From: Boris Ostrovsky <boris.ostrovsky@oracle.com>
To: Andy Lutomirski <luto@amacapital.net>
Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>,
David Vrabel <david.vrabel@citrix.com>,
"H. Peter Anvin" <hpa@zytor.com>, Ingo Molnar <mingo@redhat.com>,
Thomas Gleixner <tglx@linutronix.de>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"xen-devel@lists.xenproject.org" <xen-devel@lists.xenproject.org>,
linux@eikelenboom.it
Subject: Re: [PATCH v2] hypervisor/x86/xen: Unset X86_BUG_SYSRET_SS_ATTRS on Xen PV guests
Date: Tue, 05 May 2015 10:21:28 -0400 [thread overview]
Message-ID: <5548D1E8.4050609@oracle.com> (raw)
In-Reply-To: <CALCETrXd4HR8Xn-50yiObebEoZi_vPp=mOvb33qC4iCota=k5g@mail.gmail.com>
On 05/05/2015 09:51 AM, Andy Lutomirski wrote:
> On Mon, May 4, 2015 at 8:02 AM, Boris Ostrovsky
> <boris.ostrovsky@oracle.com> wrote:
>> Commit 61f01dd941ba ("x86_64, asm: Work around AMD SYSRET SS descriptor
>> attribute issue") makes AMD processors set SS to __KERNEL_DS in
>> __switch_to() to deal with cases when SS is NULL.
>>
>> This breaks Xen PV guests who do not want to load SS with__KERNEL_DS.
>>
>> Since the problem that the commit is trying to address would have to be
>> fixed in the hypervisor (if it in fact exists under Xen) there is no
>> reason to set X86_BUG_SYSRET_SS_ATTRS flag for PV VPCUs here.
>>
>> This can be easily achieved by adding x86_hyper_xen_hvm.set_cpu_features
>> op which will clear this flag. (And since this structure is no longer
>> HVM-specific we should do some renaming).
> Looks good to me, but:
>
>> static void __init xen_hvm_guest_init(void)
>> {
>> + if (xen_pv_domain())
>> + return;
>> +
> How can a platform be "hvm" and "pv"? Is that the PVHVM thing?
No, this is meant for "true" PV guest not to go through HVM-specific
initialization.
We have to do it since now x86_hyper_xen_hvm (renamed to x86_hyper_xen)
will have init_platform() op and so init_hypervisor_platform() will call
it obviously without knowing the type of the guest.
>
>> +static void xen_set_cpu_features(struct cpuinfo_x86 *c)
>> +{
>> + if (xen_pv_domain())
>> + clear_cpu_bug(c, X86_BUG_SYSRET_SS_ATTRS);
>> +}
> I haven't followed all the twists and turns, but, if the guest
> platform is such that the guest kernel is really executing SYSRET and
> we're on AMD, then we have the sysret_ss_attrs bug. If PVHVM has
> xen_pv_domain() returning true but also uses SYSRET for real, then
> this looks wrong.
HVM guests execute SYSRET and they will continue having
X86_BUG_SYSRET_SS_ATTRS flag on. PV guests OTOH don't do SYSRET, the
hypervisor does (which is why if this issue is to be fixed it would have
to be done in the hypervisor).
-boris
next prev parent reply other threads:[~2015-05-05 16:06 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-05-04 15:02 [PATCH v2] hypervisor/x86/xen: Unset X86_BUG_SYSRET_SS_ATTRS on Xen PV guests Boris Ostrovsky
2015-05-05 13:51 ` Andy Lutomirski
2015-05-05 14:21 ` Boris Ostrovsky [this message]
2015-05-05 17:25 ` David Vrabel
2015-05-05 17:31 ` Boris Ostrovsky
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5548D1E8.4050609@oracle.com \
--to=boris.ostrovsky@oracle.com \
--cc=david.vrabel@citrix.com \
--cc=hpa@zytor.com \
--cc=konrad.wilk@oracle.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@eikelenboom.it \
--cc=luto@amacapital.net \
--cc=mingo@redhat.com \
--cc=tglx@linutronix.de \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox