From: Juergen Gross <jgross@suse.com>
To: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Cc: Jan Beulich <JBeulich@suse.com>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
"xen-devel@lists.xensource.com" <xen-devel@lists.xensource.com>,
Kees Cook <keescook@chromium.org>,
Stefan Bader <stefan.bader@canonical.com>,
David Vrabel <david.vrabel@citrix.com>
Subject: Re: [Xen-devel] [PATCH] Solved the Xen PV/KASLR riddle
Date: Wed, 03 Sep 2014 06:07:16 +0200 [thread overview]
Message-ID: <540693F4.8080109@suse.com> (raw)
In-Reply-To: <20140902192204.GF3291@laptop.dumpdata.com>
On 09/02/2014 09:22 PM, Konrad Rzeszutek Wilk wrote:
> On Mon, Sep 01, 2014 at 06:03:06AM +0200, Juergen Gross wrote:
>> On 08/29/2014 04:55 PM, Konrad Rzeszutek Wilk wrote:
>>> On Fri, Aug 29, 2014 at 03:44:06PM +0100, Jan Beulich wrote:
>>>>>>> On 29.08.14 at 16:27, <stefan.bader@canonical.com> wrote:
>>>>> Sure. Btw, someone also contacted me saying they have the same problem
>>>>> without
>>>>> changing the layout but having really big initrd (500M). While that feels
>>>>> like
>>>>> it should be impossible (if the kernel+initrd+xen stuff has to fix the 512M
>>>>> kernel image size area then). But if it can happen, then surely it does
>>>>> cause
>>>>> mappings to be where the module space starts then.
>>>>
>>>> Since the initrd doesn't really need to be mapped into the (limited)
>>>> virtual address space a pv guest starts with, we specifically got
>>>>
>>>> /*
>>>> * Whether or not the guest can deal with being passed an initrd not
>>>> * mapped through its initial page tables.
>>>> */
>>>> #define XEN_ELFNOTE_MOD_START_PFN 16
>>>>
>>>> to deal with that situation. The hypervisor side for Dom0 is in place,
>>>> and the kernel side works in our (classic) kernels. Whether it got
>>>> implemented for DomU meanwhile I don't know; I'm pretty certain
>>>> pv-ops kernels don't support it so far.
>>>
>>> Correct - Not implemented. Here is what I had mentioned in the past:
>>> (see http://lists.xen.org/archives/html/xen-devel/2014-03/msg00580.html)
>>>
>>>
>>> XEN_ELFNOTE_INIT_P2M, XEN_ELFNOTE_MOD_START_PFN - I had been looking
>>> at that but I can't figure out a nice way of implementing this
>>> without the usage of SPARSEMAP_VMAP virtual addresses - which is how
>>> the classic Xen does it. But then - I don't know who is using huge PV
>>> guests - as the PVHVM does a fine job? But then with PVH, now you can
>>> boot with large amount of memory (1TB?) - so some of these issues
>>> would go away? Except the 'large ramdisk' as that would eat in the
>>> MODULES_VADDR I think? Needs more thinking.
>>>
>>> .. and then I left it and to my suprise saw on Luis's slides that
>>> Jurgen is going to take a look at that (500GB support).
>>
>> I have a patch which should do the job. It is based on the classic
>> kernel patch Jan mentioned above. The system is coming up with it, I
>> haven't tested it with a huge initrd up to now. My plan was to post the
>> patch together with the rest of the >500GB support, but I can send it
>> on it's own if required.
>
> Oooh goodies! I think it makes sense to post it whenever you think
> it is in the right state to be posted.
>
> Now that your pvSCSI drivers are in, you have tons of free time
> I suspect :-)
Oh yeah. Only one or two lines missing in xl to support it. :-)
I hope to have the >500GB patch ready for testing soon. I'd prefer to
combine this and the large initrd patch in one series, as both need the
same headers to be synced with Xen. In case I'm meeting some serious
issues I'll post the large initrd patch on Friday.
Juergen
prev parent reply other threads:[~2014-09-03 4:07 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-08 11:20 Xen PV domain regression with KASLR enabled (kernel 3.16) Stefan Bader
2014-08-08 12:43 ` [Xen-devel] " David Vrabel
2014-08-08 14:35 ` Stefan Bader
2014-08-12 17:28 ` Kees Cook
2014-08-12 18:05 ` Stefan Bader
2014-08-12 18:53 ` Kees Cook
2014-08-12 19:07 ` Konrad Rzeszutek Wilk
2014-08-21 16:03 ` Kees Cook
2014-08-22 9:20 ` Stefan Bader
2014-08-26 16:01 ` Konrad Rzeszutek Wilk
2014-08-27 8:03 ` Stefan Bader
2014-08-27 20:49 ` Konrad Rzeszutek Wilk
2014-08-28 18:01 ` [PATCH] Solved the Xen PV/KASLR riddle Stefan Bader
2014-08-28 22:22 ` Kees Cook
2014-08-28 22:42 ` Andrew Cooper
2014-08-29 8:37 ` [Xen-devel] " Stefan Bader
2014-08-29 14:19 ` Andrew Cooper
2014-08-29 14:32 ` Stefan Bader
2014-08-29 14:43 ` Andrew Cooper
2014-08-29 14:08 ` Konrad Rzeszutek Wilk
2014-08-29 14:27 ` Stefan Bader
2014-08-29 14:31 ` David Vrabel
2014-08-29 14:35 ` Stefan Bader
2014-08-29 14:44 ` [Xen-devel] " Jan Beulich
2014-08-29 14:55 ` Konrad Rzeszutek Wilk
2014-09-01 4:03 ` Juergen Gross
2014-09-02 19:22 ` Konrad Rzeszutek Wilk
2014-09-03 4:07 ` Juergen Gross [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=540693F4.8080109@suse.com \
--to=jgross@suse.com \
--cc=JBeulich@suse.com \
--cc=david.vrabel@citrix.com \
--cc=keescook@chromium.org \
--cc=konrad.wilk@oracle.com \
--cc=linux-kernel@vger.kernel.org \
--cc=stefan.bader@canonical.com \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).