lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20150904014040.GA8051@wotan.suse.de>
Date:	Fri, 4 Sep 2015 03:40:40 +0200
From:	"Luis R. Rodriguez" <mcgrof@...e.com>
To:	Toshi Kani <toshi.kani@....com>
Cc:	Prarit Bhargava <prarit@...hat.com>,
	Stuart Hayes <stuart.w.hayes@...il.com>, tglx@...utronix.de,
	mingo@...hat.com, "H. Peter Anvin" <hpa@...or.com>,
	linux-kernel@...r.kernel.org, x86@...nel.org,
	mcgrof@...not-panic.com, Toshi Kani <toshi.kani@...com>,
	Jan Beulich <JBeulich@...e.com>,
	Juergen Gross <jgross@...e.com>,
	Roger Pau Monné <roger.pau@...rix.com>,
	xen-devel@...ts.xensource.com
Subject: Re: Fwd: [PATCH] x86: Use larger chunks in mtrr_cleanup

On Thu, Sep 03, 2015 at 06:48:46PM -0600, Toshi Kani wrote:
> On Fri, 2015-09-04 at 01:54 +0200, Luis R. Rodriguez wrote:
> > On Thu, Sep 03, 2015 at 05:21:14PM -0600, Toshi Kani wrote:
> > > On Fri, 2015-09-04 at 00:45 +0200, Luis R. Rodriguez wrote:
> > > > On Thu, Sep 03, 2015 at 04:25:31PM -0600, Toshi Kani wrote:
>  :
> > > > > On Xen,
> > > > 
> > > > When Xen is used a platform firmware may still set up MTRR, even if the
> > > > hypervisor doesn't set up MTRR right ? So same issue and question here.
> > > 
> > > Right, I meant to say Xen guests.
> > 
> > Ah but its import complicated than that.
> > 
> > > In case of the Xen hypervisor,
> > > mtrr_type_lookup() returns a valid type as it runs on a platform.
> > 
> > I am not sure if this happens today, I know MTRR is simply disabled by
> > the Xen Hypervisor on the CPU explicitly, it disable it so guests reading
> > the MTRR capabilities sees it as disabled when queried.
> 
> Oh, I would not let the hypervisor to disable MTRRs...

Commit 586ab6a055376ec3f3e1e8 ("x86/pvh: disable MTRR feature on cpuid for Dom0")
by Roger Pau Monné disables MTRR for PVH dom0, so that cpuid returns that
MTRR is disabled to guests. Then later on Linux as of commit 47591df50512
("xen: Support Xen pv-domains using PAT") added by Juergen as of v3.19
Linux guests can end up booting without MTRR but with PAT now enabled.

> > Then since the Xen Linux guests cannot speak MTRR through the hypervisor
> > (for instance Xen guests cannot ask Xen hypervisor to mtrr_type_lookup() for
> > it) if PCI passthrough is used it could mean a guest might set up / use
> > incorrect info as well.
> > 
> > If I undestand this correctly then I think we're in a pickle with Xen unless
> > we add hypervisor support and hypercall support for mtrr_type_lookup().
> 
> I was under assumption that MTRRs are emulated and disabled on guests.

Some "special" flavor Linux guests (with non-upstream code) have guest
MTRR hypercall support, for vanilla Xen and Linux they just never get MTRR
support. After Juergen's Linux changes though Xen guests can now get
shiny PAT support. Since MTRR hypercall support is not upstream and MTRR is
ancient I decided instead of adding MTRR hypercall support upstream to go with
converting all drivers to PAT interfaces, with the assumption there would be no
issues.

> Isn't guest physical address virtualized?

It is, there is a xen iotlb and stuff but that should ensure dom0 gets
to get proper access to devices, and if you use PCI passthrough you want
the best experience as well.

> I know other proprietary VMMs on IA64,
> but know nothing about Xen...  So, please disregard my comments to Xen. :-)

No worries, no one knows all the answers, we work together to remove
cob webs off of these odd corners no one cares about :)

  Luis
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