On 16/12/2019 7:00 pm, Jan Beulich wrote: > On 16.12.2019 09:27, Jin Nan Wang wrote: >> Fix a issue when user disable ETP exec-sp, xen missed a prompt >> log in dmesg. > Why "missed" (and why "prompt")? I think the original intention > was to log a message only when no command line option was given > and the system would be vulnerable without the disabling.
Yes, I guess it. But when I test ept=exec-sp=off. I got a little confused. Because of the "prompt" tell me it's disabled, at default. when I add 'ept=exec-sp=off', the "prompt" is disappeared. It seems like it's ENABLED. James > Nevertheless two style remarks as well: > >> --- a/xen/arch/x86/hvm/vmx/vmx.c >> +++ b/xen/arch/x86/hvm/vmx/vmx.c >> @@ -2495,14 +2495,14 @@ const struct hvm_function_table * __init >> start_vmx(void) >> { >> bool cpu_has_bug_pschange_mc = has_if_pschange_mc(); >> >> + /* Default to non-executable superpages on vulnerable hardware. */ >> if ( opt_ept_exec_sp == -1 ) >> - { >> - /* Default to non-executable superpages on vulnerable hardware. >> */ >> opt_ept_exec_sp = !cpu_has_bug_pschange_mc; >> >> - if ( cpu_has_bug_pschange_mc ) >> - printk("VMX: Disabling executable EPT superpages due to >> CVE-2018-12207\n"); >> - } >> + if (opt_ept_exec_sp) > Missing blanks inside (). > >> + printk("VMX: Enable executable EPT superpages.\n"); > No full stop here please. > > Jan _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel