On 30/10/2018 00:47, Stefano Stabellini wrote:
On Mon, 8 Oct 2018, Julien Grall wrote:
+ return NULL;
+ }
+
+ /*
+ * Check permission that are assumed by the caller. For instance
+ * in case of guestcopy, the caller assumes that the translated
+ * page can be accessed with the requested permissions. If this
+ * is not the case, we should fail.
+ *
+ * Please note that we do not check for the GV2M_EXEC
+ * permission. This is fine because the hardware-based translation
+ * instruction does not test for execute permissions.
+ */
+ if ( (flags & GV2M_WRITE) && !(perms & GV2M_WRITE) )
+ return NULL;
+
+ mfn = p2m_lookup(d, gaddr_to_gfn(ipa), &t);
+ if ( mfn_eq(INVALID_MFN, mfn) )
+ return NULL;
+
+ /* We consider that RAM is always mapped read-write */
Is the RW assumption required? I can think of a case where RAM is mapped
RO at stage2.
Just laziness for a first implementation. I will see how I can fix it.
}
+ else
+ mfn = maddr_to_mfn(maddr);
- if ( !mfn_valid(maddr_to_mfn(maddr)) )
+ if ( !mfn_valid(mfn) )
{
dprintk(XENLOG_G_DEBUG, "%pv: Invalid MFN %#"PRI_mfn"\n",
- v, mfn_x(maddr_to_mfn(maddr)));
+ v, mfn_x(mfn));
return NULL;
}
- page = mfn_to_page(maddr_to_mfn(maddr));
+ page = mfn_to_page(mfn);
ASSERT(page);
if ( unlikely(!get_page(page, d)) )
--
2.11.0
Cheers,
--
Julien Grall
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel