xenbits.xensource.com Git - qemu-upstream-unstable.git/commit

author	Paul Durrant <paul.durrant@citrix.com>
	Tue, 20 Jan 2015 11:06:19 +0000 (11:06 +0000)
committer	Stefano Stabellini <stefano.stabellini@eu.citrix.com>
	Tue, 27 Jan 2015 13:56:38 +0000 (13:56 +0000)
commit	7665d6ba98e20fb05c420de947c1750fd47e5c07
tree	4e5fc80595471b9cd3255a27d8b58682ab996d2e	tree
parent	9026dca821a61b72983778e3dcd92cfc34b02e8b	commit \| diff

Xen: Use the ioreq-server API when available

The ioreq-server API added to Xen 4.5 offers better security than
the existing Xen/QEMU interface because the shared pages that are
used to pass emulation request/results back and forth are removed
from the guest's memory space before any requests are serviced.
This prevents the guest from mapping these pages (they are in a
well known location) and attempting to attack QEMU by synthesizing
its own request structures. Hence, this patch modifies configure
to detect whether the API is available, and adds the necessary
code to use the API if it is.

upstream-commit-id: 3996e85c1822e05c50250f8d2d1e57b6bea1229d

Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>

configure		diff \| blob \| blame \| history
include/hw/xen/xen_common.h		diff \| blob \| blame \| history
trace-events		diff \| blob \| blame \| history
xen-hvm.c		diff \| blob \| blame \| history