_DIRTY|_PAGE_GNTTAB|_PAGE_USER)
     3.9 -
    3.10  #define USER_MAPPINGS_ARE_GLOBAL
    3.11  #ifdef USER_MAPPINGS_ARE_GLOBAL
    3.12  /*