[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 2/4] x86: suppress SMAP and SMEP while running 32-bit PV guest code

To: Jan Beulich <jbeulich@xxxxxxxx>, "andrew.cooper3@xxxxxxxxxx" <andrew.cooper3@xxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
From: "Wu, Feng" <feng.wu@xxxxxxxxx>
Date: Wed, 9 Mar 2016 12:54:46 +0000
Accept-language: en-US
Cc: "Wu, Feng" <feng.wu@xxxxxxxxx>, "keir@xxxxxxx" <keir@xxxxxxx>
Delivery-date: Wed, 09 Mar 2016 12:55:08 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>
Thread-index: AQHRdgjtbuS0NAfh+0aXkc37UXGBKZ9QtKUw//+65ACAAKGpwIAAA22sgAAE2HA=
Thread-topic: [PATCH 2/4] x86: suppress SMAP and SMEP while running 32-bit PV guest code


> -----Original Message-----
> From: Jan Beulich [mailto:jbeulich@xxxxxxxx]
> Sent: Wednesday, March 9, 2016 8:37 PM
> To: andrew.cooper3@xxxxxxxxxx; Wu, Feng <feng.wu@xxxxxxxxx>; xen-
> devel@xxxxxxxxxxxxxxxxxxxx
> Cc: keir@xxxxxxx
> Subject: Re: [PATCH 2/4] x86: suppress SMAP and SMEP while running 32-bit PV
> guest code
> 
> >>>> Andrew Cooper <andrew.cooper3@xxxxxxxxxx> 03/09/16 1:33 PM >>>
> >On 09/03/16 12:27, Wu, Feng wrote:
> >> Oh, thanks for the clarification! Do you know how "An NMI or #MC may
> occur
> >> between clearing CR4.SMEP and CR4.SMAP in compat_restore_all_guest and
> >> it actually returning to guest context, in which case the guest would run 
> >> with
> >> the two features enabled. " can happen? Especially how the guest can run
> >> with the two features enabled?
> >
> >NMIs and MCEs can occur at any point, even if interrupts are disabled.
> >
> >The bad situation is this sequence:
> >
> >* Xen is returning to the guest and disables CR4.SMEP/SMAP
> >* NMI occurs while still in Xen
> >* NMI exit path sees it is returning to Xen and re-enabled CR4.SMEP/SMAP
> 
> Well, almost: Re-enabling happens on the NMI entry path. The NMI exit
> path would, seeing it's returning to Xen context, simply not disable them
> again.

Oh, this is the point I ignored. Thanks for the clarification.

Thanks,
Feng

> 
> Jan
> 
> >* Xen ends up returning to guest with CR4.SMEP/SMAP enabled.
> >
> >~Andrew
> 


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

References:
- [Xen-devel] [PATCH 0/4] x86: accommodate 32-bit PV guests with SMAP/SMEP handling
  - From: Jan Beulich
- [Xen-devel] [PATCH 2/4] x86: suppress SMAP and SMEP while running 32-bit PV guest code
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH 2/4] x86: suppress SMAP and SMEP while running 32-bit PV guest code
  - From: Wu, Feng
- Re: [Xen-devel] [PATCH 2/4] x86: suppress SMAP and SMEP while running 32-bit PV guest code
  - From: Andrew Cooper
- Re: [Xen-devel] [PATCH 2/4] x86: suppress SMAP and SMEP while running 32-bit PV guest code
  - From: Wu, Feng
- Re: [Xen-devel] [PATCH 2/4] x86: suppress SMAP and SMEP while running 32-bit PV guest code
  - From: Andrew Cooper
- Re: [Xen-devel] [PATCH 2/4] x86: suppress SMAP and SMEP while running 32-bit PV guest code
  - From: Jan Beulich

Prev by Date: Re: [Xen-devel] [PATCH v2 1/2] IOMMU/spinlock: Fix a bug found in AMD IOMMU initialization.
Next by Date: [Xen-devel] [PATCH v4 1/2] xen/mm: Introduce arch_free_heap_page()
Previous by thread: Re: [Xen-devel] [PATCH 2/4] x86: suppress SMAP and SMEP while running 32-bit PV guest code
Next by thread: Re: [Xen-devel] [PATCH 2/4] x86: suppress SMAP and SMEP while running 32-bit PV guest code
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.