|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen master] x86/hvm: a flag to enable Memory Protection Keys
commit 28cf7493488f030be144df8d039ef4c324b8bb61
Author: Huaitong Han <huaitong.han@xxxxxxxxx>
AuthorDate: Mon Dec 21 17:09:09 2015 +0100
Commit: Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Mon Dec 21 17:09:09 2015 +0100
x86/hvm: a flag to enable Memory Protection Keys
Signed-off-by: Huaitong Han <huaitong.han@xxxxxxxxx>
Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
---
docs/misc/xen-command-line.markdown | 10 ++++++++++
xen/arch/x86/cpu/common.c | 10 +++++++++-
xen/include/asm-x86/cpufeature.h | 6 +++++-
3 files changed, 24 insertions(+), 2 deletions(-)
diff --git a/docs/misc/xen-command-line.markdown
b/docs/misc/xen-command-line.markdown
index 3a10432..467dc8f 100644
--- a/docs/misc/xen-command-line.markdown
+++ b/docs/misc/xen-command-line.markdown
@@ -1188,6 +1188,16 @@ This option can be specified more than once (up to 8
times at present).
### ple\_window
> `= <integer>`
+### pku
+> `= <boolean>`
+
+> Default: `true`
+
+Flag to enable Memory Protection Keys.
+
+The protection-key feature provides an additional mechanism by which IA-32e
+paging controls access to usermode addresses.
+
### psr (Intel)
> `= List of ( cmt:<boolean> | rmid_max:<integer> | cat:<boolean> |
> cos_max:<integer> | cdp:<boolean> )`
diff --git a/xen/arch/x86/cpu/common.c b/xen/arch/x86/cpu/common.c
index 536a691..335f044 100644
--- a/xen/arch/x86/cpu/common.c
+++ b/xen/arch/x86/cpu/common.c
@@ -22,6 +22,10 @@ boolean_param("xsave", use_xsave);
bool_t opt_arat = 1;
boolean_param("arat", opt_arat);
+/* pku: Flag to enable Memory Protection Keys (default on). */
+static bool_t opt_pku = 1;
+boolean_param("pku", opt_pku);
+
unsigned int opt_cpuid_mask_ecx = ~0u;
integer_param("cpuid_mask_ecx", opt_cpuid_mask_ecx);
unsigned int opt_cpuid_mask_edx = ~0u;
@@ -270,7 +274,8 @@ static void generic_identify(struct cpuinfo_x86 *c)
if ( c->cpuid_level >= 0x00000007 )
cpuid_count(0x00000007, 0, &tmp,
&c->x86_capability[cpufeat_word(X86_FEATURE_FSGSBASE)],
- &tmp, &tmp);
+ &c->x86_capability[cpufeat_word(X86_FEATURE_PKU)],
+ &tmp);
}
/*
@@ -323,6 +328,9 @@ void identify_cpu(struct cpuinfo_x86 *c)
if ( cpu_has_xsave )
xstate_init(c);
+ if ( !opt_pku )
+ setup_clear_cpu_cap(X86_FEATURE_PKU);
+
/*
* The vendor-specific functions might have changed features. Now
* we do "generic changes."
diff --git a/xen/include/asm-x86/cpufeature.h b/xen/include/asm-x86/cpufeature.h
index af127cf..ef96514 100644
--- a/xen/include/asm-x86/cpufeature.h
+++ b/xen/include/asm-x86/cpufeature.h
@@ -11,7 +11,7 @@
#include <xen/const.h>
-#define NCAPINTS 8 /* N 32-bit words worth of info */
+#define NCAPINTS 9 /* N 32-bit words worth of info */
/* Intel-defined CPU features, CPUID level 0x00000001 (edx), word 0 */
#define X86_FEATURE_FPU (0*32+ 0) /* Onboard FPU */
@@ -163,6 +163,10 @@
#define X86_FEATURE_ADX (7*32+19) /* ADCX, ADOX instructions */
#define X86_FEATURE_SMAP (7*32+20) /* Supervisor Mode Access Prevention
*/
+/* Intel-defined CPU features, CPUID level 0x00000007:0 (ecx), word 8 */
+#define X86_FEATURE_PKU (8*32+ 3) /* Protection Keys for Userspace */
+#define X86_FEATURE_OSPKE (8*32+ 4) /* OS Protection Keys Enable */
+
#define cpufeat_word(idx) ((idx) / 32)
#define cpufeat_bit(idx) ((idx) % 32)
#define cpufeat_mask(idx) (_AC(1, U) << cpufeat_bit(idx))
--
generated by git-patchbot for /home/xen/git/xen.git#master
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |