On 15.06.2023 17:31, Alejandro Vallejo wrote: > This option hardens Xen by forcing it to write secure (NX-enhanced) PTEs > regardless of the runtime NX feature bit in boot_cpu_data. This prevents an > attacker with partial write support from affecting Xen's PTE generation > logic by overriding the NX feature flag. The patch asserts support for the > NX bit in PTEs at boot time and if so short-circuits the cpu_has_nx macro > to 1. > > It has the nice benefit of replacing many instances of runtime checks with > folded constants. This has several knock-on effects that improve codegen, > saving 2.5KiB off the text section. > > The config option defaults to OFF for compatibility with previous > behaviour. > > Signed-off-by: Alejandro Vallejo <alejandro.vall...@cloud.com>
Just one nit on top of Andrew's comments: > @@ -697,9 +708,11 @@ trampoline_setup: > jnc .Lno_nx_bit > > .Lhas_nx_bit: > +#ifndef CONFIG_REQUIRE_NX > /* Adjust EFER is NX is present */ > orb $EFER_NXE >> 8, 1 + sym_esi(trampoline_efer) > .Lno_nx_bit: > +#endif In the comment the first "is" likely was meant to be "if". Jan
