From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Jan Beulich <jbeulich@suse.com>
Cc: Xen-devel <xen-devel@lists.xenproject.org>,
"Roger Pau Monné" <roger.pau@citrix.com>
Subject: Re: [PATCH 15/22] x86/traps: Introduce opt_fred
Date: Thu, 14 Aug 2025 20:16:12 +0100 [thread overview]
Message-ID: <8adbd032-9da2-481d-8d98-30c9a605ec46@citrix.com> (raw)
In-Reply-To: <0a6b6fce-2cc8-4933-8703-399e4a4fdad6@suse.com>
On 14/08/2025 2:30 pm, Jan Beulich wrote:
> On 08.08.2025 22:23, Andrew Cooper wrote:
>> ... disabled by default. There is a lot of work before FRED can be enabled by
>> default.
>>
>> One part of FRED, the LKGS (Load Kernel GS) instruction, is enumerated
>> separately but is mandatory as FRED disallows the SWAPGS instruction.
>> Therefore, both CPUID bits must be checked.
> See my (further) reply to patch 13 - I think FRED simply ought to depend on
> LKGS.
>
>> @@ -20,6 +22,9 @@ unsigned int __ro_after_init ler_msr;
>> static bool __initdata opt_ler;
>> boolean_param("ler", opt_ler);
>>
>> +int8_t __ro_after_init opt_fred = 0; /* -1 when supported. */
> I'm a little puzzled by the comment? DYM "once default-enabled"?
Well, I have this temporary patch
https://gitlab.com/xen-project/hardware/xen-staging/-/commit/70ef6a1178a411a29b7b1745a1112e267ffb6245
that will turn into a real patch when we enable FRED by default.
As much as anything else, it was just a TODO.
> Then ...
>
>> @@ -305,6 +310,32 @@ void __init traps_init(void)
>> /* Replace early pagefault with real pagefault handler. */
>> _update_gate_addr_lower(&bsp_idt[X86_EXC_PF], entry_PF);
>>
>> + if ( !cpu_has_fred || !cpu_has_lkgs )
>> + {
>> + if ( opt_fred )
> ... this won't work anymore once the initializer is changed.
Hmm yes. That wants to be an == 1 check. Fixed.
>
>> + printk(XENLOG_WARNING "FRED not available, ignoring\n");
>> + opt_fred = false;
> Better use 0 here?
>
>> + }
>> +
>> + if ( opt_fred == -1 )
>> + opt_fred = !pv_shim;
> Imo it would be better to have the initializer be -1 right away, and comment
> out the "!pv_shim" here, until we mean it to be default-enabled.
It cannot be -1, or Xen will fail spectacularly on any FRED capable
hardware. Setting to -1 is the point at which FRED becomes security
supported.
>
>> + if ( opt_fred )
>> + {
>> +#ifdef CONFIG_PV32
>> + if ( opt_pv32 )
>> + {
>> + opt_pv32 = 0;
>> + printk(XENLOG_INFO "Disabling PV32 due to FRED\n");
>> + }
>> +#endif
>> + printk("Using FRED event delivery\n");
>> + }
>> + else
>> + {
>> + printk("Using IDT event delivery\n");
>> + }
> Could I talk you into omitting the figure braces here? Hmm, or perhaps you
> mean to later move code here.
Indeed, patch 22.
~Andrew
next prev parent reply other threads:[~2025-08-14 19:16 UTC|newest]
Thread overview: 120+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-08-08 20:22 [PATCH 00/22] x86: FRED support, part 1 (stacks and exceptions) Andrew Cooper
2025-08-08 20:22 ` [PATCH 01/22] x86/msr: Rename MSR_INTERRUPT_SSP_TABLE to MSR_ISST Andrew Cooper
2025-08-12 8:06 ` Jan Beulich
2025-08-13 9:02 ` Andrew Cooper
2025-08-08 20:22 ` [PATCH 02/22] x86/msr: Rename wrmsr_ns() to wrmsrns(), and take 64bit value Andrew Cooper
2025-08-11 6:36 ` Andrew Cooper
2025-08-12 8:08 ` Jan Beulich
2025-08-08 20:22 ` [PATCH 03/22] x86/traps: Drop incorrect BUILD_BUG_ON() and comment in load_system_tables() Andrew Cooper
2025-08-12 8:11 ` Jan Beulich
2025-08-13 9:40 ` Andrew Cooper
2025-08-14 8:50 ` Jan Beulich
2025-08-08 20:22 ` [PATCH 04/22] x86/idt: Minor improvements to _update_gate_addr_lower() Andrew Cooper
2025-08-12 8:16 ` Jan Beulich
2025-08-13 9:48 ` Andrew Cooper
2025-08-08 20:22 ` [PATCH 05/22] x86/traps: Rename early_traps_init() to bsp_early_traps_init() Andrew Cooper
2025-08-12 8:17 ` Jan Beulich
2025-08-08 20:22 ` [PATCH 06/22] x86/traps: Introduce bsp_traps_reinit() Andrew Cooper
2025-08-12 8:19 ` Jan Beulich
2025-08-13 9:51 ` Andrew Cooper
2025-08-08 20:22 ` [PATCH 07/22] x86/spec-ctrl: Rework init_shadow_spec_ctrl_state() to take an info pointer Andrew Cooper
2025-08-12 8:27 ` Jan Beulich
2025-08-13 10:35 ` Andrew Cooper
2025-08-08 20:23 ` [PATCH 08/22] x86/traps: Introduce ap_early_traps_init() and set up exception handling earlier Andrew Cooper
2025-08-12 8:41 ` Jan Beulich
2025-08-13 11:13 ` Andrew Cooper
2025-08-14 8:53 ` Jan Beulich
2025-08-14 18:07 ` [PATCH v1.1 08/22] x86/traps: Introduce percpu_early_traps_init() " Andrew Cooper
2025-08-15 9:24 ` Jan Beulich
2025-08-08 20:23 ` [PATCH 09/22] x86/traps: Move load_system_tables() into traps-setup.c Andrew Cooper
2025-08-12 9:19 ` Jan Beulich
2025-08-13 11:25 ` Andrew Cooper
2025-08-14 8:55 ` Jan Beulich
2025-08-14 18:09 ` Andrew Cooper
2025-08-15 8:22 ` Jan Beulich
2025-08-15 8:28 ` Andrew Cooper
2025-08-15 8:32 ` Jan Beulich
2025-08-12 9:43 ` Nicola Vetrini
2025-08-13 11:36 ` Andrew Cooper
2025-08-14 7:26 ` Jan Beulich
2025-08-14 18:20 ` Andrew Cooper
2025-08-15 8:30 ` Jan Beulich
2025-08-15 8:40 ` Nicola Vetrini
2025-08-15 8:49 ` Jan Beulich
2025-08-08 20:23 ` [PATCH 10/22] x86/traps: Move subarch_percpu_traps_init() " Andrew Cooper
2025-08-11 8:17 ` Andrew Cooper
2025-08-12 9:52 ` Jan Beulich
2025-08-13 11:53 ` Andrew Cooper
2025-08-14 8:58 ` Jan Beulich
2025-08-14 10:17 ` Andrew Cooper
2025-08-14 10:52 ` Jan Beulich
2025-08-14 11:02 ` Andrew Cooper
2025-08-08 20:23 ` [PATCH 11/22] x86/traps: Fold x86_64/traps.c into traps.c Andrew Cooper
2025-08-12 9:53 ` Jan Beulich
2025-08-08 20:23 ` [PATCH 12/22] x86/traps: Unexport show_code() and show_stack_overflow() Andrew Cooper
2025-08-12 9:54 ` Jan Beulich
2025-08-08 20:23 ` [PATCH 13/22] x86: FRED enumerations Andrew Cooper
