Re: [RFC PATCH v9 03/13] mm: Add support for eXclusive Page Frame Ownership (XPFO)

From: Khalid Aziz
Date: Wed May 01 2019 - 11:22:30 EST

On 5/1/19 8:49 AM, Waiman Long wrote:
> On Wed, Apr 03, 2019 at 11:34:04AM -0600, Khalid Aziz wrote:
>> diff --git a/Documentation/admin-guide/kernel-parameters.txt
> b/Documentation/admin-guide/kernel-parameters.txt
>> index 858b6c0b9a15..9b36da94760e 100644
>> --- a/Documentation/admin-guide/kernel-parameters.txt
>> +++ b/Documentation/admin-guide/kernel-parameters.txt
>> @@ -2997,6 +2997,12 @@
>> ÂÂÂÂÂ nox2apicÂÂÂ [X86-64,APIC] Do not enable x2APIC mode.
>> +ÂÂÂ noxpfoÂÂÂÂÂÂÂ [XPFO] Disable eXclusive Page Frame Ownership (XPFO)
>> +ÂÂÂÂÂÂÂÂÂÂÂ when CONFIG_XPFO is on. Physical pages mapped into
>> +ÂÂÂÂÂÂÂÂÂÂÂ user applications will also be mapped in the
>> +ÂÂÂÂÂÂÂÂÂÂÂ kernel's address space as if CONFIG_XPFO was not
>> +ÂÂÂÂÂÂÂÂÂÂÂ enabled.
>> +
>> ÂÂÂÂÂ cpu0_hotplugÂÂÂ [X86] Turn on CPU0 hotplug feature when
>> ÂÂÂÂÂÂÂÂÂÂÂÂÂ Some features depend on CPU0. Known dependencies are:
> Given the big performance impact that XPFO can have. It should be off by
> default when configured. Instead, the xpfo option should be used to
> enable it.

Agreed. I plan to disable it by default in the next version of the
patch. This is likely to end up being a feature for extreme security
conscious folks only, unless I or someone else comes up with further
significant performance boost.