From mboxrd@z Thu Jan  1 00:00:00 1970
From: Andrew Cooper <andrew.cooper3@citrix.com>
Subject: Re: [PATCH 04/10] x86/hvm: pkeys,
 add pkeys support when setting CR4
Date: Fri, 20 Nov 2015 10:41:13 +0000
Message-ID: <564EF8C9.4010105@citrix.com>
References: <1447669917-17939-1-git-send-email-huaitong.han@intel.com>
	<1447669917-17939-5-git-send-email-huaitong.han@intel.com>
	<E959C4978C3B6342920538CF579893F00AE7A75E@SHSMSX104.ccr.corp.intel.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
In-Reply-To: <E959C4978C3B6342920538CF579893F00AE7A75E@SHSMSX104.ccr.corp.intel.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: "Wu, Feng" <feng.wu@intel.com>, "Han, Huaitong" <huaitong.han@intel.com>, "jbeulich@suse.com" <jbeulich@suse.com>, "Nakajima, Jun" <jun.nakajima@intel.com>, "Dong, Eddie" <eddie.dong@intel.com>, "Tian,
	Kevin" <kevin.tian@intel.com>, "george.dunlap@eu.citrix.com" <george.dunlap@eu.citrix.com>, "ian.jackson@eu.citrix.com" <ian.jackson@eu.citrix.com>, "stefano.stabellini@eu.citrix.com" <stefano.stabellini@eu.citrix.com>, "ian.campbell@citrix.com" <ian.campbell@citrix.com>, "wei.liu2@citrix.com" <wei.liu2@citrix.com>, "keir@xen.org" <keir@xen.org>
Cc: "xen-devel@lists.xen.org" <xen-devel@lists.xen.org>
List-Id: xen-devel@lists.xenproject.org

On 20/11/15 01:16, Wu, Feng wrote:
>> diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
>> index 66917ff..953047f 100644
>> --- a/xen/arch/x86/hvm/hvm.c
>> +++ b/xen/arch/x86/hvm/hvm.c
>> @@ -1911,6 +1911,7 @@ static unsigned long
>> hvm_cr4_guest_reserved_bits(const struct vcpu *v,
>>          leaf1_edx = boot_cpu_data.x86_capability[X86_FEATURE_VME / 32];
>>          leaf1_ecx = boot_cpu_data.x86_capability[X86_FEATURE_PCID / 32];
>>          leaf7_0_ebx = boot_cpu_data.x86_capability[X86_FEATURE_FSGSBASE /
>> 32];
>> +        leaf7_0_ecx = boot_cpu_data.x86_capability[X86_FEATURE_PKU / 32];
> What is the purpose of the above change?

So the hunk below can correctly audit a guests attempt to set CR4.PKE.

~Andrew

>
>>      }
>>
>>      return ~(unsigned long)
>> @@ -1946,7 +1947,9 @@ static unsigned long
>> hvm_cr4_guest_reserved_bits(const struct vcpu *v,
>>               (leaf7_0_ebx & cpufeat_mask(X86_FEATURE_SMEP) ?
>>                X86_CR4_SMEP : 0) |
>>               (leaf7_0_ebx & cpufeat_mask(X86_FEATURE_SMAP) ?
>> -              X86_CR4_SMAP : 0));
>> +              X86_CR4_SMAP : 0) |
>> +             (leaf7_0_ecx & cpufeat_mask(X86_FEATURE_PKU) ?
>> +              X86_CR4_PKE : 0));
>>  }
>>
>>  static int hvm_load_cpu_ctxt(struct domain *d, hvm_domain_context_t *h)