2025-08-13 12:28 ` Andrew Cooper
2025-08-14 7:30 ` Jan Beulich
2025-08-14 11:20 ` Jan Beulich
2025-08-14 11:42 ` Andrew Cooper
2025-08-14 11:44 ` Jan Beulich
2025-08-14 11:47 ` Andrew Cooper
2025-08-14 19:37 ` Nicola Vetrini
2025-08-14 19:44 ` Andrew Cooper
2025-08-14 21:27 ` Nicola Vetrini
2025-08-14 20:18 ` Nicola Vetrini
2025-08-14 13:19 ` Jan Beulich
2025-08-14 18:45 ` Andrew Cooper
2025-08-15 8:34 ` Jan Beulich
2025-08-21 21:23 ` Andrew Cooper
2025-08-18 9:02 ` Jan Beulich
2025-08-08 20:23 ` [PATCH 14/22] x86/traps: Extend struct cpu_user_regs/cpu_info with FRED fields Andrew Cooper
2025-08-14 13:12 ` Jan Beulich
2025-08-14 15:07 ` Andrew Cooper
2025-08-08 20:23 ` [PATCH 15/22] x86/traps: Introduce opt_fred Andrew Cooper
2025-08-14 13:30 ` Jan Beulich
2025-08-14 19:16 ` Andrew Cooper [this message]
2025-08-15 8:37 ` Jan Beulich
2025-08-21 21:52 ` Andrew Cooper
2025-08-25 9:08 ` Jan Beulich
2025-08-08 20:23 ` [PATCH 16/22] x86/boot: Adjust CR4 handling around ap_early_traps_init() Andrew Cooper
2025-08-14 14:47 ` Jan Beulich
2025-08-14 14:54 ` Andrew Cooper
2025-08-14 14:56 ` Jan Beulich
2025-08-14 19:22 ` Andrew Cooper
2025-08-08 20:23 ` [PATCH 17/22] x86/S3: Switch to using RSTORSSP to recover SSP on resume Andrew Cooper
2025-08-14 14:54 ` Jan Beulich
2025-08-08 20:23 ` [PATCH 18/22] x86/traps: Set MSR_PL0_SSP in load_system_tables() Andrew Cooper
2025-08-14 15:00 ` Jan Beulich
2025-08-14 19:37 ` Andrew Cooper
2025-08-15 8:52 ` Jan Beulich
2025-08-15 13:49 ` Andrew Cooper
2025-08-08 20:23 ` [PATCH 19/22] x86/boot: Use RSTORSSP to establish SSP Andrew Cooper
2025-08-14 15:11 ` Jan Beulich
2025-08-14 20:09 ` Andrew Cooper
2025-08-15 9:03 ` Jan Beulich
2025-08-21 22:09 ` Andrew Cooper
2025-08-25 9:12 ` Jan Beulich
2025-08-08 20:23 ` [PATCH 20/22] x86/traps: Alter switch_stack_and_jump() for FRED mode Andrew Cooper
2025-08-14 15:35 ` Jan Beulich
2025-08-14 20:55 ` Andrew Cooper
2025-08-15 9:10 ` Jan Beulich
2025-08-21 22:56 ` Andrew Cooper
2025-08-25 9:19 ` Jan Beulich
2025-08-08 20:23 ` [PATCH 21/22] x86/traps: Introduce FRED entrypoints Andrew Cooper
2025-08-11 11:38 ` Andrew Cooper
2025-08-14 15:57 ` Jan Beulich
2025-08-14 20:40 ` Andrew Cooper
2025-08-15 9:22 ` Jan Beulich
2025-08-18 8:59 ` Jan Beulich
2025-08-18 10:03 ` Jan Beulich
2025-08-18 10:09 ` Andrew Cooper
2025-08-08 20:23 ` [PATCH 22/22] x86/traps: Enable FRED when requested Andrew Cooper
2025-08-18 9:35 ` Jan Beulich
2025-08-18 9:47 ` Andrew Cooper
2025-08-18 9:53 ` Jan Beulich
2025-08-08 23:49 ` [PATCH 23/22] x86/vmx: Adjust NMI handling for FRED Andrew Cooper
2025-08-18 10:02 ` Jan Beulich
2025-08-18 17:18 ` Andrew Cooper
2025-08-19 6:31 ` Jan Beulich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8adbd032-9da2-481d-8d98-30c9a605ec46@citrix.com \
--to=andrew.cooper3@citrix.com \
--cc=jbeulich@suse.com \
--cc=roger.pau@citrix.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.