[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] xen domU segfaults with xpti on intel based systems

  • To: xen-users@xxxxxxxxxxxxxxxxxxxx
  • From: Andy Smith <andy@xxxxxxxxxxxxxx>
  • Date: Fri, 11 Jan 2019 16:52:00 +0000
  • Delivery-date: Fri, 11 Jan 2019 16:53:02 +0000
  • List-id: Xen user discussion <xen-users.lists.xenproject.org>
  • Openpgp: id=BF15490B; url=http://strugglers.net/~andy/pubkey.asc

Hi Juergen, Tomas,

On Fri, Jan 11, 2019 at 09:21:09AM +0100, Juergen Gross wrote:
> On 11/01/2019 07:05, Tomas Mozes wrote:
> > Some of the affected systems are Debian 8/9 (Debian 10 with kernel 4.18
> > seems to work fine) and NetBSD 7. It's harder to reproduce the segfaults
> > on Debian, but on NetBSD it's almost instant.
> Hmm, as we haven't received any similar reports, I suspect there is
> something special on your side.

I did report slightly similar problems to xen-devel:


I currently work around it by ensuring the guests have updated their
kernels to have the L1TF mitigations (you can tell because
/sys/devices/system/cpu/vulnerabilities/l1tf appears).

The other way was to set the Xen command line options pv-l1tf=false
or pcid=0.

For me this only affected 64-bit PV domains, but I only run Linux. I
didn't try xpti=false because the logs about shadowing made me try
the L1TF-related options first.

For me the above behaviour is experienced on Xeon D-1540 and Xeon
E5-1680v4 systems. I don't have any other types of system so don't
know how widespread it is.

Also please note that within weeks I also started experiencing much
worse problems: host crash, for which the only suggestion so far is
to try pcid=0. As that is hard for me to reproduce, with a time to
re-occurrence currently somewhere between 8 and 14 days, I am not
yet sure if pcid=0 helps. We're 9 days in to a test on that.



Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.