 Home |
Products |
Support |
Community |
News |
xen-devel
Re: [Xen-devel] [Patch] Disallow SMEP for PV guest
| To: | Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>, "Li, Xin" <xin.li@xxxxxxxxx> |
|---|---|
| Subject: | Re: [Xen-devel] [Patch] Disallow SMEP for PV guest |
| From: | Keir Fraser <keir.xen@xxxxxxxxx> |
| Date: | Wed, 01 Jun 2011 21:41:39 +0100 |
| Cc: | "Yang, Wei Y" <wei.y.yang@xxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>, Keir Fraser <keir@xxxxxxx> |
| Delivery-date: | Thu, 02 Jun 2011 02:47:09 -0700 |
| Dkim-signature: | v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:user-agent:date:subject:from:to:cc:message-id :thread-topic:thread-index:in-reply-to:mime-version:content-type :content-transfer-encoding; bh=sBFwZ2kmQGHkp/Kr/wLFXH3Y0rxyAkq+G97asQAbjsg=; b=DC262bNDpvPpYafbP74D0UnZN22U7LsQwUIKz5rk7lhT/ltOilf2M0aa7lAqzs5tTw DesXwIgOravLY+aymwwiK/WLW9hvyPHbp7WhX5lQCGlfM1X7EsHqK3G5PQ+28LrpDROs lwwzXTO2OV5jKInKSZQRloDuIxA6e4oTs5eyE= |
| Domainkey-signature: | a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=user-agent:date:subject:from:to:cc:message-id:thread-topic :thread-index:in-reply-to:mime-version:content-type :content-transfer-encoding; b=gforRuL8Nm+tGAa0+mPZWyN+gf/9LhN5E+j9OqtIhdbH+I6YQ30z79kynHonGOlGZA 1IWR+KJrnjNgeO7bghenOOfseaaziheSbnE0NZvittXwSiNAThfVC5JQ8VXjpssveZP/ s59y59psWdBtttDgzsUjYBqbA84RfWbhkqzns= |
| Envelope-to: | www-data@xxxxxxxxxxxxxxxxxxx |
| In-reply-to: | <20110601172725.GA11261@xxxxxxxxxxxx> |
| List-help: | <mailto:xen-devel-request@lists.xensource.com?subject=help> |
| List-id: | Xen developer discussion <xen-devel.lists.xensource.com> |
| List-post: | <mailto:xen-devel@lists.xensource.com> |
| List-subscribe: | <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe> |
| List-unsubscribe: | <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe> |
| Sender: | xen-devel-bounces@xxxxxxxxxxxxxxxxxxx |
| Thread-index: | AcwgnE5ydNF5z5hw3U+1q1jSlo2HsQ== |
| Thread-topic: | [Xen-devel] [Patch] Disallow SMEP for PV guest |
| User-agent: | Microsoft-Entourage/12.29.0.110113 |
On 01/06/2011 18:27, "Konrad Rzeszutek Wilk" <konrad.wilk@xxxxxxxxxx> wrote: >> As it can't apply to ring 3, x86_64 pv guest kernel accessing user code won't >> trigger instruction fetch page fault. thus it makes no sense to use it here. >> >> Definitely we should hide it from dom0 kernel. The change should be in Xen >> or pvops dom0? > > Ugh, if have a patch against the paravirt kernel that would only cover the 3.1 > kernel. > So you could still run with the SMEP enabled with the older kernels. Sounds > like > a candidate for Xen hypervisor? Definitely, it's a one liner to traps.c:pv_cpuid(). Given that the domU patching is already done by the hypervisor (in libxc) obviously it should be done by the hypervisor for dom0 also. And the feature should be hidden in CR4, by the hypervisor also. -- Keir _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | [Xen-devel] [xen-unstable test] 7479: regressions - FAIL, xen . org |
|---|---|
| Next by Date: | RE: [Xen-devel] [Patch] Enable SMEP CPU feature support for XEN itself, Li, Xin |
| Previous by Thread: | Re: [Xen-devel] [Patch] Disallow SMEP for PV guest, Konrad Rzeszutek Wilk |
| Next by Thread: | Re: [Xen-devel] [Patch] Disallow SMEP for PV guest, Keir Fraser |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
