lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <m1mz0se4f2.fsf@ebiederm.dsl.xmission.com>
Date:	Sat, 28 Apr 2007 12:32:01 -0600
From:	ebiederm@...ssion.com (Eric W. Biederman)
To:	Andi Kleen <ak@...e.de>
Cc:	Jeremy Fitzhardinge <jeremy@...p.org>,
	"H. Peter Anvin" <hpa@...or.com>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	Andrew Morton <akpm@...ux-foundation.org>
Subject: Re: [PATCH] x86: fix PSE pagetable construction

Andi Kleen <ak@...e.de> writes:

> On Saturday 28 April 2007 19:23:55 Eric W. Biederman wrote:
>> Andi Kleen <ak@...e.de> writes:
>> 
>> >> My preference would be for whoever had:
>> >> paravirt_ops-hooks-to-set-up-initial-pagetable.patch
>> >
>> > That would be very messy because there are many followup dependencies.
>> >
>> > But once we have a good fix aggreed by everybody I can merge it into the 
>> > initial patch then.
>> 
>> I don't see Xen patches merged yet in your tree yet.
>
> Hmm, I thought you were talking about paravirt-initial-pagetable ?

Yes that is the patch with problems.

> That one is in my tree already. The Xen patches that are still outstanding
> iirc are all addons patches, as they don't impact existing code paths anymore.

Ok.

Right now Xen is the only paravirtualization solution that wants to make
page tables read only.

The current Xen methodology is to setup the identity mapping with the
initial page table set to read-only, before calling paging_init().
kernel_physical_mapping_init was modified to skip pages which are
already in the page table.

However in other cases this causes us to fail to setup important bits
like PSE and NX where we want them on the page tables.  So for the
leaf pages we need to continue setting things at least on real hardware.

The current plan was that Jeremy was going to go and modify the
Xen set_pte early in boot, to preserve to mask off _PAGE_RW in
early boot for pages that don't currently have _PAGE_RW set.

So the fix is two parts.
- Part one unconditionally set the page table entries for
  4K and pse pages.
- Fix the Xen set_pte.

Short of making the identity mapping setup paravirt specific 
I don't know what we can do.

Eric
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