Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753778AbdLSTo4 (ORCPT ); Tue, 19 Dec 2017 14:44:56 -0500 Received: from mga01.intel.com ([192.55.52.88]:17633 "EHLO mga01.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753175AbdLSTgv (ORCPT ); Tue, 19 Dec 2017 14:36:51 -0500 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.45,428,1508828400"; d="scan'208";a="4018587" From: Dongwon Kim To: linux-kernel@vger.kernel.org Cc: dri-devel@lists.freedesktop.org, xen-devel@lists.xenproject.org, mateuszx.potrola@intel.com, dongwon.kim@intel.com Subject: [RFC PATCH 32/60] hyper_dmabuf: make all shared pages read-only Date: Tue, 19 Dec 2017 11:29:48 -0800 Message-Id: <1513711816-2618-32-git-send-email-dongwon.kim@intel.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1513711816-2618-1-git-send-email-dongwon.kim@intel.com> References: <1513711816-2618-1-git-send-email-dongwon.kim@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2690 Lines: 77 All shared pages need to be read-only from importer's point of view to prevent the buffer from being corrupted. This patch may need to be reverted if we find a better way to protect the original content in this sharing model. Signed-off-by: Dongwon Kim --- drivers/xen/hyper_dmabuf/xen/hyper_dmabuf_xen_shm.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/drivers/xen/hyper_dmabuf/xen/hyper_dmabuf_xen_shm.c b/drivers/xen/hyper_dmabuf/xen/hyper_dmabuf_xen_shm.c index c6a2993..1416a69 100644 --- a/drivers/xen/hyper_dmabuf/xen/hyper_dmabuf_xen_shm.c +++ b/drivers/xen/hyper_dmabuf/xen/hyper_dmabuf_xen_shm.c @@ -104,24 +104,24 @@ int hyper_dmabuf_xen_share_pages(struct page **pages, int domid, int nents, *refs_info = (void *)sh_pages_info; - /* share data pages in rw mode*/ + /* share data pages in readonly mode for security */ for (i=0; i