Xen project Mailing List

Re: [PATCH] x86/shadow: depend on PV || HVM

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Date: Fri, 16 Apr 2021 14:49:02 +0200

Cc: Tim Deegan <tim@xxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Fri, 16 Apr 2021 12:49:11 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 16.04.2021 14:39, Andrew Cooper wrote: > On 16/04/2021 13:32, Jan Beulich wrote: >> With the building of guest_?.o now depending on PV or HVM, without >> further #ifdef-ary shadow code won't link anymore when !PV && !HVM. >> Since this isn't a useful configuration anyway, exclude shadow code from >> being built in this case. >> >> Fixes: aff8bf94ce65 ("x86/shadow: only 4-level guest code needs building >> when !HVM") >> Reported-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> >> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> >> >> --- a/xen/arch/x86/Kconfig >> +++ b/xen/arch/x86/Kconfig >> @@ -121,6 +121,7 @@ config XEN_SHSTK >> config SHADOW_PAGING >> bool "Shadow Paging" >> default !PV_SHIM_EXCLUSIVE > > Hang on - this is bug, and is what needs dropping. > > PV Shim uses Shadow, in default configurations, for L1TF protections to > keep userspace out of the guest kernel. Without it, the shim'd guest > will be crashed when it writes an L1TF-vulnerable PTE. > > OSSTest ought to have blocked this as a regression, but I suspect its > not running the XTF PV guests in shim mode. One thing at a time please - if there's an issue here, this wants addressing in a separate change (which then also may need backporting). Jan

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.