[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH] xen/arm: Scrub heap pages during boot
On Fri, 2014-01-10 at 03:27 +0000, Julien Grall wrote: > Scrub heap pages was disabled because it was slow on the models. Now that Xen > supports real hardware, it's possible to enable by default scrubbing. > > Signed-off-by: Julien Grall <julien.grall@xxxxxxxxxx> Acked-by: Ian Campbell <ian.campbell@xxxxxxxxxx> > --- > This patch should go to Xen 4.4. It avoid to give non-cleared page to > a domain. > > The downside is it's now slow on models. There is a no-bootscrub command-line option which can be used in that case. Could you update the relevant model wiki pages to mention it please? > The current implementation of scrub_heap_pages loop on every page in the > frametable. On ARM, there is only which can contains MMIO. We are safe > because when frametable is initialized, page are marked inuse. So the > function won't clear theses pages. I don't think this behaviour is specific to ARM, x86 has MMIO regions mixed in with RAM as well. From an RM PoV I think this is a necessary fix since it can otherwise potentially leak information from a previous boot. I also think it is low risk, nothing should have been relying on non-zero content of any page. > --- > xen/arch/arm/setup.c | 6 ++---- > 1 file changed, 2 insertions(+), 4 deletions(-) > > diff --git a/xen/arch/arm/setup.c b/xen/arch/arm/setup.c > index 9fc40c8..d7c7f4d 100644 > --- a/xen/arch/arm/setup.c > +++ b/xen/arch/arm/setup.c > @@ -764,10 +764,8 @@ void __init start_xen(unsigned long boot_phys_offset, > if ( construct_dom0(dom0) != 0) > panic("Could not set up DOM0 guest OS"); > > - /* Scrub RAM that is still free and so may go to an unprivileged domain. > - XXX too slow in simulator > - scrub_heap_pages(); > - */ > + /* Scrub RAM that is still free and so may go to an unprivileged domain. > */ > + scrub_heap_pages(); > > init_constructors(); > _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |