lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 9 Nov 2017 16:01:42 +0100
From:   Juergen Gross <>
To:     Dave Hansen <>,
Subject: Re: [PATCH 30/30] x86, kaiser, xen: Dynamically disable KAISER when
 running under Xen PV

On 08/11/17 20:47, Dave Hansen wrote:
> From: Dave Hansen <>
> If you paravirtualize the MMU, you can not use KAISER.  This boils down
> to the fact that KAISER needs to do CR3 writes in places that it is not
> feasible to do real hypercalls.
> If we detect that Xen PV is in use, do not do the KAISER CR3 switches.
> I don't think this too bug of a deal for Xen.  I was under the
> impression that the Xen guest kernel and Xen guest userspace didn't
> share an address space *anyway* so Xen PV is not normally even exposed
> to the kinds of things that KAISER protects against.
> This allows KAISER=y kernels to deployed in environments that also
> require PARAVIRT=y.
> Signed-off-by: Dave Hansen <>

Acked-by: Juergen Gross <>


Powered by blists - more mailing lists