[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 6/6] x86/hvm: Support PKS

  • To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Tue, 21 Dec 2021 13:18:44 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=tdBbRZZQfXXmFEzaqnGHC1rJTLtD1hXilMc6SU9ezdE=; b=G1lqT/TWWYS2fO24EYM+j0kCgzwzAny5ZvtYh8kztaXxvRI5yKbUR/QahYgIyWSW3qjP6ggVbXS6qhzez7fUCnUsAATzCY2/3tardAndWV0YRZb07s2v9vcizalASVkGT2JVaOe+CFneD1Is9Hvda6nzpgHreqwuMhbcdQGs4RF/dao4VYi/ahsnBAH1Jm85VLymZ0No0QdHwcJsb0zQF4h5JWiHLS4shxEkASuGtsQWELlU3YFEE0hYyNr+UxfxW8tVSdqghpDUTRC91Lv2l8ibx12PgUcdA/TdRRq0CGL18/SfYhdixFo7E+DdkMXG+wsPoNRZqX6QshOhBUW6eQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RUQWKBKA2xDHCa1+cfW+jqXi+15VWK0p/wtoyTWre2JYxN1ctX0Xv2cx/PWP76UCcJoOnQo01YRvPsFSq1oKmcHl0uTYnvxLOcGUl8D3O6OIfRF9RJm4WboR+f09kxxf1V8YtIGXwbUNZYNVyGwoj8HcyA/YYt5IRyDb05iNRK4/Lv1VinIjkfSoCjbAuRj1CqZ1pivfsPWuowT7RfzRun1meHXcnfi7gLYnQEgWxL7ViquElEJYOJjv2it6pfUvI2VKgquS/0HkQSQu0NuMCvb57o8BO3K+d0TT6FXJOlJXXs4yYRbUAhXM3qY2aVVnTXdb1OKYdYyZdgLnoNeVHQ==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Tue, 21 Dec 2021 12:19:04 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 16.12.2021 10:54, Andrew Cooper wrote:
> With all infrastructure in place, advertise the PKS CPUID bit to guests, and
> let them set CR4.PKS.
> 
> Experiment with a tweak to the layout of hvm_cr4_guest_valid_bits() so future
> additions will be just a single added line.
> 
> The current context switching behaviour is tied to how VT-x works, so leave a
> safety check in the short term.
> 
> Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>

I would like to ask though that you ...

> --- a/xen/include/public/arch-x86/cpufeatureset.h
> +++ b/xen/include/public/arch-x86/cpufeatureset.h
> @@ -244,7 +244,7 @@ XEN_CPUFEATURE(CLDEMOTE,      6*32+25) /*A  CLDEMOTE 
> instruction */
>  XEN_CPUFEATURE(MOVDIRI,       6*32+27) /*a  MOVDIRI instruction */
>  XEN_CPUFEATURE(MOVDIR64B,     6*32+28) /*a  MOVDIR64B instruction */
>  XEN_CPUFEATURE(ENQCMD,        6*32+29) /*   ENQCMD{,S} instructions */
> -XEN_CPUFEATURE(PKS,           6*32+31) /*   Protection Key for Supervisor */
> +XEN_CPUFEATURE(PKS,           6*32+31) /*H  Protection Key for Supervisor */

... clarify this restriction of not covering shadow mode guests by
an adjustment to title or description. Aiui the sole reason for
the restriction is that shadow code doesn't propagate the key bits
from guest to shadow PTEs?

Jan

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.