As was previously explained[1], SMAP (and with less relevance also SMEP) is not compatible with 32-bit PV guests which aren't aware/ prepared to be run with that feature enabled. Andrew's original approach either sacrificed architectural correctness for making 32-bit guests work again or by disabling SMAP also for not insignificant portions of hypervisor code, both by allowing to control the workaround mode via command line option.
This alternative approach disables SMEP and SMAP only while running 32-bit PV guest code plus a few hypervisor instructions early after entering hypervisor context or later before leaving it. The 4th patch really is unrelated except for not applying cleanly without the earlier ones, and the potential having been noticed while putting together the 2nd one. 1: suppress SMEP and SMAP while running 32-bit PV guest code 2: use optimal NOPs to fill the SMEP/SMAP placeholders 3: use 32-bit loads for 32-bit PV guest state reload Signed-off-by: Jan Beulich <jbeul...@suse.com> --- v2: Various changes to patches 1 and 2 - see there. [1] http://lists.xenproject.org/archives/html/xen-devel/2015-06/msg03888.html _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
