From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Jan Beulich <JBeulich@suse.com>
Cc: Xen-devel <xen-devel@lists.xen.org>
Subject: Re: [PATCH 10/10] x86/cpuid: Always enable faulting for the control domain
Date: Wed, 22 Feb 2017 10:00:03 +0000 [thread overview]
Message-ID: <df45b693-b9e5-b583-1349-250f53dcc25b@citrix.com> (raw)
In-Reply-To: <58AD66BE020000780013CA46@prv-mh.provo.novell.com>
On 22/02/17 09:23, Jan Beulich wrote:
>>>> On 20.02.17 at 12:00, <andrew.cooper3@citrix.com> wrote:
>> The domain builder in libxc no longer depends on leaked CPUID information to
>> properly construct HVM domains. Remove the control domain exclusion.
> Am I missing some intermediate step? As long as there's a raw
> CPUID invocation in xc_cpuid_x86.c (which is still there in staging
> and I don't recall this series removing it) it at least _feels_ unsafe.
Strictly speaking, the domain builder part of this was completed after
my xsave adjustments. All the guest-type-dependent information now
comes from non-cpuid sources in libxc, or Xen ignores the toolstack
values and recalculates information itself.
However, until the Intel leaves were complete, dom0 had a hard time
booting with this change as there were no toolstack-provided policy and
no leakage from hardware.
>
> Also the change here then results in Dom0 observing different
> behavior between faulting-capable and faulting-incapable hosts.
> I'm not convinced this is desirable.
I disagree. Avoiding the leakage is very desirable moving forwards.
Other side effects are that it makes PV and PVH dom0 functionally
identical WRT CPUID, and PV userspace (which, unlikely the kernel, tends
not to be Xen-aware) sees sensible information.
~Andrew
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
next prev parent reply other threads:[~2017-02-22 10:00 UTC|newest]
Thread overview: 65+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-20 11:00 [PATCH 00/10] x86/cpuid: Remove the legacy infrastructure Andrew Cooper
2017-02-20 11:00 ` [PATCH 01/10] x86/cpuid: Disallow policy updates once the domain is running Andrew Cooper
2017-02-21 16:37 ` Jan Beulich
2017-02-20 11:00 ` [PATCH 02/10] x86/gen-cpuid: Clarify the intended meaning of AVX wrt feature dependencies Andrew Cooper
2017-02-21 16:40 ` Jan Beulich
2017-02-21 16:41 ` Andrew Cooper
2017-02-21 16:47 ` Jan Beulich
2017-02-21 16:53 ` Andrew Cooper
2017-02-21 17:07 ` Jan Beulich
2017-02-21 17:12 ` Andrew Cooper
2017-02-21 17:17 ` Jan Beulich
2017-02-21 17:42 ` Andrew Cooper
2017-02-22 7:13 ` Jan Beulich
2017-02-20 11:00 ` [PATCH 03/10] x86/cpuid: Handle leaf 0x1 in guest_cpuid() Andrew Cooper
2017-02-21 16:59 ` Jan Beulich
2017-02-21 17:13 ` Andrew Cooper
2017-02-21 17:20 ` Jan Beulich
2017-02-21 17:29 ` Andrew Cooper
2017-02-22 7:16 ` Jan Beulich
2017-02-20 11:00 ` [PATCH 04/10] x86/cpuid: Handle leaf 0x4 " Andrew Cooper
2017-02-21 17:16 ` Jan Beulich
2017-02-21 17:35 ` Andrew Cooper
2017-02-22 7:23 ` Jan Beulich
2017-02-22 7:55 ` Andrew Cooper
2017-03-10 16:27 ` [PATCH v2 " Andrew Cooper
2017-03-13 12:03 ` Jan Beulich
2017-03-13 12:51 ` Andrew Cooper
2017-03-13 13:05 ` Jan Beulich
2017-03-13 13:24 ` Andrew Cooper
2017-03-13 13:36 ` Jan Beulich
2017-02-20 11:00 ` [PATCH 05/10] x86/cpuid: Handle leaf 0x5 " Andrew Cooper
2017-02-21 17:22 ` Jan Beulich
2017-02-20 11:00 ` [PATCH 06/10] x86/cpuid: Handle leaf 0x6 " Andrew Cooper
2017-02-21 17:25 ` Jan Beulich
2017-02-21 17:40 ` Andrew Cooper
2017-02-21 17:44 ` Andrew Cooper
2017-02-22 7:31 ` Jan Beulich
2017-02-22 8:23 ` Andrew Cooper
2017-02-22 9:12 ` Andrew Cooper
2017-02-22 9:26 ` Jan Beulich
2017-02-27 14:30 ` Andrew Cooper
2017-03-10 16:32 ` [PATCH v2 " Andrew Cooper
2017-03-13 12:04 ` Jan Beulich
2017-02-20 11:00 ` [PATCH 07/10] x86/cpuid: Handle leaf 0xa " Andrew Cooper
2017-02-22 9:11 ` Jan Beulich
2017-02-20 11:00 ` [PATCH 08/10] x86/cpuid: Handle leaf 0xb " Andrew Cooper
2017-02-22 9:16 ` Jan Beulich
2017-02-22 10:22 ` Andrew Cooper
2017-02-22 10:37 ` Jan Beulich
2017-02-27 15:05 ` Andrew Cooper
2017-03-10 16:44 ` [PATCH v2 " Andrew Cooper
2017-03-13 12:13 ` Jan Beulich
2017-02-20 11:00 ` [PATCH 09/10] x86/cpuid: Drop legacy CPUID infrastructure Andrew Cooper
2017-02-22 9:19 ` Jan Beulich
2017-02-20 11:00 ` [PATCH 10/10] x86/cpuid: Always enable faulting for the control domain Andrew Cooper
2017-02-22 9:23 ` Jan Beulich
2017-02-22 10:00 ` Andrew Cooper [this message]
2017-02-22 10:10 ` Jan Beulich
2017-02-27 15:10 ` Andrew Cooper
2017-02-28 9:31 ` Jan Beulich
2017-03-10 17:10 ` Andrew Cooper
2017-03-13 11:48 ` Jan Beulich
2017-03-14 15:06 ` Wei Liu
2017-03-14 15:13 ` Jan Beulich
2017-03-14 16:05 ` Wei Liu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=df45b693-b9e5-b583-1349-250f53dcc25b@citrix.com \
--to=andrew.cooper3@citrix.com \
--cc=JBeulich@suse.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.