From: Huaitong Han <huaitong.han@intel.com>
To: jbeulich@suse.com, andrew.cooper3@citrix.com,
jun.nakajima@intel.com, eddie.dong@intel.com,
kevin.tian@intel.com, george.dunlap@eu.citrix.com,
ian.jackson@eu.citrix.com, stefano.stabellini@eu.citrix.com,
ian.campbell@citrix.com, wei.liu2@citrix.com, keir@xen.org
Cc: Huaitong Han <huaitong.han@intel.com>, xen-devel@lists.xen.org
Subject: [PATCH 03/10] x86/hvm: pkeys, add the flag to enable Memory Protection Keys
Date: Mon, 16 Nov 2015 18:31:50 +0800 [thread overview]
Message-ID: <1447669917-17939-4-git-send-email-huaitong.han@intel.com> (raw)
In-Reply-To: <1447669917-17939-1-git-send-email-huaitong.han@intel.com>
This patch adds the flag to enable Memory Protection Keys.
Signed-off-by: Huaitong Han <huaitong.han@intel.com>
diff --git a/docs/misc/xen-command-line.markdown b/docs/misc/xen-command-line.markdown
index a565c1b..0ded4bf 100644
--- a/docs/misc/xen-command-line.markdown
+++ b/docs/misc/xen-command-line.markdown
@@ -1303,6 +1303,13 @@ Flag to enable Supervisor Mode Execution Protection
Flag to enable Supervisor Mode Access Prevention
+### pku
+> `= <boolean>>`
+
+> Default: `true`
+
+Flag to enable Memory Protection Keys
+
### snb\_igd\_quirk
> `= <boolean> | cap | <integer>`
diff --git a/xen/arch/x86/setup.c b/xen/arch/x86/setup.c
index 3946e4c..c1f924e 100644
--- a/xen/arch/x86/setup.c
+++ b/xen/arch/x86/setup.c
@@ -67,6 +67,10 @@ invbool_param("smep", disable_smep);
static bool_t __initdata disable_smap;
invbool_param("smap", disable_smap);
+/* pku: Enable/disable Memory Protection Keys (default on). */
+static bool_t __initdata disable_pku;
+invbool_param("pku", disable_pku);
+
/* Boot dom0 in pvh mode */
static bool_t __initdata opt_dom0pvh;
boolean_param("dom0pvh", opt_dom0pvh);
@@ -1304,6 +1308,9 @@ void __init noreturn __start_xen(unsigned long mbi_p)
if ( cpu_has_smap )
set_in_cr4(X86_CR4_SMAP);
+ if ( disable_pku )
+ setup_clear_cpu_cap(X86_FEATURE_PKU);
+
if ( cpu_has_fsgsbase )
set_in_cr4(X86_CR4_FSGSBASE);
--
2.4.3
next prev parent reply other threads:[~2015-11-16 10:31 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-11-16 10:31 [PATCH 00/10] x86/hvm: pkeys, add memory protection-key support Huaitong Han
2015-11-16 10:31 ` [PATCH 01/10] x86/hvm: pkeys, add pkeys support for cpuid handling Huaitong Han
2015-11-16 12:00 ` Andrew Cooper
2015-11-19 14:39 ` Wu, Feng
2015-11-16 16:58 ` Wei Liu
2015-11-16 10:31 ` [PATCH 02/10] x86/hvm: pkeys, add pku support for x86_capability Huaitong Han
2015-11-16 13:35 ` Andrew Cooper
2015-11-16 10:31 ` Huaitong Han [this message]
2015-11-16 13:56 ` [PATCH 03/10] x86/hvm: pkeys, add the flag to enable Memory Protection Keys Andrew Cooper
2015-11-16 10:31 ` [PATCH 04/10] x86/hvm: pkeys, add pkeys support when setting CR4 Huaitong Han
2015-11-16 14:02 ` Andrew Cooper
2015-11-20 1:16 ` Wu, Feng
2015-11-20 10:41 ` Andrew Cooper
2015-11-16 10:31 ` [PATCH 05/10] x86/hvm: pkeys, disable pkeys for guests in non-paging mode Huaitong Han
2015-11-16 14:03 ` Andrew Cooper
2015-11-16 10:31 ` [PATCH 06/10] x86/hvm: pkeys, add functions to get pkeys value from PTE Huaitong Han
2015-11-16 14:16 ` Andrew Cooper
2015-11-16 14:42 ` Jan Beulich
2015-11-16 10:31 ` [PATCH 07/10] x86/hvm: pkeys, add functions to support PKRU access/write Huaitong Han
2015-11-16 15:09 ` Andrew Cooper
2015-11-16 10:31 ` [PATCH 08/10] x86/hvm: pkeys, add pkeys support for do_page_fault Huaitong Han
2015-11-16 15:25 ` Andrew Cooper
2015-11-16 10:31 ` [PATCH 09/10] x86/hvm: pkeys, add pkeys support for guest_walk_tables Huaitong Han
2015-11-16 16:52 ` Andrew Cooper
2015-11-16 16:59 ` Andrew Cooper
2015-11-16 10:31 ` [PATCH 10/10] x86/hvm: pkeys, add xstate support for pkeys Huaitong Han
2015-11-16 16:52 ` Andrew Cooper
2015-11-16 17:45 ` [PATCH 00/10] x86/hvm: pkeys, add memory protection-key support Andrew Cooper
2015-11-17 10:26 ` Jan Beulich
2015-11-17 16:24 ` Andrew Cooper
2015-11-17 16:36 ` Jan Beulich
2015-11-18 9:12 ` Wu, Feng
2015-11-18 10:10 ` Andrew Cooper
2015-11-19 7:44 ` Wu, Feng
2015-11-19 8:44 ` Jan Beulich
2015-11-19 8:49 ` Wu, Feng
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1447669917-17939-4-git-send-email-huaitong.han@intel.com \
--to=huaitong.han@intel.com \
--cc=andrew.cooper3@citrix.com \
--cc=eddie.dong@intel.com \
--cc=george.dunlap@eu.citrix.com \
--cc=ian.campbell@citrix.com \
--cc=ian.jackson@eu.citrix.com \
--cc=jbeulich@suse.com \
--cc=jun.nakajima@intel.com \
--cc=keir@xen.org \
--cc=kevin.tian@intel.com \
--cc=stefano.stabellini@eu.citrix.com \
--cc=wei.liu2@citrix.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).