Re: [PATCH v9 3/9] xen/x86: support per-domain flag for xpti

From: Sergey Dyasli <sergey.dyasli@citrix.com>
To: "jgross@suse.com" <jgross@suse.com>,
	"xen-devel@lists.xenproject.org" <xen-devel@lists.xenproject.org>
Cc: Sergey Dyasli <sergey.dyasli@citrix.com>,
	"Tim (Xen.org)" <tim@xen.org>,
	"jbeulich@suse.com" <jbeulich@suse.com>,
	Andrew Cooper <Andrew.Cooper3@citrix.com>
Subject: Re: [PATCH v9 3/9] xen/x86: support per-domain flag for xpti
Date: Fri, 27 Apr 2018 07:55:25 +0000	[thread overview]
Message-ID: <1524815725.3304.2.camel@citrix.com> (raw)
In-Reply-To: <20180426113318.21838-4-jgross@suse.com>

On Thu, 2018-04-26 at 13:33 +0200, Juergen Gross wrote:
> Instead of switching XPTI globally on or off add a per-domain flag for
> that purpose. This allows to modify the xpti boot parameter to support
> running dom0 without Meltdown mitigations. Using "xpti=no-dom0" as boot

"xpti=dom0=0"

> parameter will achieve that.
> 
> Move the xpti boot parameter handling to xen/arch/x86/pv/domain.c as
> it is pv-domain specific.
> 
> Signed-off-by: Juergen Gross <jgross@suse.com>
> Reviewed-by: Jan Beulich <jbeulich@suse.com>
> ---
> V9:
> - adjust boot message (Sergey Dyasli)
> - adjust boot parameter documentation (Sergey Dyasli)
> 
> V6.1:
> - address some minor comments (Jan Beulich)
> 
> V6:
> - modify xpti boot parameter options (Andrew Cooper)
> - move xpti_init() code to spec_ctrl.c (Andrew Cooper)
> - irework init of per-domain xpti flag (Andrew Cooper)
> 
> V3:
> - latch get_cpu_info() return value in variable (Jan Beulich)
> - call always xpti_domain_init() for pv dom0 (Jan Beulich)
> - add __init annotations (Jan Beulich)
> - drop per domain XPTI message (Jan Beulich)
> - document xpti=default support (Jan Beulich)
> - move domain xpti flag into a padding hole (Jan Beulich)
> ---
>  docs/misc/xen-command-line.markdown | 14 ++++++-
>  xen/arch/x86/mm.c                   | 17 ++++++++-
>  xen/arch/x86/pv/dom0_build.c        |  1 +
>  xen/arch/x86/pv/domain.c            |  6 +++
>  xen/arch/x86/setup.c                | 19 ----------
>  xen/arch/x86/smpboot.c              |  4 +-
>  xen/arch/x86/spec_ctrl.c            | 75 ++++++++++++++++++++++++++++++++++++-
>  xen/include/asm-x86/current.h       |  3 +-
>  xen/include/asm-x86/domain.h        |  3 ++
>  xen/include/asm-x86/flushtlb.h      |  2 +-
>  xen/include/asm-x86/spec_ctrl.h     |  4 ++
>  11 files changed, 119 insertions(+), 29 deletions(-)
> 
> diff --git a/docs/misc/xen-command-line.markdown b/docs/misc/xen-command-line.markdown
> index b353352adf..220d1ba020 100644
> --- a/docs/misc/xen-command-line.markdown
> +++ b/docs/misc/xen-command-line.markdown
> @@ -1955,14 +1955,24 @@ clustered mode.  The default, given no hint from the **FADT**, is cluster
>  mode.
>  
>  ### xpti
> -> `= <boolean>`
> +> `= List of [ default | <boolean> | dom0=<bool> | domu=<bool> ]`
>  
> -> Default: `false` on AMD hardware
> +> Default: `false` on hardware not to be vulnerable to Meltdown (e.g. AMD)
                                 ^
                                 known

>  > Default: `true` everywhere else
>  
>  Override default selection of whether to isolate 64-bit PV guest page
>  tables.
>  
> +`true` activates page table isolation even on hardware not vulnerable by
> +Meltdown for all domains.
> +
> +`false` deactivates page table isolation on all systems for all domains.
> +
> +`default` sets the default behaviour.
> +
> +With `dom0` and `domu` it is possible to control page table isolation
> +for dom0 or guest domains only.
> +
>  ### xsave
>  > `= <boolean>`

-- 
Thanks,
Sergey
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel