[PATCH 1/2] ARM: kvm: define PAGE_S2_DEVICE as read-only by default
Peter Maydell
peter.maydell at linaro.org
Sun Sep 14 20:37:53 PDT 2014
On 14 September 2014 15:57, Ard Biesheuvel <ard.biesheuvel at linaro.org> wrote:
> So, in summary, there is a concern that a malicious guest may request
> a cachable mapping for a device range, in an attempt to manipulate the
> VGIC or other device memory of another VM.
> I think that concern only applies to writable mappings
I think it also applies to read-only mappings, because it would
still be permitting the guest to set up a situation with mismatched
memory attributes with potentially unpleasant effects for the
other guest (which no longer gets the guarantees it should
get from the fact it has mapped the VGIC as Device memory).
thanks
-- PMM
More information about the linux-arm-kernel
mailing list