Re: [PATCH] xen: add gntdev

To: Thor Lancelot Simon <tls%panix.com@localhost>
Subject: Re: [PATCH] xen: add gntdev
From: Manuel Bouyer <bouyer%antioche.eu.org@localhost>
Date: Wed, 5 Dec 2012 11:15:51 +0100

On Tue, Dec 04, 2012 at 03:07:39PM -0500, Thor Lancelot Simon wrote:
> On Tue, Dec 04, 2012 at 04:26:19PM +0100, Roger Pau Monn? wrote:
> > 
> > Independently of what we end up doing as default for handling raw file
> > disks, could someone review this code?
> > 
> > It's the first time I've done a device, so someone with more experience
> > should review it.
> 
> I am not sure I entirely follow what this code's doing, but it seems to
> me it may allow arbitrary physical pages to be exposed to userspace
> processes in dom0 -- or in a domU, albeit only if dom0 userspace says so.
> 
> Is that a correct understanding of one of its effects?  If so, there's
> a problem, since not being able to do precisely that is one important
> assumption of the 4.4BSD security model.

If I read it properly, It allows only to map pages that are part of a
grant. You provide the ioctl a grant reference, and this is what
the driver uses to find the physical pages. So it should be limited to
pages that are referenced by a grant.

-- 
Manuel Bouyer <bouyer%antioche.eu.org@localhost>
     NetBSD: 26 ans d'experience feront toujours la difference
--

Follow-Ups:
- Re: [PATCH] xen: add gntdev
  - From: Roger Pau Monné

References:
- [PATCH] xen: add gntdev
  - From: Roger Pau Monne
- Re: [PATCH] xen: add gntdev
  - From: Roger Pau Monné
- Re: [PATCH] xen: add gntdev
  - From: Thor Lancelot Simon

Prev by Date: Re: [PATCH] xen: add gntdev
Next by Date: Re: [PATCH] xen: add gntdev
Previous by Thread: Re: [PATCH] xen: add gntdev
Next by Thread: Re: [PATCH] xen: add gntdev
Indexes:

Home | Main Index | Thread Index | Old Index