Hi Yasser, I hit the same CR4 PKE-bit case as you did a month ago.
May I ask you to resend the patch (with a Signed-Off line) to the mailing list? Thanks Ralf On 5/21/19 6:38 PM, Jan Kiszka wrote: > On 21.05.19 17:55, Ralf Ramsauer wrote: >> >> >> On 5/21/19 5:09 PM, Jan Kiszka wrote: >>> On 21.05.19 15:45, Ralf Ramsauer wrote: >>>> Hi, >>>> >>>> we have some issues enabling Jailhouse on a Intel with a pretty new CPU >>>> (Xeon Gold 5118). >>>> >>>> First, the CPU supports PKE and Linux will enable it (CR4, Bit 22). >>>> Jailhouse won't start, as this bit is marked in X86_CR4_RESERVED. >>>> Didn't >>>> have a deeper look into this on how it affects the hypervisor or >>>> allowing it needs some special treatment, so adding nopku to the >>>> commandline will keep the feature disabled and suffices for the moment. >>>> >>> >>> Known issue, see https://github.com/siemens/jailhouse/pull/23 >> >> Aah, I remember that discussion a month ago... >> >> So I guess it is okay to allow this feature. >> >> What would you say, is it better to use a configuration parameter that >> indicates the existence of PKE (as noted in the github discussion, we >> should only respect that bit if available), or online cpuid discovery? >> >> I guess the latter one is a bit against the philosophy, but much simpler >> to implement. >> > > Checking the code again and the comment I wrote around it, my remark in > github that we would need discovery was actually overkill: The whole > purpose of X86_CR4_RESERVED is to filter out future unknown bits. But > CR4.PKE is no longer unknown, and it is apparently safe to allow it to > the root cell. IOW, that commit was fine (if it had been submitted with > signed-off here). > > Jan > -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jailhouse-dev/6a8fecef-27d7-b300-4a14-e874f459ea4b%40oth-regensburg.de. For more options, visit https://groups.google.com/d/optout.
