From nobody Mon Feb 9 07:23:30 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org ARC-Seal: i=1; a=rsa-sha256; t=1568232406; cv=none; d=zoho.com; s=zohoarc; b=hvQ73r+as8xw53vVoiT6/5UOdorGzOIZZ3mLBPIib1B5BFDGLwjYSQZ54ZFB/VUNTfjluzNCVd9wgpCxn3QUMLE4h6VJAUGytViVP0U2wHDvOQRg+94BvxRJ50rTBB1pIv5wQ7BGCNbHtyrYXOiQWSbNpsduyOsSnZ+v3ub7fIY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1568232406; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=y3vq+fjT3f7aJ0Qb79twFi8Ht0TxV7WRCoaiEvcuuQ8=; b=Y2XD2vjxlMI3oX3CFpUSqj9sF9cGgh4RRrjHuY8Nb7PVSu2N7lDv6VS55v18TXZgfXYnV542q6L0HTTPnZ3gMJuEXuP8As+TW0sCKHNMgBD72pPXGQgnNZa8N+iQQHfxg7NpA0jcJgmh+/ptwuQCFMoltGpOZsACUWYGluaMmek= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=fail; spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1568232406270837.9447329006142; Wed, 11 Sep 2019 13:06:46 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1i88ra-0002zR-L4; Wed, 11 Sep 2019 20:05:14 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1i88rZ-0002zH-79 for xen-devel@lists.xenproject.org; Wed, 11 Sep 2019 20:05:13 +0000 Received: from esa1.hc3370-68.iphmx.com (unknown [216.71.145.142]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id 75c8370a-d4cf-11e9-83dd-12813bfff9fa; Wed, 11 Sep 2019 20:05:11 +0000 (UTC) X-Inumbo-ID: 75c8370a-d4cf-11e9-83dd-12813bfff9fa DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1568232312; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=EFnsOsGQ4CPWA4IpIutS5XNwHkOuU3XzDAJN+8JtXFE=; b=YbKccwAAGmDdc8ERovwskz35zz4e2pkORTXYvm8O1jCHHnMeZhSt/apD Rgw8Hi2HTiGtmzhNKp3yy7u0uj4v5mOsENIHTlIxkNrxmVGUntxJ/wNja iMWfkMqQ7ylTW4XbMl8YZNoihEKGvEFMJ63rPdWlvxeEzVCzuLYlPRc2F w=; Authentication-Results: esa1.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=andrew.cooper3@citrix.com; spf=Pass smtp.mailfrom=Andrew.Cooper3@citrix.com; spf=None smtp.helo=postmaster@mail.citrix.com Received-SPF: none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Received-SPF: None (esa1.hc3370-68.iphmx.com: no sender authenticity information available from domain of andrew.cooper3@citrix.com) identity=pra; client-ip=162.221.158.21; receiver=esa1.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="andrew.cooper3@citrix.com"; x-conformance=sidf_compatible Received-SPF: Pass (esa1.hc3370-68.iphmx.com: domain of Andrew.Cooper3@citrix.com designates 162.221.158.21 as permitted sender) identity=mailfrom; client-ip=162.221.158.21; receiver=esa1.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="Andrew.Cooper3@citrix.com"; x-conformance=sidf_compatible; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ~all" Received-SPF: None (esa1.hc3370-68.iphmx.com: no sender authenticity information available from domain of postmaster@mail.citrix.com) identity=helo; client-ip=162.221.158.21; receiver=esa1.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="postmaster@mail.citrix.com"; x-conformance=sidf_compatible IronPort-SDR: YdciJxz1xjqXtNIFvRyhJYBA30Mpis1j+EWu6jaHRfWCr2CVwDOHUQhafHIvkXU9w3ZJ0vrQqW rbFisIEQmUjzH6x3Rr3eThDKgCfyz2E0UKyKiu0B6UqT1WBEhnkKdeX5umxGj/UqVbgDvLlQj4 72qZoyk8PJpiKEbYVoTgv64WrrK4z4eOb29TSQSKDN5JPu9JeO77heVhI4nlEVDJ6crNMmq2Kl CY14KFXUqToEqwCi3cwnNoIGAo+JGe6sAOa4rRNrremsFvpjqJ4/tQPXfkAO74hLaifhmCHc9K gOE= X-SBRS: 2.7 X-MesageID: 5506243 X-Ironport-Server: esa1.