From: "Roger Pau Monné" <roger.pau@citrix.com>
To: Andrew Cooper <andrew.cooper3@citrix.com>
Cc: xen-devel@lists.xenproject.org, alejandro.vallejo@cloud.com,
Jan Beulich <jbeulich@suse.com>
Subject: Re: [PATCH 03/22] x86/dom0: only disable SMAP for the PV dom0 build
Date: Mon, 29 Jul 2024 18:32:05 +0200 [thread overview]
Message-ID: <ZqfEBfcxJL87deDx@macbook> (raw)
In-Reply-To: <3077368e-caba-42ad-b6ac-3406ca5c4861@citrix.com>
On Mon, Jul 29, 2024 at 04:59:09PM +0100, Andrew Cooper wrote:
> On 26/07/2024 4:21 pm, Roger Pau Monne wrote:
> > diff --git a/xen/arch/x86/setup.c b/xen/arch/x86/setup.c
> > index eee20bb1753c..bc387d96b519 100644
> > --- a/xen/arch/x86/setup.c
> > +++ b/xen/arch/x86/setup.c
> > @@ -955,26 +955,9 @@ static struct domain *__init create_dom0(const module_t *image,
> > }
> > }
> >
> > - /*
> > - * Temporarily clear SMAP in CR4 to allow user-accesses in construct_dom0().
> > - * This saves a large number of corner cases interactions with
> > - * copy_from_user().
> > - */
> > - if ( cpu_has_smap )
> > - {
> > - cr4_pv32_mask &= ~X86_CR4_SMAP;
> > - write_cr4(read_cr4() & ~X86_CR4_SMAP);
> > - }
> > -
> > if ( construct_dom0(d, image, headroom, initrd, cmdline) != 0 )
> > panic("Could not construct domain 0\n");
> >
> > - if ( cpu_has_smap )
> > - {
> > - write_cr4(read_cr4() | X86_CR4_SMAP);
> > - cr4_pv32_mask |= X86_CR4_SMAP;
> > - }
> > -
>
> Hang on. Isn't this (preexistingly) broken given the distinction
> between cpu_has_smap and X86_FEATURE_XEN_SMAP ?
I see, looks like Xen will unconditionally enable SMAP if the user has
requested SMP for HVM only. Forcefully disabling SMAP for both PV and
HVM will result in the CPUID bit getting cleared, and hence
cpu_has_smap == false.
> I'm very tempted to use this as a justification to remove opt_smap.
Oh, so my change fixes that bug by caching the previous cr4 instead of
using cpu_has_smap.
It seems like opt_smap is useful for the PV shim, as it caused some
unnecessary performance degradation on AMD hardware due to AMD not
allowing to selectively trap accesses to CR4, so on pvshim mode
it gets disabled:
b05ec9263e56 x86/sm{e, a}p: do not enable SMEP/SMAP in PV shim by default on AMD
Thanks, Roger.
next prev parent reply other threads:[~2024-07-29 16:32 UTC|newest]
Thread overview: 64+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-07-26 15:21 [PATCH 00/22] x86: adventures in Address Space Isolation Roger Pau Monne
2024-07-26 15:21 ` [PATCH 01/22] x86/mm: drop l{1,2,3,4}e_write_atomic() Roger Pau Monne
2024-07-29 7:52 ` Jan Beulich
2024-07-29 12:53 ` Roger Pau Monné
2024-07-26 15:21 ` [PATCH 02/22] x86/mm: rename l{1,2,3,4}e_read_atomic() Roger Pau Monne
2024-07-29 7:53 ` Jan Beulich
2024-07-26 15:21 ` [PATCH 03/22] x86/dom0: only disable SMAP for the PV dom0 build Roger Pau Monne
2024-07-29 8:17 ` Roger Pau Monné
2024-07-29 11:53 ` Jan Beulich
2024-07-29 15:52 ` Andrew Cooper
2024-07-29 16:18 ` Roger Pau Monné
2024-07-29 17:51 ` Andrew Cooper
2024-07-30 10:55 ` Roger Pau Monné
2024-07-30 11:06 ` Andrew Cooper
2024-07-30 13:03 ` Roger Pau Monné
2024-07-29 15:59 ` Andrew Cooper
2024-07-29 16:32 ` Roger Pau Monné [this message]
