| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 9 Nov 2017 16:01:42 +0100
From: Juergen Gross <jgross@...e.com>
To: Dave Hansen <dave.hansen@...ux.intel.com>,
linux-kernel@...r.kernel.org
Cc: linux-mm@...ck.org, moritz.lipp@...k.tugraz.at,
daniel.gruss@...k.tugraz.at, michael.schwarz@...k.tugraz.at,
richard.fellner@...dent.tugraz.at, luto@...nel.org,
torvalds@...ux-foundation.org, keescook@...gle.com,
hughd@...gle.com, x86@...nel.org
Subject: Re: [PATCH 30/30] x86, kaiser, xen: Dynamically disable KAISER when
running under Xen PV
On 08/11/17 20:47, Dave Hansen wrote:
> From: Dave Hansen <dave.hansen@...ux.intel.com>
>
> If you paravirtualize the MMU, you can not use KAISER. This boils down
> to the fact that KAISER needs to do CR3 writes in places that it is not
> feasible to do real hypercalls.
>
> If we detect that Xen PV is in use, do not do the KAISER CR3 switches.
>
> I don't think this too bug of a deal for Xen. I was under the
> impression that the Xen guest kernel and Xen guest userspace didn't
> share an address space *anyway* so Xen PV is not normally even exposed
> to the kinds of things that KAISER protects against.
>
> This allows KAISER=y kernels to deployed in environments that also
> require PARAVIRT=y.
>
> Signed-off-by: Dave Hansen <dave.hansen@...ux.intel.com>
Acked-by: Juergen Gross <jgross@...e.com>
Juergen
Powered by blists - more mailing lists