From e9cc3114520496b8ecdce1028cf0a7a705addb39 Mon Sep 17 00:00:00 2001 From: "kfraser@localhost.localdomain" Date: Thu, 16 Nov 2006 10:52:03 +0000 Subject: [PATCH] [HVM] Disallow PTE updates and MMIO accesses from hypervisor mode (prevents copy_to/from_guest from causing problems, for example). Signed-off-by: Keir Fraser --- xen/arch/x86/mm/shadow/multi.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/xen/arch/x86/mm/shadow/multi.c b/xen/arch/x86/mm/shadow/multi.c index ba15cb65d2..76e4dfc8e6 100644 --- a/xen/arch/x86/mm/shadow/multi.c +++ b/xen/arch/x86/mm/shadow/multi.c @@ -2798,8 +2798,9 @@ static int sh_page_fault(struct vcpu *v, * We do not emulate user writes. Instead we use them as a hint that the * page is no longer a page table. This behaviour differs from native, but * it seems very unlikely that any OS grants user access to page tables. + * We also disallow guest PTE updates from within Xen. */ - if ( (regs->error_code & PFEC_user_mode) || + if ( (regs->error_code & PFEC_user_mode) || !guest_mode(regs) || x86_emulate_memop(&emul_ctxt, &shadow_emulator_ops) ) { SHADOW_PRINTK("emulator failure, unshadowing mfn %#lx\n", @@ -2839,6 +2840,8 @@ static int sh_page_fault(struct vcpu *v, goto done; mmio: + if ( !guest_mode(regs) ) + goto not_a_shadow_fault; perfc_incrc(shadow_fault_mmio); sh_audit_gw(v, &gw); unmap_walk(v, &gw); -- 2.30.2