[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 2/4] x86: suppress SMAP and SMEP while running 32-bit PV guest code

To: Jan Beulich <jbeulich@xxxxxxxx>, "andrew.cooper3@xxxxxxxxxx" <andrew.cooper3@xxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
From: "Wu, Feng" <feng.wu@xxxxxxxxx>
Date: Wed, 9 Mar 2016 13:35:29 +0000
Accept-language: en-US
Cc: "Wu, Feng" <feng.wu@xxxxxxxxx>, "keir@xxxxxxx" <keir@xxxxxxx>
Delivery-date: Wed, 09 Mar 2016 13:35:36 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>
Thread-index: AQHRdgjtbuS0NAfh+0aXkc37UXGBKZ9QtKUw//+65ACAAKGpwIAAA22sgAAO4vA=
Thread-topic: [PATCH 2/4] x86: suppress SMAP and SMEP while running 32-bit PV guest code


> -----Original Message-----
> From: Jan Beulich [mailto:jbeulich@xxxxxxxx]
> Sent: Wednesday, March 9, 2016 8:37 PM
> To: andrew.cooper3@xxxxxxxxxx; Wu, Feng <feng.wu@xxxxxxxxx>; xen-
> devel@xxxxxxxxxxxxxxxxxxxx
> Cc: keir@xxxxxxx
> Subject: Re: [PATCH 2/4] x86: suppress SMAP and SMEP while running 32-bit PV
> guest code
> 
> >>>> Andrew Cooper <andrew.cooper3@xxxxxxxxxx> 03/09/16 1:33 PM >>>
> >On 09/03/16 12:27, Wu, Feng wrote:
> >> Oh, thanks for the clarification! Do you know how "An NMI or #MC may
> occur
> >> between clearing CR4.SMEP and CR4.SMAP in compat_restore_all_guest and
> >> it actually returning to guest context, in which case the guest would run 
> >> with
> >> the two features enabled. " can happen? Especially how the guest can run
> >> with the two features enabled?
> >
> >NMIs and MCEs can occur at any point, even if interrupts are disabled.
> >
> >The bad situation is this sequence:
> >
> >* Xen is returning to the guest and disables CR4.SMEP/SMAP
> >* NMI occurs while still in Xen
> >* NMI exit path sees it is returning to Xen and re-enabled CR4.SMEP/SMAP
> 
> Well, almost: Re-enabling happens on the NMI entry path. The NMI exit
> path would, seeing it's returning to Xen context, simply not disable them
> again.

Thinking about this again, in this case, when the NMI happens, we are in
Xen context (CPL in cs is 0), so the CPL of the saved cs in stack is 0,right?
why do we re-enable CR4.SMEP/SMAP in this case? I mean do we only
need to enable SMEP/SMAP when coming from 32bit pv guest (CPL of cs is 1) ?

Thanks,
Feng

> 
> Jan
> 
> >* Xen ends up returning to guest with CR4.SMEP/SMAP enabled.
> >
> >~Andrew
> 


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH 2/4] x86: suppress SMAP and SMEP while running 32-bit PV guest code
  - From: Andrew Cooper

References:
- [Xen-devel] [PATCH 0/4] x86: accommodate 32-bit PV guests with SMAP/SMEP handling
  - From: Jan Beulich
- [Xen-devel] [PATCH 2/4] x86: suppress SMAP and SMEP while running 32-bit PV guest code
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH 2/4] x86: suppress SMAP and SMEP while running 32-bit PV guest code
  - From: Wu, Feng
- Re: [Xen-devel] [PATCH 2/4] x86: suppress SMAP and SMEP while running 32-bit PV guest code
  - From: Andrew Cooper
- Re: [Xen-devel] [PATCH 2/4] x86: suppress SMAP and SMEP while running 32-bit PV guest code
  - From: Wu, Feng
- Re: [Xen-devel] [PATCH 2/4] x86: suppress SMAP and SMEP while running 32-bit PV guest code
  - From: Andrew Cooper
- Re: [Xen-devel] [PATCH 2/4] x86: suppress SMAP and SMEP while running 32-bit PV guest code
  - From: Jan Beulich

Prev by Date: Re: [Xen-devel] [Xen-users] Error compiling Xen in configuring stubdom/gmp with glibc-2.23 on Arch Linux
Next by Date: Re: [Xen-devel] Running Xen on Nvidia Jetson-TK1
Previous by thread: Re: [Xen-devel] [PATCH 2/4] x86: suppress SMAP and SMEP while running 32-bit PV guest code
Next by thread: Re: [Xen-devel] [PATCH 2/4] x86: suppress SMAP and SMEP while running 32-bit PV guest code
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.