Xen project Mailing List

Re: [Xen-devel] [PATCH] xen/arm: Scrub heap pages during boot

To: Julien Grall <julien.grall@xxxxxxxxxx>

From: Ian Campbell <Ian.Campbell@xxxxxxxxxx>

Date: Fri, 10 Jan 2014 09:52:01 +0000

Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx, tim@xxxxxxx, stefano.stabellini@xxxxxxxxxx, patches@xxxxxxxxxx

Delivery-date: Fri, 10 Jan 2014 09:52:09 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

On Fri, 2014-01-10 at 03:27 +0000, Julien Grall wrote: > Scrub heap pages was disabled because it was slow on the models. Now that Xen > supports real hardware, it's possible to enable by default scrubbing. > > Signed-off-by: Julien Grall <julien.grall@xxxxxxxxxx> Acked-by: Ian Campbell <ian.campbell@xxxxxxxxxx> > --- > This patch should go to Xen 4.4. It avoid to give non-cleared page to > a domain. > > The downside is it's now slow on models. There is a no-bootscrub command-line option which can be used in that case. Could you update the relevant model wiki pages to mention it please? > The current implementation of scrub_heap_pages loop on every page in the > frametable. On ARM, there is only which can contains MMIO. We are safe > because when frametable is initialized, page are marked inuse. So the > function won't clear theses pages. I don't think this behaviour is specific to ARM, x86 has MMIO regions mixed in with RAM as well. From an RM PoV I think this is a necessary fix since it can otherwise potentially leak information from a previous boot. I also think it is low risk, nothing should have been relying on non-zero content of any page. > --- > xen/arch/arm/setup.c | 6 ++---- > 1 file changed, 2 insertions(+), 4 deletions(-) > > diff --git a/xen/arch/arm/setup.c b/xen/arch/arm/setup.c > index 9fc40c8..d7c7f4d 100644 > --- a/xen/arch/arm/setup.c > +++ b/xen/arch/arm/setup.c > @@ -764,10 +764,8 @@ void __init start_xen(unsigned long boot_phys_offset, > if ( construct_dom0(dom0) != 0) > panic("Could not set up DOM0 guest OS"); > > - /* Scrub RAM that is still free and so may go to an unprivileged domain. > - XXX too slow in simulator > - scrub_heap_pages(); > - */ > + /* Scrub RAM that is still free and so may go to an unprivileged domain. > */ > + scrub_heap_pages(); > > init_constructors(); > _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.