[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Xen-devel] [PATCH v5 2/3] x86: Remap GDT tables in the Fixmap section
- To: Thomas Garnier <thgarnie@xxxxxxxxxx>, Andy Lutomirski <luto@xxxxxxxxxxxxxx>
- From: Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx>
- Date: Thu, 9 Mar 2017 16:56:33 -0500
- Cc: Michal Hocko <mhocko@xxxxxxxx>, Stanislaw Gruszka <sgruszka@xxxxxxxxxx>, kvm list <kvm@xxxxxxxxxxxxxxx>, "linux-doc@xxxxxxxxxxxxxxx" <linux-doc@xxxxxxxxxxxxxxx>, Matt Fleming <matt@xxxxxxxxxxxxxxxxxxx>, Frederic Weisbecker <fweisbec@xxxxxxxxx>, Josh Poimboeuf <jpoimboe@xxxxxxxxxx>, Chris Wilson <chris@xxxxxxxxxxxxxxxxxx>, "linux-mm@xxxxxxxxx" <linux-mm@xxxxxxxxx>, Dave Hansen <dave.hansen@xxxxxxxxx>, Radim Krčmář <rkrcmar@xxxxxxxxxx>, "linux-efi@xxxxxxxxxxxxxxx" <linux-efi@xxxxxxxxxxxxxxx>, Alexander Potapenko <glider@xxxxxxxxxx>, Pavel Machek <pavel@xxxxxx>, "H . Peter Anvin" <hpa@xxxxxxxxx>, "kernel-hardening@xxxxxxxxxxxxxxxxxx" <kernel-hardening@xxxxxxxxxxxxxxxxxx>, Jiri Olsa <jolsa@xxxxxxxxxx>, zijun_hu <zijun_hu@xxxxxxx>, Prarit Bhargava <prarit@xxxxxxxxxx>, Andi Kleen <ak@xxxxxxxxxxxxxxx>, Len Brown <len.brown@xxxxxxxxx>, Jonathan Corbet <corbet@xxxxxxx>, Michael Ellerman <mpe@xxxxxxxxxxxxxx>, Joerg Roedel <joro@xxxxxxxxxx>, X86 ML <x86@xxxxxxxxxx>, "Luis R . Rodriguez" <mcgrof@xxxxxxxxxx>, kasan-dev <kasan-dev@xxxxxxxxxxxxxxxx>, Christian Borntraeger <borntraeger@xxxxxxxxxx>, Ingo Molnar <mingo@xxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Borislav Petkov <bp@xxxxxxx>, Fenghua Yu <fenghua.yu@xxxxxxxxx>, Jiri Kosina <jikos@xxxxxxxxxx>, Kees Cook <keescook@xxxxxxxxxxxx>, Arnd Bergmann <arnd@xxxxxxxx>, He Chen <he.chen@xxxxxxxxxxxxxxx>, Brian Gerst <brgerst@xxxxxxxxx>, Rusty Russell <rusty@xxxxxxxxxxxxxxx>, Joonsoo Kim <iamjoonsoo.kim@xxxxxxx>, lguest@xxxxxxxxxxxxxxxx, Andy Lutomirski <luto@xxxxxxxxxx>, Andrey Ryabinin <aryabinin@xxxxxxxxxxxxx>, Thomas Gleixner <tglx@xxxxxxxxxxxxx>, Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>, Dmitry Vyukov <dvyukov@xxxxxxxxxx>, Juergen Gross <jgross@xxxxxxxx>, Lorenzo Stoakes <lstoakes@xxxxxxxxx>, Paul Gortmaker <paul.gortmaker@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, "linux-pm@xxxxxxxxxxxxxxx" <linux-pm@xxxxxxxxxxxxxxx>, Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx>, "Rafael J . Wysocki" <rjw@xxxxxxxxxxxxx>, "linux-kernel@xxxxxxxxxxxxxxx" <linux-kernel@xxxxxxxxxxxxxxx>, Peter Zijlstra <peterz@xxxxxxxxxxxxx>, David Vrabel <david.vrabel@xxxxxxxxxx>, Paolo Bonzini <pbonzini@xxxxxxxxxx>, Vitaly Kuznetsov <vkuznets@xxxxxxxxxx>, Tim Chen <tim.c.chen@xxxxxxxxxxxxxxx>
- Delivery-date: Thu, 09 Mar 2017 21:58:42 +0000
- List-id: Xen developer discussion <xen-devel.lists.xen.org>
On 03/09/2017 04:54 PM, Thomas Garnier wrote:
> On Thu, Mar 9, 2017 at 1:46 PM, Andy Lutomirski <luto@xxxxxxxxxxxxxx> wrote:
>> On Thu, Mar 9, 2017 at 1:43 PM, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
>> wrote:
>>> On 09/03/2017 21:32, Andy Lutomirski wrote:
>>>> On Mon, Mar 6, 2017 at 2:03 PM, Thomas Garnier <thgarnie@xxxxxxxxxx> wrote:
>>>>
>>>>> --- a/arch/x86/xen/enlighten.c
>>>>> +++ b/arch/x86/xen/enlighten.c
>>>>> @@ -710,7 +710,7 @@ static void load_TLS_descriptor(struct thread_struct
>>>>> *t,
>>>>>
>>>>> *shadow = t->tls_array[i];
>>>>>
>>>>> - gdt = get_cpu_gdt_table(cpu);
>>>>> + gdt = get_cpu_gdt_rw(cpu);
>>>>> maddr = arbitrary_virt_to_machine(&gdt[GDT_ENTRY_TLS_MIN+i]);
>>>>> mc = __xen_mc_entry(0);
>>>> Boris, is this right? I don't see why it wouldn't be, but Xen is special.
>>> Under Xen PV, the GDT is already read-only at this point. (It is not
>>> safe to let the guest have writeable access to system tables, so the
>>> guest must relinquish write access to the frames wishing to be used as
>>> LDTs or GDTs.)
>>>
>>> The hypercall acts on the frame, not a virtual address, so either alias
>>> should be fine here.
>>>
>>> Under this new scheme, there will be two read-only aliases. I guess
>>> this is easier to maintain the split consistently across Linux, than to
>>> special case Xen PV because it doesn't need the second alias.
>>>
>> I think we would gain nothing at all by special-casing Xen PV -- Linux
>> allocates the fixmap vaddrs at compile time, so we'd still allocate
>> them even if we rejigger all the helpers to avoid using them.
>>
> I don't have any experience with Xen so it would be great if virtme can test
> it.
I am pretty sure I tested this series at some point but I'll test it again.
-boris
>
> I can remove the unused functions, I just thought they were useful
> shortcuts given some of them are already used.
>
>> --Andy
>
>
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel
|