[xen stable-4.5] x86/mm: Make PV linear pagetables optional

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[xen stable-4.5] x86/mm: Make PV linear pagetables optional

patchbot
commit 42ea1dc425558c5b1f6ad6bf3094a50f8e1a4f59
Author:     George Dunlap <[hidden email]>
AuthorDate: Thu Nov 16 12:17:15 2017 +0100
Commit:     Jan Beulich <[hidden email]>
CommitDate: Thu Nov 16 12:17:15 2017 +0100

    x86/mm: Make PV linear pagetables optional
   
    Allowing pagetables to point to other pagetables of the same level
    (often called 'linear pagetables') has been included in Xen since its
    inception; but recently it has been the source of a number of subtle
    reference-counting bugs.
   
    It is not used by Linux or MiniOS; but it is used by NetBSD and Novell
    Netware.  There are significant numbers of people who are never going
    to use the feature, along with significant numbers who need the
    feature.
   
    Reported-by: Jann Horn <[hidden email]>
    Signed-off-by: George Dunlap <[hidden email]>
    Reviewed-by: Jan Beulich <[hidden email]>
---
 docs/misc/xen-command-line.markdown | 19 +++++++++++++++++++
 xen/arch/x86/mm.c                   |  9 +++++++++
 2 files changed, 28 insertions(+)

diff --git a/docs/misc/xen-command-line.markdown b/docs/misc/xen-command-line.markdown
index 16bfb39..8573f4c 100644
--- a/docs/misc/xen-command-line.markdown
+++ b/docs/misc/xen-command-line.markdown
@@ -1137,6 +1137,25 @@ The following resources are available:
   L3 cache occupancy.
   * `cmt` instructs Xen to enable/disable Cache Monitoring Technology.
   * `rmid_max` indicates the max value for rmid.
+
+### pv-linear-pt
+> `= <boolean>`
+
+> Default: `true`
+
+Only available if Xen is compiled with CONFIG\_PV\_LINEAR\_PT support
+enabled.
+
+Allow PV guests to have pagetable entries pointing to other pagetables
+of the same level (i.e., allowing L2 PTEs to point to other L2 pages).
+This technique is often called "linear pagetables", and is sometimes
+used to allow operating systems a simple way to consistently map the
+current process's pagetables into its own virtual address space.
+
+Linux and MiniOS don't use this technique.  NetBSD and Novell Netware
+do; there may be other custom operating systems which do.  If you're
+certain you don't plan on having PV guests which use this feature,
+turning it off can reduce the attack surface.
 
 ### reboot
 > `= t[riple] | k[bd] | a[cpi] | p[ci] | e[fi] | n[o] [, [w]arm | [c]old]`
diff --git a/xen/arch/x86/mm.c b/xen/arch/x86/mm.c
index a3e42f7..41d13a4 100644
--- a/xen/arch/x86/mm.c
+++ b/xen/arch/x86/mm.c
@@ -734,6 +734,9 @@ static void dec_linear_uses(struct page_info *pg)
  *     frame if it is mapped by a different root table. This is sufficient and
  *     also necessary to allow validation of a root table mapping itself.
  */
+static bool_t __read_mostly opt_pv_linear_pt = 1;
+boolean_param("pv-linear-pt", opt_pv_linear_pt);
+
 #define define_get_linear_pagetable(level)                                  \
 static int                                                                  \
 get_##level##_linear_pagetable(                                             \
@@ -743,6 +746,12 @@ get_##level##_linear_pagetable(                                             \
     struct page_info *page;                                                 \
     unsigned long pfn;                                                      \
                                                                             \
+    if ( !opt_pv_linear_pt )                                                \
+    {                                                                       \
+        MEM_LOG("Attempt to create linear p.t. (feature disabled)\n");      \
+        return 0;                                                           \
+    }                                                                       \
+                                                                            \
     if ( (level##e_get_flags(pde) & _PAGE_RW) )                             \
     {                                                                       \
         MEM_LOG("Attempt to create linear p.t. with write perms");          \
--
generated by git-patchbot for /home/xen/git/xen.git#stable-4.5

_______________________________________________
Xen-changelog mailing list
[hidden email]
https://lists.xenproject.org/xen-changelog