From: Thomas Garnier <thgarnie@google.com>
To: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Cc: "Michal Hocko" <mhocko@suse.com>,
"Stanislaw Gruszka" <sgruszka@redhat.com>,
"kvm list" <kvm@vger.kernel.org>,
"linux-doc@vger.kernel.org" <linux-doc@vger.kernel.org>,
"Matt Fleming" <matt@codeblueprint.co.uk>,
"Frederic Weisbecker" <fweisbec@gmail.com>,
"X86 ML" <x86@kernel.org>,
"Chris Wilson" <chris@chris-wilson.co.uk>,
"Dave Hansen" <dave.hansen@intel.com>,
"linux-efi@vger.kernel.org" <linux-efi@vger.kernel.org>,
"Alexander Potapenko" <glider@google.com>,
"Pavel Machek" <pavel@ucw.cz>, "H . Peter Anvin" <hpa@zytor.com>,
"kernel-hardening@lists.openwall.com"
<kernel-hardening@lists.openwall.com>,
"Andrey Ryabinin" <aryabinin@virtuozzo.com>,
"Jiri Olsa" <jolsa@redhat.com>, zijun_hu <zijun_hu@htc.com>,
"Prarit Bhargava" <prarit@redhat.com>,
"Andi Kleen" <ak@linux.intel.com>,
"Jonathan Corbet" <corbet@lwn.net>,
"Michael Ellerman" <mpe@ellerman.id.au>,
"Joerg Roedel" <joro@8bytes.org>
Subject: Re: [PATCH v5 2/3] x86: Remap GDT tables in the Fixmap section
Date: Mon, 13 Mar 2017 12:24:21 -0700 [thread overview]
Message-ID: <CAJcbSZG75_cHxWp2eJ+XPiKZMbf2NNGwoS+8qkmXQ=rH2FURCQ__45015.208485029$1489433136$gmane$org@mail.gmail.com> (raw)
In-Reply-To: <f2230734-a13f-6c0d-8a01-15fd4408e799@oracle.com>
On Mon, Mar 13, 2017 at 11:32 AM, Boris Ostrovsky
<boris.ostrovsky@oracle.com> wrote:
> There are a couple of problems for Xen PV guests that need to be addressed:
> 1. Xen's set_fixmap op needs non-default handling for
> FIX_GDT_REMAP_BEGIN range
> 2. GDT remapping for PV guests needs to be RO for both 64 and 32-bit guests.
>
> I don't know how you prefer to deal with (2), patch below is one
> suggestion. With it all my boot tests (Xen and bare-metal) passed.
>
Good suggestion, I think I will use most of it. Thanks!
> One problem with applying it directly is that kernel becomes
> not-bisectable (Xen-wise) between patches 2 and 3 so perhaps you might
> pull some of the changes from patch 3 to patch 2.
>
Yes that make sense, I will have to add the global variable on patch 2
and rebase 3 correctly.