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.64,494,1559534400"; d="scan'208";a="5506243" From: Andrew Cooper To: Xen-devel Date: Wed, 11 Sep 2019 21:04:57 +0100 Message-ID: <20190911200504.5693-2-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20190911200504.5693-1-andrew.cooper3@citrix.com> References: <20190911200504.5693-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Subject: [Xen-devel] [PATCH 1/8] libx86: Introduce x86_cpu_policies_are_compatible() X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Andrew Cooper , Wei Liu , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) This helper will eventually be the core "can a guest confiured like this run on the CPU?" logic. For now, it is just enough of a stub to allow us to replace the hypercall interface while retaining the previous behaviour. It will be expanded as various other bits of CPUID handling get cleaned up. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- CC: Jan Beulich CC: Wei Liu CC: Roger Pau Monn=C3=A9 --- tools/tests/cpu-policy/Makefile | 2 +- tools/tests/cpu-policy/test-cpu-policy.c | 111 +++++++++++++++++++++++++++= +++- xen/include/xen/lib/x86/cpu-policy.h | 19 ++++++ xen/lib/x86/Makefile | 1 + xen/lib/x86/policy.c | 53 +++++++++++++++ 5 files changed, 183 insertions(+), 3 deletions(-) create mode 100644 xen/lib/x86/policy.c diff --git a/tools/tests/cpu-policy/Makefile b/tools/tests/cpu-policy/Makef= ile index fb548c9b9a..70ff154da6 100644 --- a/tools/tests/cpu-policy/Makefile +++ b/tools/tests/cpu-policy/Makefile @@ -39,7 +39,7 @@ CFLAGS +=3D $(APPEND_CFLAGS) =20 vpath %.c ../../../xen/lib/x86 =20 -test-cpu-policy: test-cpu-policy.o msr.o cpuid.o +test-cpu-policy: test-cpu-policy.o msr.o cpuid.o policy.o $(CC) $(CFLAGS) $^ -o $@ =20 -include $(DEPS_INCLUDE) diff --git a/tools/tests/cpu-policy/test-cpu-policy.c b/tools/tests/cpu-pol= icy/test-cpu-policy.c index fe00cd4276..10cfa7cd97 100644 --- a/tools/tests/cpu-policy/test-cpu-policy.c +++ b/tools/tests/cpu-policy/test-cpu-policy.c @@ -9,8 +9,7 @@ =20 #include #include -#include -#include +#include #include =20 static unsigned int nr_failures; @@ -503,6 +502,111 @@ static void test_cpuid_out_of_range_clearing(void) } } =20 +static void test_is_compatible_success(void) +{ + static struct test { + const char *name; + struct cpuid_policy host_cpuid; + struct cpuid_policy guest_cpuid; + struct msr_policy host_msr; + struct msr_policy guest_msr; + } tests[] =3D { + { + .name =3D "Host CPUID faulting, Guest not", + .host_msr =3D { + .plaform_info.cpuid_faulting =3D true, + }, + }, + { + .name =3D "Host CPUID faulting, Guest wanted", + .host_msr =3D { + .plaform_info.cpuid_faulting =3D true, + }, + .guest_msr =3D { + .plaform_info.cpuid_faulting =3D true, + }, + }, + }; + struct cpu_policy_errors no_errors =3D INIT_CPU_POLICY_ERRORS; + + printf("Testing policy compatibility success:\n"); + + for ( size_t i =3D 0; i < ARRAY_SIZE(tests); ++i ) + { + struct test *t =3D &tests[i]; + struct cpu_policy sys =3D { + &t->host_cpuid, + &t->host_msr, + }, new =3D { + &t->guest_cpuid, + &t->guest_msr, + }; + struct cpu_policy_errors e =3D INIT_CPU_POLICY_ERRORS; + int res =3D x86_cpu_policies_are_compatible(&sys, &new, &e); + + /* Check the expected error output. */ + if ( res !=3D 0 || memcmp(&no_errors, &e, sizeof(no_errors)) ) + fail(" Test '%s' expected no errors\n" + " got res %d { leaf %08x, subleaf %08x, msr %08x }\n", + t->name, res, e.leaf, e.subleaf, e.msr); + } +} + +static void test_is_compatible_failure(void) +{ + static struct test { + const char *name; + struct cpuid_policy host_cpuid; + struct cpuid_policy guest_cpuid; + struct msr_policy host_msr; + struct msr_policy guest_msr; + struct cpu_policy_errors e; + } tests[] =3D { + { + .name =3D "Host basic.max_leaf out of range", + .guest_cpuid.basic.max_leaf =3D 1, + .e =3D { 0, -1, -1 }, + }, + { + .name =3D "Host extd.max_leaf out of