23 Apr
2025
23 Apr
'25
11:13 p.m.
On Wed, Apr 23, 2025 at 11:31:29AM -0700, Nicolin Chen wrote:
It also needs to act like a mdev and lock down the part of the IOAS that provides that memory so the pin can't be released and UAF things.
If I capture this correctly, the GPA->PA mapping is already done at the IOAS level for the S2 HWPT/domain, i.e. pages are already pinned. So we just need to a pair of for-driver APIs to validate the contiguity and refcount pages calling iopt_area_add_access().
Yes, adding an access is the key thing, the access will give you a page list which you can validate, but it also provides a way to synchronize if a hostile userspace does an unmap.
Jason