| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 19 May 2009 16:17:08 +0200 From: Ingo Molnar <mingo@...e.hu> To: Gerd Hoffmann <kraxel@...hat.com> Cc: Jan Beulich <JBeulich@...ell.com>, Jeremy Fitzhardinge <jeremy@...p.org>, Xen-devel <xen-devel@...ts.xensource.com>, the arch/x86 maintainers <x86@...nel.org>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, Jesse Barnes <jbarnes@...tuousgeek.org>, "Eric W. Biederman" <ebiederm@...ssion.com>, "H. Peter Anvin" <hpa@...or.com>, Thomas Gleixner <tglx@...utronix.de>, Linus Torvalds <torvalds@...ux-foundation.org> Subject: Re: [Xen-devel] Re: [GIT PULL] xen /proc/mtrr implementation * Gerd Hoffmann <kraxel@...hat.com> wrote: > On 05/19/09 15:31, Ingo Molnar wrote: >> * Gerd Hoffmann<kraxel@...hat.com> wrote: >> >>> On 05/19/09 14:26, Ingo Molnar wrote: >>>> * Gerd Hoffmann<kraxel@...hat.com> wrote: >>>> >>>>> On 05/19/09 13:08, Ingo Molnar wrote: >>>>>> Or, alternatively, the hypervisor can expose its own administrative >>>>>> interface to manage MTRRs. >>>>> Guess what? Xen does exactly that. And the xen mtrr_ops >>>>> implementation uses that interface ... >>>> No, that is not an 'administrative interface' - that is a guest >>>> kernel level hack that complicates Linux, extends its effective ABI >>>> dependencies and which has to be maintained there from that point >>>> on. >>>> >>>> There's really just three proper technical solutions here: >>>> >>>> - either catch the lowlevel CPU hw ops (the MSR modifications, which >>>> isnt really all that different from the mtrr_ops approach so it >>>> shouldnt pose undue difficulties to the Xen hypervisor). >>> Devil is in the details. >>> >>> The dom0 kernel might not see all physical cpus on the system. So >>> Xen can't leave the job of looping over all cpus to the dom0 >>> kernel, Xen has to apply the changes made by the (priviledged) >>> guest kernel on any (virtual) cpu to all (physical) cpus in the >>> machine. >> >> Applying MTRR changes to only part of the CPUs is utter madness. > > Sure. Do you read what I'm writing? > >>> Which in turn means the "lowlevel cpu hw op" would work in a >>> slightly different way on Xen and native. Nasty. >>> >>>> That will >>>> be maximally transparent and compatible, with zero changes needed >>>> to the Linux kernel. >>> No, the linux kernel probably should do the wrmsr on one cpu only then. >> >> Why? > > See above. Xen has to apply the changes to all cpus anyway. do _you_ read what i wrote, in the thread you are replying to: | | The change of MTRR's on _any_ of the guest CPUs in a dom0 context | should immediately be refected on all CPUs. Assymetric MTRR | settings are madness. | >>> Oops, the third "proper technical solutions" is missing. >> >> Yeah, the third one is to not touch MTRRs after bootup and use PAT. > > Works only in case the CPU has PAT support. Which specific CPU without PAT support do you worry about? Ingo -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists