On 12/10/2023 4:21 pm, David Woodhouse wrote: > On Thu, 2023-10-12 at 10:13 +0800, andrew.coop...@citrix.com wrote: >> On 11/10/2023 7:34 pm, David Woodhouse wrote: >>> But why does the shim even need to turn it off when switching to the >>> guest context? Its guest isn't running in supervisor mode so surely it >>> doesn't *matter* whether SMEP is enabled or not? Why not just leave it >>> on at all times? >> >> 32bit PV kernels run in Ring1. Which is supervisor and not user. > > Ah, thanks. > >> Some older PV kernels do execute on user pages, and don't like getting >> SMEP faults when they didn't turn it on to begin with. > > PV guests never actually had the option to turn SMEP on, did they? > > (Otherwise I may have to rethink the approach of just putting > 'smep=off' onto the shim command line when running under KVM...)
Xen and PV guests share a set of pagetables. There is no ability to independently control SMEP/SMAP. While we could in principle make SMEP an feature that PV kernels can opt into, SMAP we really can't. The emulation costs of STAC/CLAC are obscene from a perf perspective. One TODO which has yet to be done is to look at the PV kernel's ELF32/64-ness. For a shimmed 64bit guest, SMEP/SMAP should be on and stay on. TBH, it's probably best to just hide the SMEP/SMAP features, rather than to play around with the cmdline. ~Andrew
