[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[xen master] x86: Drop opt_pku entirely



commit 65f0d6fc80cba9d79b58e6f2bfc00e36d4e66898
Author:     Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
AuthorDate: Tue Jun 20 18:01:46 2023 +0100
Commit:     Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
CommitDate: Mon Aug 7 15:30:18 2023 +0100

    x86: Drop opt_pku entirely
    
    This option is particularly dubious as Xen does not use Protection Keys, 
owing
    to the sharing of pagetables with PV guests.  All this option does is hide 
PKU
    by default from HVM guests, and is therefore redundant with the more generic
    cpuid=no-pku.
    
    The variable ought to be in __initdata given it's single user, but deleting 
it
    entirely looks to be a better course of action.
    
    Visibility of PKU to guests should be handled via its vm.cfg file.
    
    Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    Acked-by: Jan Beulich <jbeulich@xxxxxxxx>
    Acked-by: Henry Wang <Henry.Wang@xxxxxxx>
---
 CHANGELOG.md                      |  4 ++++
 docs/misc/xen-command-line.pandoc | 10 ----------
 xen/arch/x86/cpu/common.c         |  7 -------
 3 files changed, 4 insertions(+), 17 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7d7e0590f8..7e5efcabda 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -25,6 +25,10 @@ The format is based on [Keep a 
Changelog](https://keepachangelog.com/en/1.0.0/)
  - Add support for AVX512-FP16 on x86.
  - On Arm, Xen supports guests running SVE/SVE2 instructions. (Tech Preview)
 
+### Removed
+ - On x86, the "pku" command line option has been removed.  It has never
+   behaved precisely as described, and was redundant with the unsupported
+   "cpuid=no-pku".  Visibility of PKU to guests should be via its vm.cfg file.
 
 ## 
[4.17.0](https://xenbits.xen.org/gitweb/?p=xen.git;a=shortlog;h=RELEASE-4.17.0) 
- 2022-12-12
 
diff --git a/docs/misc/xen-command-line.pandoc 
b/docs/misc/xen-command-line.pandoc
index 4060ebdc5d..9d66688bd1 100644
--- a/docs/misc/xen-command-line.pandoc
+++ b/docs/misc/xen-command-line.pandoc
@@ -1950,16 +1950,6 @@ for all of them (`true`), only for those subject to XPTI 
(`xpti`) or for
 those not subject to XPTI (`no-xpti`). The feature is used only in case
 INVPCID is supported and not disabled via `invpcid=false`.
 
-### pku (x86)
-> `= <boolean>`
-
-> Default: `true`
-
-Flag to enable Memory Protection Keys.
-
-The protection-key feature provides an additional mechanism by which IA-32e
-paging controls access to usermode addresses.
-
 ### ple_gap
 > `= <integer>`
 
diff --git a/xen/arch/x86/cpu/common.c b/xen/arch/x86/cpu/common.c
index 7b27f20138..6fada384a1 100644
--- a/xen/arch/x86/cpu/common.c
+++ b/xen/arch/x86/cpu/common.c
@@ -29,10 +29,6 @@ bool __read_mostly opt_dom0_cpuid_faulting = true;
 bool opt_arat = true;
 boolean_param("arat", opt_arat);
 
-/* pku: Flag to enable Memory Protection Keys (default on). */
-static bool opt_pku = true;
-boolean_param("pku", opt_pku);
-
 unsigned int opt_cpuid_mask_ecx = ~0u;
 integer_param("cpuid_mask_ecx", opt_cpuid_mask_ecx);
 unsigned int opt_cpuid_mask_edx = ~0u;
@@ -522,9 +518,6 @@ void identify_cpu(struct cpuinfo_x86 *c)
                this_cpu->c_init(c);
 
 
-       if (c == &boot_cpu_data && !opt_pku)
-               setup_clear_cpu_cap(X86_FEATURE_PKU);
-
        /*
         * The vendor-specific functions might have changed features.  Now
         * we do "generic changes."
--
generated by git-patchbot for /home/xen/git/xen.git#master



 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.