diff options
author | Keir Fraser <keir.fraser@citrix.com> | 2008-11-03 10:32:54 +0000 |
---|---|---|
committer | Keir Fraser <keir.fraser@citrix.com> | 2008-11-03 10:32:54 +0000 |
commit | 03dc0c1ae5dbc76d054844d6303c8b37d030adce (patch) | |
tree | 67ba6ba07d66cd7a920512666b94f88140718253 /xen/include/asm-x86/x86_64 | |
parent | 18a4292db0f4f65c61806a92ea4eef89418a6c1b (diff) | |
download | xen-03dc0c1ae5dbc76d054844d6303c8b37d030adce.tar.gz xen-03dc0c1ae5dbc76d054844d6303c8b37d030adce.tar.bz2 xen-03dc0c1ae5dbc76d054844d6303c8b37d030adce.zip |
x86: Fix GRANT_PTE_FLAGS.
Since page table entries created through e.g. GNTTABOP_map_grant_ref
are being passed through adjust_guest_l1e(), they must not generally
get _PAGE_USER set - this will be taken care of by adjust_guest_l1e(),
and it will ensure that these don't get _PAGE_GLOBAL set
inadvertently.
Due to the implied security aspect here (_PAGE_GLOBAL getting set on
kernel pages for x86-64), I'd like to ask that this also be applied to
older maintained branches.
At the same time, set _PAGE_NX for pte-s created for grants (as long
as hardware supports it), since it should be only data pages that remote
domains are being given access to.
Signed-off-by: Jan Beulich <jbeulich@novell.com>
Diffstat (limited to 'xen/include/asm-x86/x86_64')
-rw-r--r-- | xen/include/asm-x86/x86_64/page.h | 3 |
1 files changed, 0 insertions, 3 deletions
diff --git a/xen/include/asm-x86/x86_64/page.h b/xen/include/asm-x86/x86_64/page.h index 494a877caf..948cd656f0 100644 --- a/xen/include/asm-x86/x86_64/page.h +++ b/xen/include/asm-x86/x86_64/page.h @@ -124,9 +124,6 @@ typedef l4_pgentry_t root_pgentry_t; #define PAGE_HYPERVISOR (__PAGE_HYPERVISOR | _PAGE_GLOBAL) #define PAGE_HYPERVISOR_NOCACHE (__PAGE_HYPERVISOR_NOCACHE | _PAGE_GLOBAL) -#define GRANT_PTE_FLAGS \ - (_PAGE_PRESENT|_PAGE_ACCESSED|_PAGE_DIRTY|_PAGE_GNTTAB|_PAGE_USER) - #define USER_MAPPINGS_ARE_GLOBAL #ifdef USER_MAPPINGS_ARE_GLOBAL /* |