xen-devel
RE: [Xen-devel] [Patch] Enable SMEP CPU feature support for XEN itself
To: |
Keir Fraser <keir.xen@xxxxxxxxx>, "Yang, Wei Y" <wei.y.yang@xxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx> |
Subject: |
RE: [Xen-devel] [Patch] Enable SMEP CPU feature support for XEN itself |
From: |
"Li, Xin" <xin.li@xxxxxxxxx> |
Date: |
Thu, 2 Jun 2011 18:07:29 +0800 |
Accept-language: |
zh-CN, en-US |
Acceptlanguage: |
zh-CN, en-US |
Cc: |
|
Delivery-date: |
Thu, 02 Jun 2011 03:12:27 -0700 |
Envelope-to: |
www-data@xxxxxxxxxxxxxxxxxxx |
In-reply-to: |
<CA0CEB67.1B699%keir.xen@xxxxxxxxx> |
List-help: |
<mailto:xen-devel-request@lists.xensource.com?subject=help> |
List-id: |
Xen developer discussion <xen-devel.lists.xensource.com> |
List-post: |
<mailto:xen-devel@lists.xensource.com> |
List-subscribe: |
<http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe> |
List-unsubscribe: |
<http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe> |
References: |
<FC2FB65B4D919844ADE4BE3C2BB739AD5AB183C0@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> <CA0CEB67.1B699%keir.xen@xxxxxxxxx> |
Sender: |
xen-devel-bounces@xxxxxxxxxxxxxxxxxxx |
Thread-index: |
AcwgVcdx+MEnPLpEQiCW7V8mG/kTcwAB1C2gAATM9UkAATxcMAAJ1pbSAARKp9AAEAaZrAAA0DoQ |
Thread-topic: |
[Xen-devel] [Patch] Enable SMEP CPU feature support for XEN itself |
> > I don't know if we can distinguish that when creating guest.
>
> Of course you can. See the guest_64bit flag already used in
> xc_pv_cpuid_policy()!
>
> However, given that the guest cannot influence whether SMEP is
> enabled/disabled, perhaps it makes sense to always hide the feature? Also we
SMEP can protect Xen hypervisor and 32bit guest kernel from application, but as
32bit guests run in ring 1, it still can exploit null pointer in Xen, although
it's rare.
I vaguely remember Windows disallows execution from first page (or 4M?) of
virtual address space. Does Xen disallow PV guest kernel executing from there?
> should unconditionally be hiding the CPUID feature in any case when Xen does
> not support SMEP (because disabled on command line, or in the stable
> branches without the feature patch applied) as otherwise guest can detect
> the feature and will crash when it tries to enable the feature in CR4. This
> is why it's a bad idea that we blacklist CPUID features for PV guests rather
> than whitelist them. I will apply such a patch to all trees now.
You're right. We will rebase the patch on your new code.
Thanks!
-Xin
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|
|
|