On Fri, 5 Jan 2018 22:38:39 +0100 Alexander Boettcher (AB) wrote:
I am not following the recent development of all those kernels, so I think it's best to directly consult the individual developers/teams for statements (like the one from Stefan above).
For my part, I can tell you that the NOVA microhypervisor (at least the official version) does not map physical RAM into the kernel virtual address space, other than the RAM in which microhypervisor itself resides. NOVA maps certain devices (like APIC, IOMMU), but those can't be speculatively accessed anyway. I cannot comment on modified NOVA versions.
I for my part, can confirm that the slightly, cough, modified NOVA version [1], as used by Genode, kept the original behavior of the official NOVA version [0] in that regard.
An addition after looking at the old code some more:
Note that Pd::kern, i.e. the kernel PD, actually has all physical memory mapped 1:1, simply to have an elegant (non-special-case) way to establish the root of the mapping hierarchy. However, no user thread ever runs in Pd::kern, so those mappings cannot be speculatively abused.
In PDs, where user threads do run, physical memory is not mapped in the page tables.
Cheers, Udo