All of
 help / color / mirror / Atom feed
From: Itaru Kitayama <>
To: Christoffer Dall <>
Cc: Marc Zyngier <>,
	"" <>
Subject: Re: [PATCH] KVM: arm64: Check GICV address is placed at a 4Kb boundary
Date: Thu, 30 Jun 2016 12:23:17 +0900	[thread overview]
Message-ID: <> (raw)
In-Reply-To: <20160629124342.GV26498@cbox>


On 6/29/16 9:43 PM, Christoffer Dall wrote:
> Doesn't this change carry the risk of KVM mapping a page (larger than
> 4K) containing other things than the GICV interface into the guest,
> potentially breaking isolation of the VM from host hardware resources?

I still suspect the 64Kb long region is filled with 16 copies of first 
4Kb of GICV, as Joel said in a thread two years ago when Marc introduced 
sub-page alignment patch:

. So with that patch applied, a VM always boots on a 64Kb page granular 
host, thanks to the multiple copies of the first part of GICV, but it'll 
have a problem accessing the GICV_DIR register that is
placed at the second 4Kb of region mapped for GICV.

For the ACPI enabled systems, the check of physical address of the 
virtual cpu interface is page aligned only works for 4Kb page granular 
kernels, so the patch is still required, though I need to come up with 
another patch that does map GICV to guest's physical address space 
taking care of the offset in the presence of the new VGIC code.

      reply	other threads:[~2016-06-30  3:18 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-06-29  6:22 Itaru Kitayama
2016-06-29 12:43 ` Christoffer Dall
2016-06-30  3:23   ` Itaru Kitayama [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \ \ \ \ \ \
    --subject='Re: [PATCH] KVM: arm64: Check GICV address is placed at a 4Kb boundary' \

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.