[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 2/2] x86: Add Kconfig option to require NX bit support

  • To: Alejandro Vallejo <alejandro.vallejo@xxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Mon, 19 Jun 2023 10:15:51 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=go0JS0HA4u0Kgnz+KBvafMfe0VuKi2wXRAKEo2ro7dY=; b=i108oflLk+TUHoJKkyP1K7itiqqTPXNJDL/b/BEt91aSyWZHKTgAQlvlKzRj72lrxln3rIr1DQ7PwvHikHmETtTnsA2hV7esKWc7+9a7pyQayRTSKX+4DItmtedCN+rgoL1+BdKq2gFUMrnZBSmX0Tyf5knPVO6AH/OhyV4PFVFTh7xFzXHyFhlHTncNl3S6Kr0xIhKtxb0kAGvwbc7R5Tl+OFDpBkqvsGEkXAdAN5/jCFxy/ZUhY7adZ1oKD9mFL15CNyiR9Cuyprrs0Jk15O2nRW1ISgG+YvNnSqu6qEQkFOiD+cvNBGTQR4w9/pnAyyj00dxbEYbJ8vc4faQb4g==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ewhxT6Gs9IvAW0rybB57f+D8NUJKXp8Tn9QiCAhzyeNRifcyuZVKGePPcJsRSp5dm6wFTTVVhjxZNFmRGMN7kbUfmXZdJZG0NB8ANoJqtP2bWLRAWZq6Tkamggo2GI9aBXVl9zmNHBOje6apDvYnhrs8fhJj1OlkuWaibUkKSUMswD2ld4u1OcwDbImUl/eeBVejQ2JJJH3bRrDdYzxx5fTiiLXdwql9KpHzMvg3hvQtljkBWu8yrfT05HqYnWjP6MQPZdfQilfD3zDRxuGSMdH3B5W6BS4jFvQGXVXBreNZcPuvTHp+V2vGz/n/WuN3XG4+RbTkDrwWnR2yCbIvMg==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Mon, 19 Jun 2023 08:16:06 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 15.06.2023 17:31, Alejandro Vallejo wrote:
> This option hardens Xen by forcing it to write secure (NX-enhanced) PTEs
> regardless of the runtime NX feature bit in boot_cpu_data. This prevents an
> attacker with partial write support from affecting Xen's PTE generation
> logic by overriding the NX feature flag. The patch asserts support for the
> NX bit in PTEs at boot time and if so short-circuits the cpu_has_nx macro
> to 1.
> 
> It has the nice benefit of replacing many instances of runtime checks with
> folded constants. This has several knock-on effects that improve codegen,
> saving 2.5KiB off the text section.
> 
> The config option defaults to OFF for compatibility with previous
> behaviour.
> 
> Signed-off-by: Alejandro Vallejo <alejandro.vallejo@xxxxxxxxx>

Just one nit on top of Andrew's comments:

> @@ -697,9 +708,11 @@ trampoline_setup:
>          jnc     .Lno_nx_bit
>  
>  .Lhas_nx_bit:
> +#ifndef CONFIG_REQUIRE_NX
>          /* Adjust EFER is NX is present */
>          orb     $EFER_NXE >> 8, 1 + sym_esi(trampoline_efer)
>  .Lno_nx_bit:
> +#endif

In the comment the first "is" likely was meant to be "if".

Jan

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.