On 16/12/2019 7:00 pm, Jan Beulich wrote:
> On 16.12.2019 09:27, Jin Nan Wang wrote:
>> Fix a issue when user disable ETP exec-sp, xen missed a prompt
>> log in dmesg.
> Why "missed" (and why "prompt")? I think the original intention
> was to log a message only when no command line option was given
> and the system would be vulnerable without the disabling.
Yes, I guess it.
But when I test ept=exec-sp=off. I got a little confused.
Because of the "prompt" tell me it's disabled, at default.
when I add 'ept=exec-sp=off', the "prompt" is disappeared. It seems like
it's ENABLED.
James
> Nevertheless two style remarks as well:
>
>> --- a/xen/arch/x86/hvm/vmx/vmx.c
>> +++ b/xen/arch/x86/hvm/vmx/vmx.c
>> @@ -2495,14 +2495,14 @@ const struct hvm_function_table * __init
>> start_vmx(void)
>> {
>> bool cpu_has_bug_pschange_mc = has_if_pschange_mc();
>>
>> + /* Default to non-executable superpages on vulnerable hardware. */
>> if ( opt_ept_exec_sp == -1 )
>> - {
>> - /* Default to non-executable superpages on vulnerable hardware.
>> */
>> opt_ept_exec_sp = !cpu_has_bug_pschange_mc;
>>
>> - if ( cpu_has_bug_pschange_mc )
>> - printk("VMX: Disabling executable EPT superpages due to
>> CVE-2018-12207\n");
>> - }
>> + if (opt_ept_exec_sp)
> Missing blanks inside ().
>
>> + printk("VMX: Enable executable EPT superpages.\n");
> No full stop here please.
>
> Jan
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
