From: Jan Kiszka <[email protected]> Specify in the docs and implement in the configuration files that cells with passive comm regions have only read access to it. This avoids that a passive cell, i.e. one that should also not be able to prevent configuration changes, can block them by declaring itself "running/ locked".
Instead of checking in the hypervisor that a cell config does not permit writes to passive comm regions, we should eventually validate this offline via a config checker. Signed-off-by: Jan Kiszka <[email protected]> --- Documentation/hypervisor-interfaces.txt | 8 +++++--- configs/e1000-demo.c | 3 +-- configs/ioapic-demo.c | 3 +-- configs/ivshmem-demo.c | 3 +-- configs/linux-x86-demo.c | 3 +-- configs/pci-demo.c | 3 +-- configs/smp-demo.c | 3 +-- configs/tiny-demo.c | 3 +-- 8 files changed, 12 insertions(+), 17 deletions(-) diff --git a/Documentation/hypervisor-interfaces.txt b/Documentation/hypervisor-interfaces.txt index ac10c9af..0e529db0 100644 --- a/Documentation/hypervisor-interfaces.txt +++ b/Documentation/hypervisor-interfaces.txt @@ -273,10 +273,12 @@ Communication Region -------------------- The communication region is a per-cell shared memory area that both the -hypervisor and the particular cell can read from and write to. It is an -optional communication mechanism. If the region shall be used by a cell, it +hypervisor and the particular cell can read from and write to by default. It is +an optional communication mechanism. If the region shall be used by a cell, it has to be mapped into the cell's address space via its configuration (see [2] -for details). +for details). If the cell is configured to be passive with respect to the +communication region (cell flag JAILHOUSE_CELL_PASSIVE_COMMREG) and the region +is mapped, it has to be declared read-only in the cell configuration. Communication region layout diff --git a/configs/e1000-demo.c b/configs/e1000-demo.c index ef9314cf..59a350ff 100644 --- a/configs/e1000-demo.c +++ b/configs/e1000-demo.c @@ -56,8 +56,7 @@ struct { /* communication region */ { .virt_start = 0x00100000, .size = 0x00001000, - .flags = JAILHOUSE_MEM_READ | JAILHOUSE_MEM_WRITE | - JAILHOUSE_MEM_COMM_REGION, + .flags = JAILHOUSE_MEM_READ | JAILHOUSE_MEM_COMM_REGION, }, /* e1000 BAR0 */ { .phys_start = 0xfebc0000, diff --git a/configs/ioapic-demo.c b/configs/ioapic-demo.c index 042d3a70..4f12d12a 100644 --- a/configs/ioapic-demo.c +++ b/configs/ioapic-demo.c @@ -53,8 +53,7 @@ struct { /* communication region */ { .virt_start = 0x00100000, .size = 0x00001000, - .flags = JAILHOUSE_MEM_READ | JAILHOUSE_MEM_WRITE | - JAILHOUSE_MEM_COMM_REGION, + .flags = JAILHOUSE_MEM_READ | JAILHOUSE_MEM_COMM_REGION, }, }, diff --git a/configs/ivshmem-demo.c b/configs/ivshmem-demo.c index 230b9ccc..8fa991fe 100644 --- a/configs/ivshmem-demo.c +++ b/configs/ivshmem-demo.c @@ -52,8 +52,7 @@ struct { /* communication region */ { .virt_start = 0x00100000, .size = 0x00001000, - .flags = JAILHOUSE_MEM_READ | JAILHOUSE_MEM_WRITE | - JAILHOUSE_MEM_COMM_REGION, + .flags = JAILHOUSE_MEM_READ | JAILHOUSE_MEM_COMM_REGION, }, /* IVSHMEM shared memory region */ { diff --git a/configs/linux-x86-demo.c b/configs/linux-x86-demo.c index c4721247..27c972df 100644 --- a/configs/linux-x86-demo.c +++ b/configs/linux-x86-demo.c @@ -65,8 +65,7 @@ struct { /* communication region */ { .virt_start = 0x00100000, .size = 0x00001000, - .flags = JAILHOUSE_MEM_READ | JAILHOUSE_MEM_WRITE | - JAILHOUSE_MEM_COMM_REGION, + .flags = JAILHOUSE_MEM_READ | JAILHOUSE_MEM_COMM_REGION, }, /* high RAM */ { .phys_start = 0x3b700000, diff --git a/configs/pci-demo.c b/configs/pci-demo.c index 087f388f..b15d4e0a 100644 --- a/configs/pci-demo.c +++ b/configs/pci-demo.c @@ -55,8 +55,7 @@ struct { /* communication region */ { .virt_start = 0x00100000, .size = 0x00001000, - .flags = JAILHOUSE_MEM_READ | JAILHOUSE_MEM_WRITE | - JAILHOUSE_MEM_COMM_REGION, + .flags = JAILHOUSE_MEM_READ | JAILHOUSE_MEM_COMM_REGION, }, /* HDA BAR0 */ { .phys_start = 0xfebd4000, diff --git a/configs/smp-demo.c b/configs/smp-demo.c index 9a157edc..f05f029f 100644 --- a/configs/smp-demo.c +++ b/configs/smp-demo.c @@ -51,8 +51,7 @@ struct { /* communication region */ { .virt_start = 0x00100000, .size = 0x00001000, - .flags = JAILHOUSE_MEM_READ | JAILHOUSE_MEM_WRITE | - JAILHOUSE_MEM_COMM_REGION, + .flags = JAILHOUSE_MEM_READ | JAILHOUSE_MEM_COMM_REGION, }, }, diff --git a/configs/tiny-demo.c b/configs/tiny-demo.c index f567cbef..f31ac96b 100644 --- a/configs/tiny-demo.c +++ b/configs/tiny-demo.c @@ -53,8 +53,7 @@ struct { /* communication region */ { .virt_start = 0x00100000, .size = 0x00001000, - .flags = JAILHOUSE_MEM_READ | JAILHOUSE_MEM_WRITE | - JAILHOUSE_MEM_COMM_REGION, + .flags = JAILHOUSE_MEM_READ | JAILHOUSE_MEM_COMM_REGION, }, }, -- 2.12.3 -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
