[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH v2] x86/vmx: Add command line option to enable EPT without PAT

The fix for XSA-60 disables EPT if PAT is not available. This patch
adds a command line option called "ept_without_pat", that allows EPT to
be enabled even when PAT is not present. This is to enable Xen to run as
a nested guest with EPT on hypervisors that have nested EPT but not
nested PAT.

Signed-off-by: Aravindh Puthiyaparambil <aravindp@xxxxxxxxx>
Cc: Jun Nakajima <jun.nakajima@xxxxxxxxx>
Cc: Eddie Dong <eddie.dong@xxxxxxxxx>
Cc: Kevin Tian <kevin.tian@xxxxxxxxx>

---
Changes from version 1:
1. Fix and update documentation with suggestion from Andrew Cooper.
2. Remove redundant assignment.

 docs/misc/xen-command-line.markdown | 14 ++++++++++++++
 xen/arch/x86/hvm/vmx/vmx.c          |  5 ++++-
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/docs/misc/xen-command-line.markdown 
b/docs/misc/xen-command-line.markdown
index 87de2dc..138fee9 100644
--- a/docs/misc/xen-command-line.markdown
+++ b/docs/misc/xen-command-line.markdown
@@ -523,6 +523,20 @@ Either force retrieval of monitor EDID information via 
VESA DDC, or
 disable it (edid=no). This option should not normally be required
 except for debugging purposes.
 
+### ept\_without\_pat (Intel)
+> `= <boolean>`
+
+> Default: `false`
+
+Allow EPT to be enabled when PAT is not present. 
+
+*Warning:*
+Due to CVE-2013-2212, PAT is by default required as a prerequisite for
+using EPT.  If you are not using PCI Passthrough, or trust the guest
+administrator who would be using passthrough, then the PAT requirement
+can be relaxed.  This option is useful for nested virtualisation cases
+where the outer hypervisor does not expose PAT functionality to Xen.
+
 ### extra\_guest\_irqs
 > `= [<domU number>][,<dom0 number>]`
 
diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c
index 180cf6c..fee81c9 100644
--- a/xen/arch/x86/hvm/vmx/vmx.c
+++ b/xen/arch/x86/hvm/vmx/vmx.c
@@ -58,6 +58,9 @@
 #include <asm/hvm/nestedhvm.h>
 #include <asm/event.h>
 
+static bool_t __initdata opt_ept_without_pat;
+boolean_param("ept_without_pat", opt_ept_without_pat);
+
 enum handler_return { HNDL_done, HNDL_unhandled, HNDL_exception_raised };
 
 static void vmx_ctxt_switch_from(struct vcpu *v);
@@ -1724,7 +1727,7 @@ const struct hvm_function_table * __init start_vmx(void)
      * Do not enable EPT when (!cpu_has_vmx_pat), to prevent security hole
      * (refer to http://xenbits.xen.org/xsa/advisory-60.html).
      */
-    if ( cpu_has_vmx_ept && cpu_has_vmx_pat )
+    if ( cpu_has_vmx_ept && (cpu_has_vmx_pat || opt_ept_without_pat) )
     {
         vmx_function_table.hap_supported = 1;
 
-- 
1.8.3.2


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.