range", + .guest_cpuid.extd.max_leaf =3D 1, + .e =3D { 0x80000008, -1, -1 }, + }, + { + .name =3D "Host no CPUID faulting, Guest wanted", + .guest_msr =3D { + .plaform_info.cpuid_faulting =3D true, + }, + .e =3D { -1, -1, 0xce }, + }, + }; + + printf("Testing policy compatibility failure:\n"); + + for ( size_t i =3D 0; i < ARRAY_SIZE(tests); ++i ) + { + struct test *t =3D &tests[i]; + struct cpu_policy sys =3D { + &t->host_cpuid, + &t->host_msr, + }, new =3D { + &t->guest_cpuid, + &t->guest_msr, + }; + struct cpu_policy_errors e =3D INIT_CPU_POLICY_ERRORS; + int res =3D x86_cpu_policies_are_compatible(&sys, &new, &e); + + /* Check the expected error output. */ + if ( res =3D=3D 0 || memcmp(&t->e, &e, sizeof(t->e)) ) + fail(" Test '%s' res %d\n" + " expected { leaf %08x, subleaf %08x, msr %08x }\n" + " got { leaf %08x, subleaf %08x, msr %08x }\n", + t->name, res, + t->e.leaf, t->e.subleaf, t->e.msr, + e.leaf, e.subleaf, e.msr); + } +} + int main(int argc, char **argv) { printf("CPU Policy unit tests\n"); @@ -516,6 +620,9 @@ int main(int argc, char **argv) test_msr_serialise_success(); test_msr_deserialise_failure(); =20 + test_is_compatible_success(); + test_is_compatible_failure(); + if ( nr_failures ) printf("Done: %u failures\n", nr_failures); else diff --git a/xen/include/xen/lib/x86/cpu-policy.h b/xen/include/xen/lib/x86= /cpu-policy.h index 6f07c4b493..65ec71835b 100644 --- a/xen/include/xen/lib/x86/cpu-policy.h +++ b/xen/include/xen/lib/x86/cpu-policy.h @@ -11,6 +11,25 @@ struct cpu_policy struct msr_policy *msr; }; =20 +struct cpu_policy_errors +{ + uint32_t leaf, subleaf; + uint32_t msr; +}; + +#define INIT_CPU_POLICY_ERRORS { ~0u, ~0u, ~0u } + +/* + * Calculate whether two policies are compatible. + * + * i.e. Can a VM configured with @guest run on a CPU supporting @host. + * + * For typical usage, @host should be a system policy. + */ +int x86_cpu_policies_are_compatible(const struct cpu_policy *host, + const struct cpu_policy *guest, + struct cpu_policy_errors *e); + #endif /* !XEN_LIB_X86_POLICIES_H */ =20 /* diff --git a/xen/lib/x86/Makefile b/xen/lib/x86/Makefile index 2f9691e964..780ea05db1 100644 --- a/xen/lib/x86/Makefile +++ b/xen/lib/x86/Makefile @@ -1,2 +1,3 @@ obj-y +=3D cpuid.o obj-y +=3D msr.o +obj-y +=3D policy.o diff --git a/xen/lib/x86/policy.c b/xen/lib/x86/policy.c new file mode 100644 index 0000000000..3155e07a7c --- /dev/null +++ b/xen/lib/x86/policy.c @@ -0,0 +1,53 @@ +#include "private.h" + +#include + +int x86_cpu_policies_are_compatible(const struct cpu_policy *host, + const struct cpu_policy *guest, + struct cpu_policy_errors *e) +{ + uint32_t leaf =3D -1, subleaf =3D -1, msr =3D -1; + int ret =3D -EINVAL; + +#define NA XEN_CPUID_NO_SUBLEAF +#define FAIL_CPUID(l, s) do { leaf =3D (l); subleaf =3D (s); goto out; } w= hile ( 0 ) +#define FAIL_MSR(m) do { msr =3D (m); goto out; } while ( 0 ) + + if ( guest->cpuid->basic.max_leaf > host->cpuid->basic.max_leaf ) + FAIL_CPUID(0, NA); + + if ( guest->cpuid->extd.max_leaf > host->cpuid->extd.max_leaf ) + FAIL_CPUID(0x80000008, NA); + + /* TODO: Audit more CPUID data. */ + + if ( ~host->msr->plaform_info.raw & guest->msr->plaform_info.raw ) + FAIL_MSR(MSR_INTEL_PLATFORM_INFO); + +#undef FAIL_MSR +#undef FAIL_CPUID +#undef NA + + /* Success. */ + ret =3D 0; + + out: + if ( ret && e ) + { + e->leaf =3D leaf; + e->subleaf =3D subleaf; + e->msr =3D msr; + } + + return ret; +} + +/* + * Local variables: + * mode: C + * c-file-style: "BSD" + * c-basic-offset: 4 + * tab-width: 4 + * indent-tabs-mode: nil + * End: + */ --=20 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel