Am Wed, 23 Aug 2017 19:40:09 -0400 schrieb Jan Kiszka <[email protected]>:
> From: Jan Kiszka <[email protected]> > > Specify in the docs and implement in the configuration files that > cells with passive comm regions have only read access to it. This > avoids that a passive cell, i.e. one that should also not be able to > prevent configuration changes, can block them by declaring itself > "running/ locked". > > Instead of checking in the hypervisor that a cell config does not > permit writes to passive comm regions, we should eventually validate > this offline via a config checker. > > Signed-off-by: Jan Kiszka <[email protected]> Consider adding Gustavo as reporter. Technically you found it but he started the process. Henning > --- > Documentation/hypervisor-interfaces.txt | 8 +++++--- > configs/e1000-demo.c | 3 +-- > configs/ioapic-demo.c | 3 +-- > configs/ivshmem-demo.c | 3 +-- > configs/linux-x86-demo.c | 3 +-- > configs/pci-demo.c | 3 +-- > configs/smp-demo.c | 3 +-- > configs/tiny-demo.c | 3 +-- > 8 files changed, 12 insertions(+), 17 deletions(-) > > diff --git a/Documentation/hypervisor-interfaces.txt > b/Documentation/hypervisor-interfaces.txt index ac10c9af..0e529db0 > 100644 --- a/Documentation/hypervisor-interfaces.txt > +++ b/Documentation/hypervisor-interfaces.txt > @@ -273,10 +273,12 @@ Communication Region > -------------------- > > The communication region is a per-cell shared memory area that both > the -hypervisor and the particular cell can read from and write to. > It is an -optional communication mechanism. If the region shall be > used by a cell, it +hypervisor and the particular cell can read from > and write to by default. It is +an optional communication mechanism. > If the region shall be used by a cell, it has to be mapped into the > cell's address space via its configuration (see [2] -for details). > +for details). If the cell is configured to be passive with respect > to the +communication region (cell flag > JAILHOUSE_CELL_PASSIVE_COMMREG) and the region +is mapped, it has to > be declared read-only in the cell configuration. > > Communication region layout > diff --git a/configs/e1000-demo.c b/configs/e1000-demo.c > index ef9314cf..59a350ff 100644 > --- a/configs/e1000-demo.c > +++ b/configs/e1000-demo.c > @@ -56,8 +56,7 @@ struct { > /* communication region */ { > .virt_start = 0x00100000, > .size = 0x00001000, > - .flags = JAILHOUSE_MEM_READ | > JAILHOUSE_MEM_WRITE | > - JAILHOUSE_MEM_COMM_REGION, > + .flags = JAILHOUSE_MEM_READ | > JAILHOUSE_MEM_COMM_REGION, }, > /* e1000 BAR0 */ { > .phys_start = 0xfebc0000, > diff --git a/configs/ioapic-demo.c b/configs/ioapic-demo.c > index 042d3a70..4f12d12a 100644 > --- a/configs/ioapic-demo.c > +++ b/configs/ioapic-demo.c > @@ -53,8 +53,7 @@ struct { > /* communication region */ { > .virt_start = 0x00100000, > .size = 0x00001000, > - .flags = JAILHOUSE_MEM_READ | > JAILHOUSE_MEM_WRITE | > - JAILHOUSE_MEM_COMM_REGION, > + .flags = JAILHOUSE_MEM_READ | > JAILHOUSE_MEM_COMM_REGION, }, > }, > > diff --git a/configs/ivshmem-demo.c b/configs/ivshmem-demo.c > index 230b9ccc..8fa991fe 100644 > --- a/configs/ivshmem-demo.c > +++ b/configs/ivshmem-demo.c > @@ -52,8 +52,7 @@ struct { > /* communication region */ { > .virt_start = 0x00100000, > .size = 0x00001000, > - .flags = JAILHOUSE_MEM_READ | > JAILHOUSE_MEM_WRITE | > - JAILHOUSE_MEM_COMM_REGION, > + .flags = JAILHOUSE_MEM_READ | > JAILHOUSE_MEM_COMM_REGION, }, > /* IVSHMEM shared memory region */ > { > diff --git a/configs/linux-x86-demo.c b/configs/linux-x86-demo.c > index c4721247..27c972df 100644 > --- a/configs/linux-x86-demo.c > +++ b/configs/linux-x86-demo.c > @@ -65,8 +65,7 @@ struct { > /* communication region */ { > .virt_start = 0x00100000, > .size = 0x00001000, > - .flags = JAILHOUSE_MEM_READ | > JAILHOUSE_MEM_WRITE | > - JAILHOUSE_MEM_COMM_REGION, > + .flags = JAILHOUSE_MEM_READ | > JAILHOUSE_MEM_COMM_REGION, }, > /* high RAM */ { > .phys_start = 0x3b700000, > diff --git a/configs/pci-demo.c b/configs/pci-demo.c > index 087f388f..b15d4e0a 100644 > --- a/configs/pci-demo.c > +++ b/configs/pci-demo.c > @@ -55,8 +55,7 @@ struct { > /* communication region */ { > .virt_start = 0x00100000, > .size = 0x00001000, > - .flags = JAILHOUSE_MEM_READ | > JAILHOUSE_MEM_WRITE | > - JAILHOUSE_MEM_COMM_REGION, > + .flags = JAILHOUSE_MEM_READ | > JAILHOUSE_MEM_COMM_REGION, }, > /* HDA BAR0 */ { > .phys_start = 0xfebd4000, > diff --git a/configs/smp-demo.c b/configs/smp-demo.c > index 9a157edc..f05f029f 100644 > --- a/configs/smp-demo.c > +++ b/configs/smp-demo.c > @@ -51,8 +51,7 @@ struct { > /* communication region */ { > .virt_start = 0x00100000, > .size = 0x00001000, > - .flags = JAILHOUSE_MEM_READ | > JAILHOUSE_MEM_WRITE | > - JAILHOUSE_MEM_COMM_REGION, > + .flags = JAILHOUSE_MEM_READ | > JAILHOUSE_MEM_COMM_REGION, }, > }, > > diff --git a/configs/tiny-demo.c b/configs/tiny-demo.c > index f567cbef..f31ac96b 100644 > --- a/configs/tiny-demo.c > +++ b/configs/tiny-demo.c > @@ -53,8 +53,7 @@ struct { > /* communication region */ { > .virt_start = 0x00100000, > .size = 0x00001000, > - .flags = JAILHOUSE_MEM_READ | > JAILHOUSE_MEM_WRITE | > - JAILHOUSE_MEM_COMM_REGION, > + .flags = JAILHOUSE_MEM_READ | > JAILHOUSE_MEM_COMM_REGION, }, > }, > -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
