[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] x86/sm{e, a}p: do not enable SMEP/SMAP in PV shim by default on AMD

To: andrew.cooper3@xxxxxxxxxx
From: David Woodhouse <dwmw2@xxxxxxxxxxxxx>
Date: Thu, 12 Oct 2023 09:21:16 +0100
Cc: George.Dunlap@xxxxxxxxxxxxx, jbeulich@xxxxxxxx, julien@xxxxxxx, roger.pau@xxxxxxxxxx, sstabellini@xxxxxxxxxx, wl@xxxxxxx, xen-devel@xxxxxxxxxxxxxxxxxxxx
Delivery-date: Thu, 12 Oct 2023 08:21:39 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Thu, 2023-10-12 at 10:13 +0800, andrew.cooper3@xxxxxxxxxx wrote:
> On 11/10/2023 7:34 pm, David Woodhouse wrote:
> > But why does the shim even need to turn it off when switching to the
> > guest context? Its guest isn't running in supervisor mode so surely it
> > doesn't *matter* whether SMEP is enabled or not? Why not just leave it
> > on at all times?
> 
> 32bit PV kernels run in Ring1.  Which is supervisor and not user.

Ah, thanks.

> Some older PV kernels do execute on user pages, and don't like getting
> SMEP faults when they didn't turn it on to begin with.

PV guests never actually had the option to turn SMEP on, did they? 

(Otherwise I may have to rethink the approach of just putting
'smep=off' onto the shim command line when running under KVM...)

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Follow-Ups:
- Re: [Xen-devel] [PATCH] x86/sm{e, a}p: do not enable SMEP/SMAP in PV shim by default on AMD
  - From: Andrew Cooper

References:
- Re: [Xen-devel] [PATCH] x86/sm{e, a}p: do not enable SMEP/SMAP in PV shim by default on AMD
  - From: David Woodhouse
- Re: [Xen-devel] [PATCH] x86/sm{e, a}p: do not enable SMEP/SMAP in PV shim by default on AMD
  - From: andrew . cooper3

Prev by Date: Re: [PATCH mm-unstable v9 14/31] s390: Convert various pgalloc functions to use ptdescs
Next by Date: Re: [Xen-devel] [PATCH] x86/sm{e, a}p: do not enable SMEP/SMAP in PV shim by default on AMD
Previous by thread: Re: [Xen-devel] [PATCH] x86/sm{e, a}p: do not enable SMEP/SMAP in PV shim by default on AMD
Next by thread: Re: [Xen-devel] [PATCH] x86/sm{e, a}p: do not enable SMEP/SMAP in PV shim by default on AMD
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.