[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] Xen missing prompt log when exec-sp=off

> From: Jin Nan Wang <jnwang@xxxxxxxx>
> Sent: Monday, December 16, 2019 1:48 PM
> 
> Fix a issue when user disable ETP exec-sp, xen missed a prompt
> log in dmesg.
> 
> Signed-off-by: James Wang <jnwang@xxxxxxxx>
> ---
>  xen/arch/x86/hvm/vmx/vmx.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c
> index 7970ba93e1..9c1f0f645d 100644
> --- a/xen/arch/x86/hvm/vmx/vmx.c
> +++ b/xen/arch/x86/hvm/vmx/vmx.c
> @@ -2499,7 +2499,9 @@ const struct hvm_function_table * __init
> start_vmx(void)
>          {
>              /* Default to non-executable superpages on vulnerable hardware. 
> */
>              opt_ept_exec_sp = !cpu_has_bug_pschange_mc;
> -
> +        }

no parenthesis then. Just move the comment before the earlier condition
check

> +        if (opt_ept_exec_sp == false)
> +        {
>              if ( cpu_has_bug_pschange_mc )
>                  printk("VMX: Disabling executable EPT superpages due to CVE-
> 2018-12207\n");
>          }

Can we do it another way? Always throw out a warning if the hardware
is vulnerable, plus its enabling status?

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.