--
Thomas
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
next prev parent reply other threads:[~2017-03-13 19:24 UTC|newest]
Thread overview: 59+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-03-06 22:03 [PATCH v5 1/3] x86/mm: Adapt MODULES_END based on Fixmap section size Thomas Garnier
2017-03-06 22:03 ` [kernel-hardening] " Thomas Garnier
2017-03-06 22:03 ` Thomas Garnier
2017-03-06 22:03 ` Thomas Garnier
2017-03-06 22:03 ` [PATCH v5 2/3] x86: Remap GDT tables in the Fixmap section Thomas Garnier
2017-03-06 22:03 ` Thomas Garnier
2017-03-06 22:03 ` [kernel-hardening] " Thomas Garnier
2017-03-06 22:03 ` Thomas Garnier
2017-03-06 22:03 ` Thomas Garnier
2017-03-09 21:32 ` Andy Lutomirski
2017-03-09 21:32 ` Andy Lutomirski
2017-03-09 21:32 ` [kernel-hardening] " Andy Lutomirski
2017-03-09 21:32 ` Andy Lutomirski
2017-03-09 21:32 ` Andy Lutomirski
2017-03-09 21:43 ` Andrew Cooper
2017-03-09 21:43 ` [kernel-hardening] Re: [Xen-devel] " Andrew Cooper
2017-03-09 21:43 ` Andrew Cooper
2017-03-09 21:46 ` Andy Lutomirski
2017-03-09 21:46 ` [kernel-hardening] " Andy Lutomirski
2017-03-09 21:46 ` Andy Lutomirski
2017-03-09 21:54 ` Thomas Garnier
2017-03-09 21:54 ` [Xen-devel] " Thomas Garnier
2017-03-09 21:54 ` [kernel-hardening] " Thomas Garnier
2017-03-09 21:54 ` Thomas Garnier
2017-03-09 21:56 ` Boris Ostrovsky
2017-03-09 21:56 ` [Xen-devel] " Boris Ostrovsky
2017-03-09 21:56 ` [kernel-hardening] " Boris Ostrovsky
2017-03-09 21:56 ` Boris Ostrovsky
2017-03-09 22:13 ` Boris Ostrovsky
2017-03-09 22:13 ` [Xen-devel] " Boris Ostrovsky
2017-03-09 22:13 ` [kernel-hardening] " Boris Ostrovsky
2017-03-09 22:13 ` Boris Ostrovsky
2017-03-09 22:31 ` Thomas Garnier
2017-03-09 22:31 ` [Xen-devel] " Thomas Garnier
2017-03-09 22:31 ` [kernel-hardening] " Thomas Garnier
2017-03-09 22:31 ` Thomas Garnier
2017-03-09 23:17 ` Boris Ostrovsky
2017-03-09 23:17 ` [Xen-devel] " Boris Ostrovsky
2017-03-09 23:17 ` [kernel-hardening] " Boris Ostrovsky
2017-03-09 23:17 ` Boris Ostrovsky
2017-03-13 18:32 ` Boris Ostrovsky
2017-03-13 18:32 ` [Xen-devel] " Boris Ostrovsky
2017-03-13 18:32 ` [kernel-hardening] " Boris Ostrovsky
2017-03-13 18:32 ` Boris Ostrovsky
2017-03-13 19:24 ` Thomas Garnier
2017-03-13 19:24 ` [kernel-hardening] " Thomas Garnier
2017-03-13 19:24 ` Thomas Garnier
2017-03-13 19:24 ` Thomas Garnier [this message]
2017-03-09 21:46 ` Andy Lutomirski
2017-03-06 22:03 ` [PATCH v5 3/3] x86: Make the GDT remapping read-only on 64-bit Thomas Garnier
2017-03-06 22:03 ` Thomas Garnier
2017-03-06 22:03 ` [kernel-hardening] " Thomas Garnier
2017-03-06 22:03 ` Thomas Garnier
2017-03-06 22:03 ` Thomas Garnier
2017-03-09 21:35 ` Andy Lutomirski
2017-03-09 21:35 ` Andy Lutomirski
2017-03-09 21:35 ` [kernel-hardening] " Andy Lutomirski
2017-03-09 21:35 ` Andy Lutomirski
2017-03-09 21:35 ` Andy Lutomirski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAJcbSZG75_cHxWp2eJ+XPiKZMbf2NNGwoS+8qkmXQ=rH2FURCQ__45015.208485029$1489433136$gmane$org@mail.gmail.com' \
--to=thgarnie@google.com \
--cc=ak@linux.intel.com \
--cc=aryabinin@virtuozzo.com \
--cc=boris.ostrovsky@oracle.com \
--cc=chris@chris-wilson.co.uk \
--cc=corbet@lwn.net \
--cc=dave.hansen@intel.com \
--cc=fweisbec@gmail.com \
--cc=glider@google.com \
--cc=hpa@zytor.com \
--cc=jolsa@redhat.com \
--cc=joro@8bytes.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=kvm@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-efi@vger.kernel.org \
--cc=matt@codeblueprint.co.uk \
--cc=mhocko@suse.com \
--cc=mpe@ellerman.id.au \
--cc=pavel@ucw.cz \
--cc=prarit@redhat.com \
--cc=sgruszka@redhat.com \
--cc=x86@kernel.org \
--cc=zijun_hu@htc.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.