>>>> Andrew Cooper <andrew.coop...@citrix.com> 03/09/16 1:33 PM >>> >On 09/03/16 12:27, Wu, Feng wrote: >> Oh, thanks for the clarification! Do you know how "An NMI or #MC may occur >> between clearing CR4.SMEP and CR4.SMAP in compat_restore_all_guest and >> it actually returning to guest context, in which case the guest would run >> with >> the two features enabled. " can happen? Especially how the guest can run >> with the two features enabled? > >NMIs and MCEs can occur at any point, even if interrupts are disabled. > >The bad situation is this sequence: > >* Xen is returning to the guest and disables CR4.SMEP/SMAP >* NMI occurs while still in Xen >* NMI exit path sees it is returning to Xen and re-enabled CR4.SMEP/SMAP
Well, almost: Re-enabling happens on the NMI entry path. The NMI exit path would, seeing it's returning to Xen context, simply not disable them again. Jan >* Xen ends up returning to guest with CR4.SMEP/SMAP enabled. > >~Andrew _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
