Xen 		  
Home About Xen.org Xen Xen Summit Wiki Mailing List Bug Tracker Xen Downloads
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [Xen-devel] EFER in HVM guests

from [Nakajima, Jun] [Permanent Link][Original]
To: "Petersson, Mats" <Mats.Petersson@xxxxxxx>, "Jan Beulich" <jbeulich@xxxxxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxx>, "Keir Fraser" <keir@xxxxxxxxxxxxx>
Subject: RE: [Xen-devel] EFER in HVM guests
From: "Nakajima, Jun" <jun.nakajima@xxxxxxxxx>
Date: Wed, 29 Nov 2006 10:24:13 -0800
Delivery-date: Wed, 29 Nov 2006 11:03:40 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: AccTv6r97XujPIxiQ5aNfYfQKg41qAAEUxeAAAL+E2AAAKjyYA==
Thread-topic: [Xen-devel] EFER in HVM guests 
Petersson, Mats wrote:
>> -----Original Message-----
>> From: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
>> [mailto:xen-devel-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of
>> Nakajima, Jun Sent: 29 November 2006 16:35
>> To: Jan Beulich; xen-devel@xxxxxxxxxxxxxxxxxxx; Keir Fraser
>> Subject: RE: [Xen-devel] EFER in HVM guests
>> 
>> Jan Beulich wrote:
>>>>>> Keir Fraser <keir@xxxxxxxxxxxxx> 29.11.06 14:09 >>>
>>>> On 29/11/06 13:07, "Jan Beulich" <jbeulich@xxxxxxxxxx> wrote:
>>>> 
>>>>> Is it intentional that
>>>>> - under SVM, 32-bit guests can freely set EFER.LME
>>>>> - under VMX, 32-bit guests can't access EFER at all?
>>>>> 
>>>>> Thanks, Jan
>>>> 
>>>> I'm sure any differences are unintentional. There is obviously
>>>> scope for making much of the MSR and CPUID code non-vmx/svm
>>>> specific. 
>>>> 
>>>> I assume that this particular difference doesn't really matter?
>>> 
>>> I think it does - allowing a guest to enable EFER.LME when the
>>> hypervisor is a 32-bit one is clearly a security problem: While I
>>> haven't tried it, I would suspect the moment you load a context
>>> with such an EFER the whole system's dead.
>>> Not being able to access EFER is also a potential problem, as a
>>> guest should be allowed to set EFER.NX (at least) - the CPUID
>>> handling code specifically does not suppress this bit if the guest
>>> is allowed to use PAE (which we agreed a few days ago should
>>> be the default anyway).
>>> 
>>> Jan
>>> 
>> 
>> I agree that we should allow 32-bit guests to set EFER.NX on the PAE
>> Xen. We'll fix it. EFER.SCE should not be set on IA-32.
> 
> Why not? If CPUID bits indicate that it's available, it can be used in
> 32- or 64-bit mode.
> 

On IA-32 (i.e. I meant Intel), it's not available. The merged HVM code
should use CPUID to handle this kind of differences. 

Jun
---
Intel Open Source Technology Center

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [Xen-devel] EFER in HVM guests, Petersson, Mats
Next by Date:  [Xen-devel] [PATCH] Properly change blkfront state to XenbusStateClosed, Glauber de Oliveira Costa
Previous by Thread:  RE: [Xen-devel] EFER in HVM guests, Petersson, Mats
Next by Thread:  [Xen-devel] [PATCH] XENMEM_memory_map and DOMCTL_set_memmap_limit implementation, Glauber de Oliveira Costa
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , XenSource, Inc. All rights reserved. Note: the xen.org trademark policy
is changing. For information please email legalxen.org, Legal and Privacy