[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCHv1] x86: don't schedule when handling #NM exception

To: George Dunlap <george.dunlap@xxxxxxxxxxxxx>, Jan Beulich <JBeulich@xxxxxxxx>, "H. Peter Anvin" <hpa@xxxxxxxxx>
From: Sarah Newman <srn@xxxxxxxxx>
Date: Tue, 18 Mar 2014 11:17:53 -0700
Cc: David Vrabel <david.vrabel@xxxxxxxxxx>, Thomas Gleixner <tglx@xxxxxxxxxxxxx>, Ingo Molnar <mingo@xxxxxxxxxx>, Linux Kernel Mailing List <linux-kernel@xxxxxxxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxx>
Delivery-date: Tue, 18 Mar 2014 18:18:23 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On 03/17/2014 10:14 AM, George Dunlap wrote:
> On 03/17/2014 05:05 PM, Jan Beulich wrote:
>>>>> On 17.03.14 at 17:55, "H. Peter Anvin" <hpa@xxxxxxxxx> wrote:
>>> So if this interface wasn't an accident it was active negligence and
>>> incompetence.
>> I don't think so - while it (as we now see) disallows certain things
>> inside the guest, back at the time when this was designed there was
>> no sign of any sort of allocation/scheduling being done inside the
>> #NM handler. And furthermore, a PV specification is by its nature
>> allowed to define deviations from real hardware behavior, or else it
>> wouldn't be needed in the first place.
> 
> But it's certainly the case that deviating from the hardware in *this* way by 
> default was always
> very likely to case the exact kind of bug we've seen here.  It is an 
> "interface trap" that was bound
> to be tripped over (much like Intel's infamous sysret vulnerability).
> 
> Making it opt-in would have been a much better idea.  But the people who made 
> that decision are long
> gone, and we now need to deal with the situation as we have it.

Should or has there been a review of the current xen PVABI to look for any 
other such deviations?

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCHv1] x86: don't schedule when handling #NM exception
  - From: H. Peter Anvin

References:
- [Xen-devel] [PATCHv1] x86: don't schedule when handling #NM exception
  - From: David Vrabel
- Re: [Xen-devel] [PATCHv1] x86: don't schedule when handling #NM exception
  - From: H. Peter Anvin
- Re: [Xen-devel] [PATCHv1] x86: don't schedule when handling #NM exception
  - From: David Vrabel
- Re: [Xen-devel] [PATCHv1] x86: don't schedule when handling #NM exception
  - From: Sarah Newman
- Re: [Xen-devel] [PATCHv1] x86: don't schedule when handling #NM exception
  - From: H. Peter Anvin
- Re: [Xen-devel] [PATCHv1] x86: don't schedule when handling #NM exception
  - From: George Dunlap
- Re: [Xen-devel] [PATCHv1] x86: don't schedule when handling #NM exception
  - From: H. Peter Anvin
- Re: [Xen-devel] [PATCHv1] x86: don't schedule when handling #NM exception
  - From: Jan Beulich
- Re: [Xen-devel] [PATCHv1] x86: don't schedule when handling #NM exception
  - From: George Dunlap

Prev by Date: Re: [Xen-devel] [PATCH 1/3] libxl: Make libxl_exec tolerate foofd<=2
Next by Date: Re: [Xen-devel] [PATCH v3 05/13] xen/passthrough: rework dom0_pvh_reqs to use it also on ARM
Previous by thread: Re: [Xen-devel] [PATCHv1] x86: don't schedule when handling #NM exception
Next by thread: Re: [Xen-devel] [PATCHv1] x86: don't schedule when handling #NM exception
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.