|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: dom0 PV looping on search_pre_exception_table()
On Thu, Dec 10, 2020 at 09:01:12PM +0000, Andrew Cooper wrote:
> I've repro'd the problem.
>
> When I modify Xen to explicitly demand-map the LDT in the MMUEXT_SET_LDT
> hypercall, everything works fine.
>
> Specifically, this delta:
>
> diff --git a/xen/arch/x86/mm.c b/xen/arch/x86/mm.c
> index 723cc1070f..71a791d877 100644
> --- a/xen/arch/x86/mm.c
> +++ b/xen/arch/x86/mm.c
> @@ -3742,12 +3742,31 @@ long do_mmuext_op(
> else if ( (curr->arch.pv.ldt_ents != ents) ||
> (curr->arch.pv.ldt_base != ptr) )
> {
> + unsigned int err = 0, tmp;
> +
> if ( pv_destroy_ldt(curr) )
> flush_tlb_local();
>
> curr->arch.pv.ldt_base = ptr;
> curr->arch.pv.ldt_ents = ents;
> load_LDT(curr);
> +
> + printk("Probe new LDT\n");
> + asm volatile (
> + "mov %%es, %[tmp];\n\t"
> + "1: mov %[sel], %%es;\n\t"
> + "mov %[tmp], %%es;\n\t"
> + "2:\n\t"
> + ".section .fixup,\"ax\"\n"
> + "3: mov $1, %[err];\n\t"
> + "jmp 2b\n\t"
> + ".previous\n\t"
> + _ASM_EXTABLE(1b, 3b)
> + : [err] "+r" (err),
> + [tmp] "=&r" (tmp)
> + : [sel] "r" (0x3f)
> + : "memory");
> + printk(" => err %u\n", err);
> }
> break;
> }
>
> Which stashes %es, explicitly loads init's %ss selector to trigger the
> #PF and Xen's lazy mapping, then restores %es.
Yes, this works for dom0 too, I have it running multiuser
> [...]
>
> Presumably you've got no Meltdown mitigations going on within the NetBSD
> kernel? (I suspect not, seeing as changing Xen changes the behaviour,
> but it is worth asking).
No, there's no Meltdown mitigations for PV in NetBSD. as I see it,
for amd64 at last, the Xen kernel has to do it anyway, so it's not usefull
to implement it in the guest's kernel. Did I miss something ?
--
Manuel Bouyer <bouyer@xxxxxxxxxxxxxxx>
NetBSD: 26 ans d'experience feront toujours la difference
--
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |