From: George Dunlap <george.dunlap@citrix.com>
To: Jan Beulich <JBeulich@suse.com>, Huaitong Han <huaitong.han@intel.com>
Cc: kevin.tian@intel.com, wei.liu2@citrix.com,
ian.campbell@citrix.com, stefano.stabellini@eu.citrix.com,
george.dunlap@eu.citrix.com, andrew.cooper3@citrix.com,
ian.jackson@eu.citrix.com, xen-devel@lists.xen.org,
jun.nakajima@intel.com, keir@xen.org
Subject: Re: [PATCH V5 4/6] x86/hvm: pkeys, add pkeys support for guest_walk_tables
Date: Tue, 22 Dec 2015 15:23:54 +0000 [thread overview]
Message-ID: <56796B0A.8060608@citrix.com> (raw)
In-Reply-To: <567957ED02000078000C23F5@prv-mh.provo.novell.com>
On 22/12/15 13:02, Jan Beulich wrote:
>>>> On 22.12.15 at 11:30, <huaitong.han@intel.com> wrote:
>
> I dislike having to repeat this: Please trim your Cc lists.
>
>> --- a/xen/arch/x86/mm/guest_walk.c
>> +++ b/xen/arch/x86/mm/guest_walk.c
>> @@ -90,6 +90,57 @@ static uint32_t set_ad_bits(void *guest_p, void *walk_p, int set_dirty)
>> return 0;
>> }
>>
>> +extern bool_t pkey_fault(struct vcpu *vcpu, uint32_t pfec,
>> + uint32_t pte_flags, uint32_t pte_pkey);
>> +#if GUEST_PAGING_LEVELS == CONFIG_PAGING_LEVELS
>> +bool_t pkey_fault(struct vcpu *vcpu, uint32_t pfec,
>> + uint32_t pte_flags, uint32_t pte_pkey)
>> +{
>
> See my comments on the previous version. Please avoid sending new
> versions without having addressed all comments on the previous one
> (verbally or by code changes). Having done the suggested change
> just partially (by removing the #ifdef-s from the call sites) you now
> do the key check universally, and things remain correct just because
> of the long mode check in the middle of the function.
>
>> + unsigned int pkru = 0;
>> + bool_t pkru_ad, pkru_wd;
>> +
>> + bool_t pf = !!(pfec & PFEC_page_present);
>
> There's still this stray blank line above (and I continue to wonder
> whether you really need all these boolean variables many of which
> get used just once).
I suspect the "stray blank line" was added for readability.
But I agree that I'd prefer not to use local boolean variables, and just
to put the flag checking inline.
>
>> + bool_t uf = !!(pfec & PFEC_user_mode);
>> + bool_t wf = !!(pfec & PFEC_write_access);
>> + bool_t ff = !!(pfec & PFEC_insn_fetch);
>> + bool_t rsvdf = !!(pfec & PFEC_reserved_bit);
>> +
>> + /* When page isn't present, PKEY isn't checked. */
>> + if ( !pf || is_pv_vcpu(vcpu) )
>> + return 0;
>> +
>> + /*
>> + * PKU: additional mechanism by which the paging controls
>> + * access to user-mode addresses based on the value in the
>> + * PKRU register. A fault is considered as a PKU violation if all
>> + * of the following conditions are ture:
*true
>> + * 1.CR4_PKE=1.
>> + * 2.EFER_LMA=1.
>> + * 3.page is present with no reserved bit violations.
>> + * 4.the access is not an instruction fetch.
>> + * 5.the access is to a user page.
>> + * 6.PKRU.AD=1
>> + * or The access is a data write and PKRU.WD=1
>> + * and either CR0.WP=1 or it is a user access.
>> + */
>> + if ( !hvm_pku_enabled(vcpu) || !hvm_long_mode_enabled(vcpu) ||
>> + rsvdf || ff || !(pte_flags & _PAGE_USER) )
And I think you might as well make this one line per condition,
something like this:
if ( is_pv_vcpu(vcpu) ||
!hvm_pku_enabled(vcpu) ||
!hvm_long_mode_enabled(vcpu)
!(pfec & PFEC_page_present) ||
(pfec & (PFEC_insn_fetch|PFEC_reserved_bit)) ||
!(pte_flags & _PAGE_USER) )
return 0;
-George
next prev parent reply other threads:[~2015-12-22 15:23 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-12-22 10:30 [PATCH V5 0/6] x86/hvm: pkeys, add memory protection-key support Huaitong Han
2015-12-22 10:30 ` [PATCH V5 1/6] x86/hvm: pkeys, add the flag to enable Memory Protection Keys Huaitong Han
2015-12-22 12:43 ` Jan Beulich
2015-12-22 10:30 ` [PATCH V5 2/6] x86/hvm: pkeys, add pkeys support when setting CR4 Huaitong Han
2015-12-22 10:30 ` [PATCH V5 3/6] x86/hvm: pkeys, disable pkeys for guests in non-paging mode Huaitong Han
2015-12-22 10:30 ` [PATCH V5 4/6] x86/hvm: pkeys, add pkeys support for guest_walk_tables Huaitong Han
2015-12-22 11:17 ` Andrew Cooper
2015-12-22 13:02 ` Jan Beulich
2015-12-22 15:23 ` George Dunlap [this message]
2015-12-22 15:39 ` George Dunlap
2015-12-22 16:38 ` George Dunlap
2015-12-22 10:30 ` [PATCH V5 5/6] x86/hvm: pkeys, add xstate support for pkeys Huaitong Han
2015-12-22 13:03 ` Jan Beulich
2015-12-22 10:30 ` [PATCH V5 6/6] x86/hvm: pkeys, add pkeys support for cpuid handling Huaitong Han
2015-12-22 13:06 ` Jan Beulich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56796B0A.8060608@citrix.com \
--to=george.dunlap@citrix.com \
--cc=JBeulich@suse.com \
--cc=andrew.cooper3@citrix.com \
--cc=george.dunlap@eu.citrix.com \
--cc=huaitong.han@intel.com \
--cc=ian.campbell@citrix.com \
--cc=ian.jackson@eu.citrix.com \
--cc=jun.nakajima@intel.com \
--cc=keir@xen.org \
--cc=kevin.tian@intel.com \
--cc=stefano.stabellini@eu.citrix.com \
--cc=wei.liu2@citrix.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.