[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH V4 2/4] x86/xsaves: enable xsaves/xrstors in xen

To: "Andrew Cooper" <andrew.cooper3@xxxxxxxxxx>
From: "Jan Beulich" <JBeulich@xxxxxxxx>
Date: Wed, 26 Aug 2015 06:35:51 -0600
Cc: kevin.tian@xxxxxxxxx, wei.liu2@xxxxxxxxxx, Ian.Campbell@xxxxxxxxxx, stefano.stabellini@xxxxxxxxxxxxx, eddie.dong@xxxxxxxxx, Shuai Ruan <shuai.ruan@xxxxxxxxxxxxxxx>, ian.jackson@xxxxxxxxxxxxx, xen-devel@xxxxxxxxxxxxx, jun.nakajima@xxxxxxxxx, keir@xxxxxxx
Delivery-date: Wed, 26 Aug 2015 12:35:59 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

>>> On 26.08.15 at 14:05, <andrew.cooper3@xxxxxxxxxx> wrote:
> On 26/08/15 12:50, Jan Beulich wrote:
>>>>> On 26.08.15 at 12:12, <andrew.cooper3@xxxxxxxxxx> wrote:
>>> On 25/08/15 11:54, Shuai Ruan wrote:
>>>> --- a/xen/arch/x86/traps.c
>>>> +++ b/xen/arch/x86/traps.c
>>>> @@ -936,9 +936,10 @@ void pv_cpuid(struct cpu_user_regs *regs)
>>>>          if ( regs->_ecx == 1 )
>>>>          {
>>>>              a &= XSTATE_FEATURE_XSAVEOPT |
>>>> -                 XSTATE_FEATURE_XSAVEC |
>>>> -                 (cpu_has_xgetbv1 ? XSTATE_FEATURE_XGETBV1 : 0) |
>>>> -                 (cpu_has_xsaves ? XSTATE_FEATURE_XSAVES : 0);
>>>> +                 XSTATE_FEATURE_XSAVEC;
>>>> +           /* PV guest will not support xsaves. */
>>>> +                 /* (cpu_has_xgetbv1 ? XSTATE_FEATURE_XGETBV1 : 0) |
>>>> +                 (cpu_has_xsaves ? XSTATE_FEATURE_XSAVES : 0); */
>>> Don't leave this code commented out like this.  Just delete it.
>> Agreed, but - mind reminding me again why supporting them for
>> PV guests isn't going to work?
> 
> xsaves is a cpl0 instruction used to manage state which userspace can't
> be trusted to handle alone.  Xen therefore can't trust PV guests to use
> it either.
> 
> The first of these features is Processor Trace.  A PV guest able to use
> xsaves/xrstors would be able to gather trace data of hypervisor
> execution, or cause the trace buffers to clobber arbitrary physical memory.
> 
> The features covered by MSR_IA32_XSS can safely be exposed to PV guests,
> but via a hypercall interface.

That covers xsaves, but not xgetbv1 (which also covers XSAVEOPT).

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH V4 2/4] x86/xsaves: enable xsaves/xrstors in xen
  - From: Shuai Ruan

References:
- [Xen-devel] [PATCH V4 0/4] add xsaves/xrstors support
  - From: Shuai Ruan
- [Xen-devel] [PATCH V4 2/4] x86/xsaves: enable xsaves/xrstors in xen
  - From: Shuai Ruan
- Re: [Xen-devel] [PATCH V4 2/4] x86/xsaves: enable xsaves/xrstors in xen
  - From: Andrew Cooper
- Re: [Xen-devel] [PATCH V4 2/4] x86/xsaves: enable xsaves/xrstors in xen
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH V4 2/4] x86/xsaves: enable xsaves/xrstors in xen
  - From: Andrew Cooper

Prev by Date: Re: [Xen-devel] [PATCH v2 10/23] efi: build xen.gz with EFI code
Next by Date: Re: [Xen-devel] [PATCH v5 21/22] xen/arm: ITS: Generate ITS node for Dom0
Previous by thread: Re: [Xen-devel] [PATCH V4 2/4] x86/xsaves: enable xsaves/xrstors in xen
Next by thread: Re: [Xen-devel] [PATCH V4 2/4] x86/xsaves: enable xsaves/xrstors in xen
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.