Re: [PATCH v6 12/12] KVM: indicate readonly access fault

[Avi Kivity]

On 09/07/2012 12:56 PM, Xiao Guangrong wrote:
> On 09/06/2012 10:09 PM, Avi Kivity wrote:
>> On 08/22/2012 03:47 PM, Xiao Guangrong wrote:
>>> On 08/22/2012 08:06 PM, Avi Kivity wrote:
>>>> On 08/21/2012 06:03 AM, Xiao Guangrong wrote:
>>>>> Introduce write_readonly_mem in mmio-exit-info to indicate this exit is
>>>>> caused by write access on readonly memslot
>>>>
>>>> Please document this in chapter 5 of apic.txt.
>>>>
>>>
>>> Okay, please review this one.
>>>
>>> Subject: [PATCH v6 12/12] KVM: indicate readonly access fault
>>>
>>> Introduce write_readonly_mem in mmio-exit-info to indicate this exit is
>>> caused by write access on readonly memslot
>>>
>> 
>> I'm not sure whether this indication can be trusted by userspace.  By
>> the time userspace gets to process this, the slot may no longer exist,
>> or it may be writable.
> 
> The case of deleting memslot is ok, because userspace just skips this fault
> if no readonly mem or no fault handler can be found.
> 
> Switching memslot from readonly to writable sounds strange, i agree with you
> that this flag is untrusty under this case.

It's not so strange, see the PAM registers in the 440fx chipset.

The strategy for shadowing the BIOS is to set PAM for (read: pci, write:
RAM) (=a readonly slot in kvm), memcpy the BIOS onto itself, then switch
the PAM to (read: RAM, write: RAM) (=rw slot in kvm) or (read: RAM,
write: PCI) (=different readonly slot in kvm).

Of course that usually happens with just one cpu running so there would
be no confusion.  But in general the indication is racy.

-- 
error compiling committee.c: too many arguments to function
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/