[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 00/10] x86/hvm: pkeys, add memory protection-key support

To: "Wu, Feng" <feng.wu@xxxxxxxxx>, Jan Beulich <JBeulich@xxxxxxxx>
From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
Date: Wed, 18 Nov 2015 10:10:45 +0000
Cc: "Tian, Kevin" <kevin.tian@xxxxxxxxx>, "wei.liu2@xxxxxxxxxx" <wei.liu2@xxxxxxxxxx>, "ian.campbell@xxxxxxxxxx" <ian.campbell@xxxxxxxxxx>, "stefano.stabellini@xxxxxxxxxxxxx" <stefano.stabellini@xxxxxxxxxxxxx>, "george.dunlap@xxxxxxxxxxxxx" <george.dunlap@xxxxxxxxxxxxx>, "ian.jackson@xxxxxxxxxxxxx" <ian.jackson@xxxxxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxx>, "Nakajima, Jun" <jun.nakajima@xxxxxxxxx>, "Han, Huaitong" <huaitong.han@xxxxxxxxx>, "keir@xxxxxxx" <keir@xxxxxxx>
Delivery-date: Wed, 18 Nov 2015 10:11:00 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On 18/11/15 09:12, Wu, Feng wrote:
>
>> -----Original Message-----
>> From: xen-devel-bounces@xxxxxxxxxxxxx [mailto:xen-devel-
>> bounces@xxxxxxxxxxxxx] On Behalf Of Jan Beulich
>> Sent: Tuesday, November 17, 2015 6:26 PM
>> To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
>> Cc: Tian, Kevin <kevin.tian@xxxxxxxxx>; wei.liu2@xxxxxxxxxx;
>> ian.campbell@xxxxxxxxxx; stefano.stabellini@xxxxxxxxxxxxx;
>> george.dunlap@xxxxxxxxxxxxx; ian.jackson@xxxxxxxxxxxxx; xen-
>> devel@xxxxxxxxxxxxx; Nakajima, Jun <jun.nakajima@xxxxxxxxx>; Han,
>> Huaitong <huaitong.han@xxxxxxxxx>; keir@xxxxxxx
>> Subject: Re: [Xen-devel] [PATCH 00/10] x86/hvm: pkeys, add memory
>> protection-key support
>>
>>>>> On 16.11.15 at 18:45, <andrew.cooper3@xxxxxxxxxx> wrote:
>>> Furthermore, it is unclear (given the unwritten ABI) whether it is even
>>> safe to move _PAGE_GNTTAB out of the way, as this is visible to a PV guest.
>> It seems pretty clear to me that this would be unsafe: It being
>> part of L1_DISALLOW_MASK, if it moved and a guest used the
>> bit for its own purposes, the guest would break. I guess we'll
>> need an ELF note by which the guest can advertise which of the
>> available bits it doesn't care about itself.
> Actually, we don't expose this feature to PV guest, we only expose it
> to HVM. In that case, is there still issues like you discussed above?

You have turned on CR4.PKE, and _PAGE_GNTTAB is bit 62 in a PTE. 
Futhermore, you don't prevent/audit a PV guest's use of the PK bits.

This makes it usable by PV guests, even if the feature isn't advertised.

~Andrew

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH 00/10] x86/hvm: pkeys, add memory protection-key support
  - From: Wu, Feng

References:
- [Xen-devel] [PATCH 00/10] x86/hvm: pkeys, add memory protection-key support
  - From: Huaitong Han
- Re: [Xen-devel] [PATCH 00/10] x86/hvm: pkeys, add memory protection-key support
  - From: Andrew Cooper
- Re: [Xen-devel] [PATCH 00/10] x86/hvm: pkeys, add memory protection-key support
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH 00/10] x86/hvm: pkeys, add memory protection-key support
  - From: Wu, Feng

Prev by Date: Re: [Xen-devel] [PATCH 2/2] grant_table: convert grant table rwlock to percpu rwlock
Next by Date: Re: [Xen-devel] [PATCH 2/2] grant_table: convert grant table rwlock to percpu rwlock
Previous by thread: Re: [Xen-devel] [PATCH 00/10] x86/hvm: pkeys, add memory protection-key support
Next by thread: Re: [Xen-devel] [PATCH 00/10] x86/hvm: pkeys, add memory protection-key support
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.