xenbits.xensource.com Git - people/dwmw2/xen.git/commit

author	Julien Grall <julien.grall@arm.com>
	Mon, 18 Mar 2019 18:38:27 +0000 (18:38 +0000)
committer	Julien Grall <julien.grall@arm.com>
	Sun, 16 Jun 2019 20:24:45 +0000 (21:24 +0100)
commit	9cc0618eb09816b166993a62e0d77c4edde6a355
tree	0efc2853a72df3d7ee189a854875579262514187	tree
parent	a61763b450e7f920db798cd4556711d62fd97415	commit \| diff

xen/arm: mm: Sanity check any update of Xen page tables

The code handling Xen PT update has quite a few restrictions on what it
can do. This is not a bad thing as it keeps the code simple.

There are already a few checks scattered in current page table handling.
However they are not sufficient as they could still allow to
modify/remove entry with contiguous bit set.

The checks are divided in two sets:
    - per entry check: They are gathered in a new function that will
    check whether an update is valid based on the flags passed and the
    current value of an entry.
    - global check: They are sanity check on xen_pt_update() parameters.

Additionally to contiguous check, we also now check that the caller is
not trying to modify the memory attributes of an entry.

Lastly, it was probably a bit over the top to forbid removing an
invalid mapping. This could just be ignored. The new behavior will be
helpful in future changes.

Signed-off-by: Julien Grall <julien.grall@arm.com>
Reviewed-by: Andrii Anisov <andrii_anisov@epam.com>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>