[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH] x86/cpuid: Tie SMAP to NX, for the shadow pagetable code

NX support in the host is required for the shadow pagetable code to handle
SMAP correctly for guests.

Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
CC: Jan Beulich <JBeulich@xxxxxxxx>
CC: Wei Liu <wei.liu2@xxxxxxxxxx>
CC: Roger Pau Monné <roger.pau@xxxxxxxxxx>
CC: George Dunlap <george.dunlap@xxxxxxxxxxxxx>
CC: Tim Deegan <tim@xxxxxxx>

RFC because this is a little thorny.

Strictly speaking, it is "Xen uses NX in HVM guest context" as the
prerequisite.  We could in principle allow guests to use NX without using it
in Xen, but that sounds like unnecessary complication.  Also, we have no
option to inhibit Xen from using NX if it finds it in hardware.

This dependency also doesn't need to occur for HAP guests.

In practice, all 64bit hardware (save the very first Intel 64bit CPUs)
supports NX, and expressing the interlock like this is far easier than trying
to account for it dynamically.
 xen/tools/gen-cpuid.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/xen/tools/gen-cpuid.py b/xen/tools/gen-cpuid.py
index 3fecae8..31fdee9 100755
--- a/xen/tools/gen-cpuid.py
+++ b/xen/tools/gen-cpuid.py
@@ -239,6 +239,11 @@ def crunch_numbers(state):
         # absence of any enabled xstate.
         AVX: [FMA, FMA4, F16C, AVX2, XOP],
+        # This dependency exists solely for the shadow pagetable code.  If the
+        # host doesn't have NX support, the shadow pagetable code can't handle
+        # SMAP correctly for guests.
+        NX: [SMAP],
         # CX16 is only encodable in Long Mode.  LAHF_LM indicates that the
         # SAHF/LAHF instructions are reintroduced in Long Mode.  1GB
         # superpages, PCID and PKU are only available in 4 level paging.

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.