On 31.03.2020 10:43, Jan Beulich wrote:
On 30.03.2020 08:54, Alexandru Isaila wrote:
At this moment a guest can call vmfunc to change the altp2m view. This
should be limited in order to avoid any unwanted view switch.
The new xc_altp2m_set_visibility() solves this by making views invisible
to vmfunc.
This is done by having a separate arch.altp2m_working_eptp that is
populated and made invalid in the same places as altp2m_eptp. This is
written to EPTP_LIST_ADDR.
The views are made in/visible by marking them with INVALID_MFN or
copying them back from altp2m_eptp.
To have consistency the visibility also applies to
p2m_switch_domain_altp2m_by_id().
The usage of this hypercall is aimed at dom0 having a logic with a number of
views
created and at some time there is a need to be sure that only some of the views
can be switched, saving the rest and making them visible when the time
is right.
Note: If altp2m mode is set to mixed the guest is able to change the view
visibility and then call vmfunc.
Signed-off-by: Alexandru Isaila <aisa...@bitdefender.com>
For v6 I did provide a hypervisor side R-b; I didn't think ...
No you didn't.
Changes since V6:
- Update commit message.
... this alone would have warranted to drop it?
I don't think so and if you provide a r-b now I will add it if it will
be a need for another version (if nothing big changes).
Thanks,
Alex