|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] SMAP/SMEP issues with 32-bit pv guests
>>> On 01.08.16 at 02:48, <feng.wu@xxxxxxxxx> wrote: >> From: Jan Beulich [mailto:JBeulich@xxxxxxxx] >> Sent: Tuesday, June 28, 2016 3:42 PM >> >>> On 28.06.16 at 03:58, <feng.wu@xxxxxxxxx> wrote: >> > As you know, SMAP/SMEP may affect the 32-bit pv guests, after discussed >> > internally, our current idea is that we can just disable this two feature >> > for >> > Xen hypervisor itself, hence only enable it for HVM guests. Do you think >> > this >> > is acceptable from your perspective? >> >> I think at most we should go as far as making this an option. That's >> better than requiring people to turn off SMEP/SMAP completely to >> gain back performance, and better than forcing people to accept >> this security wise step backwards without any alternative. And once >> an option, I think I'd still like to have current behavior remain the >> default; distros could choose to alter that default with - presumably - >> a one line patch. > > What is your opinion about doing it this way? If you also agree with it, we > will start to implement it. To be honest, with it having been over a month since the original mail, and with it (presumably) not being a very intrusive change (hence not requiring an awful lot of work) I don't see why you couldn't simply prepare and submit the patch instead of waiting for further replies. Jan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx https://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |