thr3ads.net - Xen devel - [Xen-devel] [RFO] Action when bad address passed in hypercall by guest [Mar 2009]

If this information is useful, please help other people find it:
Share via:

Dan Magenheimer

2009-Mar-19 17:01 UTC

[Xen-devel] [RFO] Action when bad address passed in hypercall by guest

Request for opinions:

In tmem, for most hypercalls the (PV only) guest passes a gfn
(guest machine frame number).

What is the appropriate action if the gfn is "bad" (specifically
fails the p2m_ram_rw test from gfn_to_mfn)?

A) Ignore it (but return an error from the hypercall)
B) __domain_crash() as the guest is surely broken or malicious
C) ???

So far I haven''t seen this, but the existing code I have for
this case -- ASSERT(0) -- is certainly wrong ;-)

Thanks,
Dan

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Keir Fraser

2009-Mar-19 17:07 UTC

head link

Re: [Xen-devel] [RFO] Action when bad address passed in hypercall by guest

On 19/03/2009 17:01, "Dan Magenheimer"
<dan.magenheimer@oracle.com> wrote:
> hat is the appropriate action if the gfn is "bad" (specifically
> fails the p2m_ram_rw test from gfn_to_mfn)?
> 
> A) Ignore it (but return an error from the hypercall)
> B) __domain_crash() as the guest is surely broken or malicious
Probably return an error to the caller.

 -- Keir



_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Xen devel - Mar 2009 - [RFO] Action when bad address passed in hypercall by guest

[Xen-devel] [RFO] Action when bad address passed in hypercall by guest

Re: [Xen-devel] [RFO] Action when bad address passed in hypercall by guest