[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen stable-4.1] VMX: Always disable SMEP when guest is in non-paging mode

commit 2cf4461ac868ca82fd63b370afe9efe9a1291900
Author:     Stefan Bader <stefan.bader@xxxxxxxxxxxxx>
AuthorDate: Tue Apr 9 16:27:14 2013 +0200
Commit:     Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Tue Apr 9 16:27:14 2013 +0200

    VMX: Always disable SMEP when guest is in non-paging mode
    
    commit e7dda8ec9fc9020e4f53345cdbb18a2e82e54a65
      VMX: disable SMEP feature when guest is in non-paging mode
    
    disabled the SMEP bit if a guest VCPU was using HAP and was not
    in paging mode. However I could observe VCPUs getting stuck in
    the trampoline after the following patch in the Linux kernel
    changed the way CR4 gets set up:
      x86, realmode: read cr4 and EFER from kernel for 64-bit trampoline
    
    The change will set CR4 from already set flags which includes the
    SMEP bit. On bare metal this does not matter as the CPU is in non-
    paging mode at that time. But Xen seems to use the emulated non-
    paging mode regardless of HAP (I verified that on the guests I was
    seeing the issue, HAP was not used).
    
    Therefor it seems right to unset the SMEP bit for a VCPU that is
    not in paging-mode, regardless of its HAP usage.
    
    Signed-off-by: Stefan Bader <stefan.bader@xxxxxxxxxxxxx>
    Acked-by: Keir Fraser <keir@xxxxxxx>
    Acked-by: Dongxiao Xu <dongxiao.xu@xxxxxxxxx>
    master commit: 0d2e673a763bc7c2ddf97fed074eb691d325ecc5
    master date: 2013-04-04 10:37:19 +0200
---
 xen/arch/x86/hvm/vmx/vmx.c |    7 +++++--
 1 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c
index e720c14..425030b 100644
--- a/xen/arch/x86/hvm/vmx/vmx.c
+++ b/xen/arch/x86/hvm/vmx/vmx.c
@@ -1186,11 +1186,14 @@ static void vmx_update_guest_cr(struct vcpu *v, 
unsigned int cr)
         {
             v->arch.hvm_vcpu.hw_cr[4] |= X86_CR4_PSE;
             v->arch.hvm_vcpu.hw_cr[4] &= ~X86_CR4_PAE;
+        }
+        if ( !hvm_paging_enabled(v) )
+        {
             /*
              * SMEP is disabled if CPU is in non-paging mode in hardware.
              * However Xen always uses paging mode to emulate guest non-paging
-             * mode with HAP. To emulate this behavior, SMEP needs to be
-             * manually disabled when guest switches to non-paging mode.
+             * mode. To emulate this behavior, SMEP needs to be manually
+             * disabled when guest VCPU is in non-paging mode.
              */
             v->arch.hvm_vcpu.hw_cr[4] &= ~X86_CR4_SMEP;
         }
--
generated by git-patchbot for /home/xen/git/xen.git#stable-4.1

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.