On 16/12/2019 2:17 pm, Tian, Kevin wrote:
>> From: Jin Nan Wang <jnw...@suse.com>
>> Sent: Monday, December 16, 2019 1:48 PM
>>
>> Fix a issue when user disable ETP exec-sp, xen missed a prompt
>> log in dmesg.
>>
>> Signed-off-by: James Wang <jnw...@suse.com>
>> ---
>> xen/arch/x86/hvm/vmx/vmx.c | 4 +++-
>> 1 file changed, 3 insertions(+), 1 deletion(-)
>>
>> diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c
>> index 7970ba93e1..9c1f0f645d 100644
>> --- a/xen/arch/x86/hvm/vmx/vmx.c
>> +++ b/xen/arch/x86/hvm/vmx/vmx.c
>> @@ -2499,7 +2499,9 @@ const struct hvm_function_table * __init
>> start_vmx(void)
>> {
>> /* Default to non-executable superpages on vulnerable
>> hardware. */
>> opt_ept_exec_sp = !cpu_has_bug_pschange_mc;
>> -
>> + }
> no parenthesis then. Just move the comment before the earlier condition
> check
Got it.
>> + if (opt_ept_exec_sp == false)
>> + {
>> if ( cpu_has_bug_pschange_mc )
>> printk("VMX: Disabling executable EPT superpages due to
>> CVE-
>> 2018-12207\n");
>> }
> Can we do it another way? Always throw out a warning if the hardware
> is vulnerable, plus its enabling status?
OK. Let me try.
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
