|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH 1/2] x86/mm: Change default value for suppress #VE in set_mem_access()
On Thu, Jul 20, 2017 at 8:38 AM, George Dunlap <George.Dunlap@xxxxxxxxxxxxx> wrote: > On Thu, Jun 15, 2017 at 7:49 PM, Tamas K Lengyel <tamas@xxxxxxxxxxxxx> wrote: >> On Fri, Jun 9, 2017 at 10:51 AM, Adrian Pop <apop@xxxxxxxxxxxxxxx> wrote: >>> From: Vlad Ioan Topan <itopan@xxxxxxxxxxxxxxx> >>> >>> The default value for the "suppress #VE" bit set by set_mem_access() >>> currently depends on whether the call is made from the same domain (the >>> bit is set when called from another domain and cleared if called from >>> the same domain). This patch changes that behavior to inherit the old >>> suppress #VE bit value if it is already set and to set it to 1 >>> otherwise, which is safer and more reliable. >> >> Could you elaborate on why do you think it is safer and more reliable >> to switch the behavior? I believe the original idea was that the >> domain should only be allowed to clear an SVE bit set by an external >> tool. With this change it will allow the guest to request VE for any >> page the external tool hasn't itself reserved specifically. > > Hmm? This patch by itself simply prevents the guest from changing the > VE bit at all (either setting or clearing it). > > Or did you mean, "This patch series"? No, technically the other patch is fine by itself. It can only be used to set the SVE bit from a privileged domain, but by itself that is fine. Only this patch is problematic if we want to allow a setup where there is only an in-guest tool without a corresponding vm_event mem_access listener. Tamas _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx https://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |