[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] writable pagetable



On the subject of writable pagetables, is it a performance thing? I've
always said 'no' because I don't know what it does and went with the
philosophy of "if it ain't broke...".

James

> -----Original Message-----
> From: xen-devel-admin@xxxxxxxxxxxxxxxxxxxxx [mailto:xen-devel-
> admin@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of Ian Pratt
> Sent: Thursday, 9 September 2004 11:52
> To: Keir Fraser
> Cc: Kip Macy; Ian Pratt; xen-devel@xxxxxxxxxxxxxxxxxxxxx;
> Ian.Pratt@xxxxxxxxxxxx
> Subject: Re: [Xen-devel] Re: Xen reboots when trying to start new
domain
> 
> 
> Kip,
> 
> Out of interest, why have you needed to give FreeBSD its own
> domain builder rather than use the 'generic ELF' one that Linux
> and NetBSD share? (Plan9 has gone with its own builder as it uses
> an a.out image format).
> 
> > Okay, I pushed some cleanups to BUILDDOMAIN. In particular we now
> > check that the specified pagetable is in fact a valid pagetable :-D
> 
> It's not high on the todo list, but it would be nice to make the
> domain builder completely untrusted, and hence be able to
> delegate it just the privileges it needs for building a
> particular domain. We're not too far away from that. Keir's
> changes certainly make it harder for a domain builder to screw up
> accidentally.
> 
> BTW: On the subject of safety, changelog watchers will have
> noticed significant changes to Xen's 'writable pagetables'
> implementation. We weren't intending to make changes like this so
> late in the 2,0 release cycle, but it came to our attention that
> the Opteron CPU's TLB has a PGD entry cache that isn't coherent
> with memory[*]. This meant that it would have potentially been
> possible for a malicious or compromised guest OS to contrive a
> situation where it got to access pages that didn't belong to it.
> 
> We've now checked in an alternative implementation which should
> be safe on both Intel and AMD.
> 
> Ian
> 
> [*] The x86 architecture is woefully underspecified in this
> respect. Intel CPUs have a PGD entry cache, but current
> implementations have a snooping mechanism that meant that our
> previous scheme worked fine.
> 
> 
> -------------------------------------------------------
> This SF.Net email is sponsored by BEA Weblogic Workshop
> FREE Java Enterprise J2EE developer tools!
> Get your free copy of BEA WebLogic Workshop 8.1 today.
> http://ads.osdn.com/?ad_id=5047&alloc_id=10808&op=click
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@xxxxxxxxxxxxxxxxxxxxx
> https://lists.sourceforge.net/lists/listinfo/xen-devel


-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_idP47&alloc_id808&op=click
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.