[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v2 2/2] x86/xpti: don't map stack guard pages

On 02/03/18 14:35, Jan Beulich wrote:
> Other than for the main mappings, don't even do this in release builds,
> as there are no huge page shattering concerns here.
>
> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>

Acked-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, although I think
somewhere (even if its only the commit message) might want to identify
that this is safe to the AMD triple fault issue, because even if someone
enabled XPTI, it only takes effect for PV guests, rather than HVM.  Also,

> ---
> v2: New.
>
> --- a/xen/arch/x86/smpboot.c
> +++ b/xen/arch/x86/smpboot.c
> @@ -799,7 +799,8 @@ static int setup_cpu_root_pgt(unsigned i
>  
>      /* Install direct map page table entries for stack, IDT, and TSS. */
>      for ( off = rc = 0; !rc && off < STACK_SIZE; off += PAGE_SIZE )
> -        rc = clone_mapping(__va(__pa(stack_base[cpu])) + off, rpt);
> +        if ( !memguard_is_stack_guard_page(off) )
> +            rc = clone_mapping(__va(__pa(stack_base[cpu])) + off, rpt);
>  
>      if ( !rc )
>          rc = clone_mapping(idt_tables[cpu], rpt);
> --- a/xen/arch/x86/mm.c
> +++ b/xen/arch/x86/mm.c
> @@ -5576,6 +5576,14 @@ void memguard_unguard_stack(void *p)
>                             STACK_SIZE - PRIMARY_STACK_SIZE - IST_MAX * 
> PAGE_SIZE);
>  }
>  
> +bool memguard_is_stack_guard_page(unsigned long addr)
> +{
> +    addr &= STACK_SIZE - 1;
> +
> +    return addr >= IST_MAX * PAGE_SIZE &&
> +           addr < STACK_SIZE - PRIMARY_STACK_SIZE;
> +}

This probably would be better as a static inline, rather than a call
into a separate translation unit, at which point a clever compiler might
be able to split the loop in two (and may actually have an easier time
doing so if the logic was expressed in terms of get_stack_page()).

~Andrew

> +
>  void arch_dump_shared_mem_info(void)
>  {
>      printk("Shared frames %u -- Saved frames %u\n",
> --- a/xen/include/asm-x86/mm.h
> +++ b/xen/include/asm-x86/mm.h
> @@ -519,6 +519,7 @@ void memguard_unguard_range(void *p, uns
>  
>  void memguard_guard_stack(void *p);
>  void memguard_unguard_stack(void *p);
> +bool __attribute_const__ memguard_is_stack_guard_page(unsigned long addr);
>  
>  struct mmio_ro_emulate_ctxt {
>          unsigned long cr2;
>
>
>


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.