WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [Xen-devel] EFER in HVM guests

from [Nakajima, Jun] [Permanent Link][Original]
To: "Jan Beulich" <jbeulich@xxxxxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxx>, "Keir Fraser" <keir@xxxxxxxxxxxxx>
Subject: RE: [Xen-devel] EFER in HVM guests
From: "Nakajima, Jun" <jun.nakajima@xxxxxxxxx>
Date: Wed, 29 Nov 2006 08:34:42 -0800
Delivery-date: Wed, 29 Nov 2006 08:57:15 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: AccTv6r97XujPIxiQ5aNfYfQKg41qAAEUxeA
Thread-topic: [Xen-devel] EFER in HVM guests 
Jan Beulich wrote:
>>>> Keir Fraser <keir@xxxxxxxxxxxxx> 29.11.06 14:09 >>>
>> On 29/11/06 13:07, "Jan Beulich" <jbeulich@xxxxxxxxxx> wrote:
>> 
>>> Is it intentional that
>>> - under SVM, 32-bit guests can freely set EFER.LME
>>> - under VMX, 32-bit guests can't access EFER at all?
>>> 
>>> Thanks, Jan
>> 
>> I'm sure any differences are unintentional. There is obviously scope
>> for making much of the MSR and CPUID code non-vmx/svm specific.
>> 
>> I assume that this particular difference doesn't really matter?
> 
> I think it does - allowing a guest to enable EFER.LME when the
> hypervisor is a 32-bit one is clearly a security problem: While I
> haven't tried it, I would suspect the moment you load a context
> with such an EFER the whole system's dead.
> Not being able to access EFER is also a potential problem, as a
> guest should be allowed to set EFER.NX (at least) - the CPUID
> handling code specifically does not suppress this bit if the guest
> is allowed to use PAE (which we agreed a few days ago should
> be the default anyway).
> 
> Jan
> 

I agree that we should allow 32-bit guests to set EFER.NX on the PAE
Xen. We'll fix it. EFER.SCE should not be set on IA-32. 

Jun
---
Intel Open Source Technology Center

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-devel] Live migration leaves page tables read-only?, John Byrne
Next by Date:  Re: [Xen-devel] [ANNOUNCEMENT] Schedule for Xen 3.0.4, Daniel P. Berrange
Previous by Thread:  RE: [Xen-devel] EFER in HVM guests, Jan Beulich
Next by Thread:  Re: [Xen-devel] EFER in HVM guests, Keir Fraser
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy