[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v2 2/2] x86: Add Kconfig option to require NX bit support
- To: Alejandro Vallejo <alejandro.vallejo@xxxxxxxxx>
- From: Jan Beulich <jbeulich@xxxxxxxx>
- Date: Mon, 19 Jun 2023 10:15:51 +0200
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=go0JS0HA4u0Kgnz+KBvafMfe0VuKi2wXRAKEo2ro7dY=; b=i108oflLk+TUHoJKkyP1K7itiqqTPXNJDL/b/BEt91aSyWZHKTgAQlvlKzRj72lrxln3rIr1DQ7PwvHikHmETtTnsA2hV7esKWc7+9a7pyQayRTSKX+4DItmtedCN+rgoL1+BdKq2gFUMrnZBSmX0Tyf5knPVO6AH/OhyV4PFVFTh7xFzXHyFhlHTncNl3S6Kr0xIhKtxb0kAGvwbc7R5Tl+OFDpBkqvsGEkXAdAN5/jCFxy/ZUhY7adZ1oKD9mFL15CNyiR9Cuyprrs0Jk15O2nRW1ISgG+YvNnSqu6qEQkFOiD+cvNBGTQR4w9/pnAyyj00dxbEYbJ8vc4faQb4g==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ewhxT6Gs9IvAW0rybB57f+D8NUJKXp8Tn9QiCAhzyeNRifcyuZVKGePPcJsRSp5dm6wFTTVVhjxZNFmRGMN7kbUfmXZdJZG0NB8ANoJqtP2bWLRAWZq6Tkamggo2GI9aBXVl9zmNHBOje6apDvYnhrs8fhJj1OlkuWaibUkKSUMswD2ld4u1OcwDbImUl/eeBVejQ2JJJH3bRrDdYzxx5fTiiLXdwql9KpHzMvg3hvQtljkBWu8yrfT05HqYnWjP6MQPZdfQilfD3zDRxuGSMdH3B5W6BS4jFvQGXVXBreNZcPuvTHp+V2vGz/n/WuN3XG4+RbTkDrwWnR2yCbIvMg==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
- Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
- Delivery-date: Mon, 19 Jun 2023 08:16:06 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 15.06.2023 17:31, Alejandro Vallejo wrote:
> This option hardens Xen by forcing it to write secure (NX-enhanced) PTEs
> regardless of the runtime NX feature bit in boot_cpu_data. This prevents an
> attacker with partial write support from affecting Xen's PTE generation
> logic by overriding the NX feature flag. The patch asserts support for the
> NX bit in PTEs at boot time and if so short-circuits the cpu_has_nx macro
> to 1.
>
> It has the nice benefit of replacing many instances of runtime checks with
> folded constants. This has several knock-on effects that improve codegen,
> saving 2.5KiB off the text section.
>
> The config option defaults to OFF for compatibility with previous
> behaviour.
>
> Signed-off-by: Alejandro Vallejo <alejandro.vallejo@xxxxxxxxx>
Just one nit on top of Andrew's comments:
> @@ -697,9 +708,11 @@ trampoline_setup:
> jnc .Lno_nx_bit
>
> .Lhas_nx_bit:
> +#ifndef CONFIG_REQUIRE_NX
> /* Adjust EFER is NX is present */
> orb $EFER_NXE >> 8, 1 + sym_esi(trampoline_efer)
> .Lno_nx_bit:
> +#endif
In the comment the first "is" likely was meant to be "if".
Jan
|