| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 4 Sep 2015 03:40:40 +0200
From: "Luis R. Rodriguez" <mcgrof@...e.com>
To: Toshi Kani <toshi.kani@....com>
Cc: Prarit Bhargava <prarit@...hat.com>,
Stuart Hayes <stuart.w.hayes@...il.com>, tglx@...utronix.de,
mingo@...hat.com, "H. Peter Anvin" <hpa@...or.com>,
linux-kernel@...r.kernel.org, x86@...nel.org,
mcgrof@...not-panic.com, Toshi Kani <toshi.kani@...com>,
Jan Beulich <JBeulich@...e.com>,
Juergen Gross <jgross@...e.com>,
Roger Pau Monné <roger.pau@...rix.com>,
xen-devel@...ts.xensource.com
Subject: Re: Fwd: [PATCH] x86: Use larger chunks in mtrr_cleanup
On Thu, Sep 03, 2015 at 06:48:46PM -0600, Toshi Kani wrote:
> On Fri, 2015-09-04 at 01:54 +0200, Luis R. Rodriguez wrote:
> > On Thu, Sep 03, 2015 at 05:21:14PM -0600, Toshi Kani wrote:
> > > On Fri, 2015-09-04 at 00:45 +0200, Luis R. Rodriguez wrote:
> > > > On Thu, Sep 03, 2015 at 04:25:31PM -0600, Toshi Kani wrote:
> :
> > > > > On Xen,
> > > >
> > > > When Xen is used a platform firmware may still set up MTRR, even if the
> > > > hypervisor doesn't set up MTRR right ? So same issue and question here.
> > >
> > > Right, I meant to say Xen guests.
> >
> > Ah but its import complicated than that.
> >
> > > In case of the Xen hypervisor,
> > > mtrr_type_lookup() returns a valid type as it runs on a platform.
> >
> > I am not sure if this happens today, I know MTRR is simply disabled by
> > the Xen Hypervisor on the CPU explicitly, it disable it so guests reading
> > the MTRR capabilities sees it as disabled when queried.
>
> Oh, I would not let the hypervisor to disable MTRRs...
Commit 586ab6a055376ec3f3e1e8 ("x86/pvh: disable MTRR feature on cpuid for Dom0")
by Roger Pau Monné disables MTRR for PVH dom0, so that cpuid returns that
MTRR is disabled to guests. Then later on Linux as of commit 47591df50512
("xen: Support Xen pv-domains using PAT") added by Juergen as of v3.19
Linux guests can end up booting without MTRR but with PAT now enabled.
> > Then since the Xen Linux guests cannot speak MTRR through the hypervisor
> > (for instance Xen guests cannot ask Xen hypervisor to mtrr_type_lookup() for
> > it) if PCI passthrough is used it could mean a guest might set up / use
> > incorrect info as well.
> >
> > If I undestand this correctly then I think we're in a pickle with Xen unless
> > we add hypervisor support and hypercall support for mtrr_type_lookup().
>
> I was under assumption that MTRRs are emulated and disabled on guests.
Some "special" flavor Linux guests (with non-upstream code) have guest
MTRR hypercall support, for vanilla Xen and Linux they just never get MTRR
support. After Juergen's Linux changes though Xen guests can now get
shiny PAT support. Since MTRR hypercall support is not upstream and MTRR is
ancient I decided instead of adding MTRR hypercall support upstream to go with
converting all drivers to PAT interfaces, with the assumption there would be no
issues.
> Isn't guest physical address virtualized?
It is, there is a xen iotlb and stuff but that should ensure dom0 gets
to get proper access to devices, and if you use PCI passthrough you want
the best experience as well.
> I know other proprietary VMMs on IA64,
> but know nothing about Xen... So, please disregard my comments to Xen. :-)
No worries, no one knows all the answers, we work together to remove
cob webs off of these odd corners no one cares about :)
Luis
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists