Hi,
On Wed, Dec 27, 2017 at 1:46 PM, Volodymyr Babchuk vlad.babchuk@gmail.com wrote:
Hell all,
Just a small update and one question.
Currently I have the PoC for proposed approach. Right now it halfly consist of hacks, but anyways, I'm able to run xtest in two domains in parallel. And it even passes :)
Congrats! :-)
If someone is really interested, then you can find this PoC at [1]. But it is in very pity state. I'm reworking it shape into something that can be pushed for a review.
And so I have a question. One of my changes introduces new VA space, where I map whole secure RAM. This simplifies guests pagetables management and some other tasks. Something similar is done in the pager code, but pager creates alias mappings in runtime, only for pages that it want to access. But for me it is easier to have a static view of a whole secure RAM, than to remap needed pages in runtime. So, this is my question: is that design decision in pager was intentional? Like, from security standpoint it is better not to have whole secure RAM mapped or something like that...
The pager does that to avoid leaving aliases of pages read-write enabled while read-only-exec at the place where it's used.
There are two options before me: I can leave whole secure RAM mapped and make pager to use this mapping, or I can make my code to behave like pager (i.e. map needed pages dynamically).
I think you should map needed pages dynamically.
Also I'm not that happy about tagging __kdata and __kbss directly in the code, it's easy to miss applying one. The way we're partitioning the memory for the pager and init code could be applied here too. That isn't 100% robust either, but it usually results in build error instead of some hard to find corruption. If you don't feel to comfortable with implementing that yourself I can do that once everything else is in place.
What do you think?
I sounds like you're progressing well. I'll wait with looking at the code until you think it's ready for review.
[1] https://github.com/lorc/optee_os/tree/virt_hard
-- WBR Volodymyr Babchuk aka lorc [+380976646013] mailto: vlad.babchuk@gmail.com