From: DuanZhenzhong <zhenzhong.duan@oracle.com>
To: Jan Beulich <JBeulich@suse.com>
Cc: Jinsong Liu <jinsong.liu@intel.com>, Tim Deegan <tim@xen.org>,
Keir Fraser <keir@xen.org>,
"suravee.suthikulpanit@amd.com" <suravee.suthikulpanit@amd.com>,
Andrew Cooper <andrew.cooper3@citrix.com>,
Eddie Dong <eddie.dong@intel.com>,
"xen-devel@lists.xen.org" <xen-devel@lists.xen.org>,
Will Auld <will.auld@intel.com>,
Jun Nakajima <jun.nakajima@intel.com>,
"sherry.hurwitz@amd.com" <sherry.hurwitz@amd.com>
Subject: Re: [PATCH 3/3 V3] XSA-60 security hole: cr0.cd handling
Date: Wed, 23 Oct 2013 16:48:14 +0800 [thread overview]
Message-ID: <52678D4E.1000603@oracle.com> (raw)
In-Reply-To: <5266AE0D02000078000FCB84@nat28.tlf.novell.com>
Jan Beulich wrote:
>>>> On 21.10.13 at 17:55, "Liu, Jinsong" <jinsong.liu@intel.com> wrote:
>>>>
>> From 4ff1e2955f67954e60562b29a00adea89e5b93ae Mon Sep 17 00:00:00 2001
>> From: Liu Jinsong <jinsong.liu@intel.com>
>> Date: Thu, 17 Oct 2013 05:49:23 +0800
>> Subject: [PATCH 3/3 V3] XSA-60 security hole: cr0.cd handling
>>
>> This patch solves XSA-60 security hole:
>> 1. For guest w/o VT-d, and for guest with VT-d but snooped, Xen need
>> do nothing, since hardware snoop mechanism has ensured cache coherency.
>>
>> 2. For guest with VT-d but non-snooped, cache coherency can not be
>> guaranteed by h/w snoop, therefore it need emulate UC type to guest:
>> 2.1). if it works w/ Intel EPT, set guest IA32_PAT fields as UC so that
>> guest memory type are all UC.
>> 2.2). if it works w/ shadow, drop all shadows so that any new ones would
>> be created on demand w/ UC.
>>
>> This patch also fix a bug of shadow cr0.cd setting. Current shadow has a
>> small window between cache flush and TLB invalidation, resulting in possilbe
>> cache pollution. This patch pause vcpus so that no vcpus context involved
>> into the window.
>>
>> Signed-off-by: Liu Jinsong <jinsong.liu@intel.com>
>>
>
> This looks fine to me now, but will need acks/reviews at least from
> - Keir (whose blessing of the pausing construct I'd like to have even
> if this didn't involve changing non-x86 files)
> - one of the VMX maintainers
> - one or both of Tim and Andrew
>
> And of course I'd really appreciate if Oracle could arrange for
> testing this, to confirm their performance problem is also gone with
> this.
>
I am try finding an env to test it. I'll reply after test.
zduan
next prev parent reply other threads:[~2013-10-23 8:48 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-10-21 15:55 [PATCH 3/3 V3] XSA-60 security hole: cr0.cd handling Liu, Jinsong
2013-10-22 14:55 ` Jan Beulich
2013-10-23 8:48 ` DuanZhenzhong [this message]
2013-10-23 16:29 ` Nakajima, Jun
2013-10-23 16:38 ` Jan Beulich
2013-10-24 16:19 ` Liu, Jinsong
2013-10-24 16:39 ` Liu, Jinsong
2013-10-28 7:29 ` Jan Beulich
2013-10-28 8:31 ` Liu, Jinsong
2013-10-28 9:29 ` Jan Beulich
2013-10-29 16:52 ` Liu, Jinsong
2013-10-29 17:20 ` Andrew Cooper
2013-10-30 15:21 ` Liu, Jinsong
2013-10-30 15:27 ` Jan Beulich
2013-10-30 8:05 ` Jan Beulich
2013-10-30 15:41 ` Liu, Jinsong
2013-10-22 15:26 ` Tim Deegan
2013-10-23 10:16 ` Andrew Cooper
2013-11-04 8:49 ` Zhenzhong Duan
2013-11-04 9:05 ` kexec spin lock issue (was: Re: [PATCH 3/3 V3] XSA-60 security hole: cr0.cd handling) Jan Beulich
2013-11-06 12:30 ` [PATCH 3/3 V3] XSA-60 security hole: cr0.cd handling Jan Beulich
2013-11-05 21:06 ` Keir Fraser
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=52678D4E.1000603@oracle.com \
--to=zhenzhong.duan@oracle.com \
--cc=JBeulich@suse.com \
--cc=andrew.cooper3@citrix.com \
--cc=eddie.dong@intel.com \
--cc=jinsong.liu@intel.com \
--cc=jun.nakajima@intel.com \
--cc=keir@xen.org \
--cc=sherry.hurwitz@amd.com \
--cc=suravee.suthikulpanit@amd.com \
--cc=tim@xen.org \
--cc=will.auld@intel.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.