2024-07-26 15:21 ` [PATCH 04/22] x86/mm: ensure L4 idle_pg_table is not modified past boot Roger Pau Monne
2024-08-13 15:54 ` Jan Beulich
2024-09-10 8:54 ` Roger Pau Monné
2024-09-10 9:00 ` Jan Beulich
2024-09-10 9:32 ` Roger Pau Monné
2024-07-26 15:21 ` [PATCH 05/22] x86/mm: make virt_to_xen_l1e() static Roger Pau Monne
2024-07-30 13:12 ` Andrew Cooper
2024-07-26 15:21 ` [PATCH 06/22] x86/mm: introduce a local domain variable to write_ptbase() Roger Pau Monne
2024-07-30 13:19 ` Andrew Cooper
2024-07-26 15:21 ` [PATCH 07/22] x86/spec-ctrl: initialize per-domain XPTI in spec_ctrl_init_domain() Roger Pau Monne
2024-08-14 9:47 ` Jan Beulich
2024-07-26 15:21 ` [PATCH 08/22] x86/mm: avoid passing a domain parameter to L4 init function Roger Pau Monne
2024-07-29 13:36 ` Alejandro Vallejo
2024-07-29 13:43 ` Jan Beulich
2024-07-29 14:18 ` Roger Pau Monné
2024-08-14 10:24 ` Jan Beulich
2024-07-26 15:21 ` [PATCH 09/22] x86/pv: untie issuing FLUSH_ROOT_PGTBL from XPTI Roger Pau Monne
2024-07-26 15:21 ` [PATCH 10/22] x86/mm: move FLUSH_ROOT_PGTBL handling before TLB flush Roger Pau Monne
2024-07-26 15:21 ` [PATCH 11/22] x86/mm: split setup of the per-domain slot on context switch Roger Pau Monne
2024-07-26 15:21 ` [PATCH 12/22] x86/spec-ctrl: introduce Address Space Isolation command line option Roger Pau Monne
2024-08-14 10:10 ` Jan Beulich
2024-09-25 13:31 ` Roger Pau Monné
2024-09-25 14:03 ` Jan Beulich
2024-09-25 15:27 ` Roger Pau Monné
2024-09-25 15:47 ` Jan Beulich
2024-07-26 15:21 ` [PATCH 13/22] x86/hvm: use a per-pCPU monitor table in HAP mode Roger Pau Monne
2024-08-16 18:02 ` Alejandro Vallejo
2024-08-19 8:29 ` Jan Beulich
2024-08-19 18:22 ` Alejandro Vallejo
2024-09-25 16:19 ` Roger Pau Monné
2024-07-26 15:21 ` [PATCH 14/22] x86/hvm: use a per-pCPU monitor table in shadow mode Roger Pau Monne
2024-07-26 15:21 ` [PATCH 15/22] x86/idle: allow using a per-pCPU L4 Roger Pau Monne
2024-08-21 16:42 ` Alejandro Vallejo
2024-09-27 9:29 ` Roger Pau Monné
2024-07-26 15:22 ` [PATCH 16/22] x86/mm: introduce a per-CPU L3 table for the per-domain slot Roger Pau Monne
2024-08-16 18:40 ` Alejandro Vallejo
2024-09-27 9:46 ` Roger Pau Monné
2024-07-26 15:22 ` [PATCH 17/22] x86/mm: introduce support to populate a per-CPU page-table region Roger Pau Monne
2024-07-26 15:22 ` [PATCH 18/22] x86/mm: allow modifying per-CPU entries of remote page-tables Roger Pau Monne
2024-07-26 15:22 ` [PATCH 19/22] x86/mm: introduce a per-CPU fixmap area Roger Pau Monne
2024-07-26 15:22 ` [PATCH 20/22] x86/pv: allow using a unique per-pCPU root page table (L4) Roger Pau Monne
2024-07-26 15:22 ` [PATCH 21/22] x86/mm: switch to a per-CPU mapped stack when using ASI Roger Pau Monne
2024-07-26 15:22 ` [PATCH 22/22] x86/mm: zero stack on stack switch or reset Roger Pau Monne
2024-07-29 15:40 ` Andrew Cooper
2024-07-30 10:49 ` Roger Pau Monné
2024-08-13 13:16 ` Jan Beulich
2024-09-27 10:22 ` Roger Pau Monné
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZqfEBfcxJL87deDx@macbook \
--to=roger.pau@citrix.com \
--cc=alejandro.vallejo@cloud.com \
--cc=andrew.cooper3@citrix.com \
--cc=jbeulich@suse.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.