[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [V3 PATCH 7/9] x86/hvm: pkeys, add pkeys support for guest_walk_tables

At 16:34 +0000 on 16 Dec (1450283699), Andrew Cooper wrote:
> On 16/12/15 16:28, Tim Deegan wrote:
> > Hi,
> >
> > At 15:36 +0000 on 16 Dec (1450280191), George Dunlap wrote:
> >> (hvm_fetch_from_guest_virt() seems to only set PFEC_insn_fetch if nx or
> >> smep are enabled in the guest.  This seems inconsistent to me with the
> >> treatment of PFEC_reserved_bit: it seems like
> >> hvm_fetch_from_guest_virt() should always pass in PFEC_insn_fetch,
> >> particularly as guest_walk_tables() will already gate the checks based
> >> on whether nx or smep is enabled in the guest.  Tim, you know of any
> >> reason for this?)
> > This code is following the hardware, IIRC: on real CPUs without NX
> > enabled, pagefault error codes will not have that bit set even when
> > caused by instruction fetches.
> There is a difference between Intel and AMD.  Intel has the bit reserved
> (and therefore faults), while AMD declares the bit as ignored (and
> doesn't fault).

I think we are talking about different things.  Like the U/S and W/R
bits, the I/D bit of a PFEC describes what kind of access was being
made, and is not affected by the contents of the pagetables at all.
(cf. the P bit and the new PK bit, which do depend on PT contents).

When neither NX nor SMEP is enabled, we must not set the I/D bit in
the PFEC we give to the guest, since real CPUs would not do so.



Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.