From nobody Tue May 7 07:25:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org ARC-Seal: i=1; a=rsa-sha256; t=1568403034; cv=none; d=zoho.com; s=zohoarc; b=nJqhafPxgCVEhaEbOqfqFMwiN2Wl+jDy4fn9ktwyVfG7Hoy79mpR9GkcmTB8nbrOD4m0NQof1uYJJZXys/+kInEy8C/FB0dTeVS8xeM1rCbUPH9tuoHAMkTckeuOu4NW1KbVM2xtAI4qtKLc24NflBj/PfnYnylwVbDCXftIcb4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1568403034; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=GhfSXnW7MLLpCwFcg4oJlHH374+mU2fT2REs0+o0RC4=; b=CepEqV7RuL90AR2CYj0eXTOlwnCeFbAsB2ukx6/h7SsMCC7T1U7agvCP8AwWvyXC4hmaIxCzFBYkh7ylXl6cHyj0f/RUV3/17I7gd3sOtu1EiLep6DML6E9n5B+l5sA3bEKOXP8gkQ+8ai+6BUcjZCBcZ9g74zEIWaHTMtrklvc= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=fail; spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1568403034818883.1534707435084; Fri, 13 Sep 2019 12:30:34 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1i8rEm-0006mj-1r; Fri, 13 Sep 2019 19:28:08 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1i8rEk-0006kM-9O for xen-devel@lists.xenproject.org; Fri, 13 Sep 2019 19:28:06 +0000 Received: from esa2.hc3370-68.iphmx.com (unknown [216.71.145.153]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id 9ad9f737-d65c-11e9-95b9-12813bfff9fa; Fri, 13 Sep 2019 19:28:05 +0000 (UTC) X-Inumbo-ID: 9ad9f737-d65c-11e9-95b9-12813bfff9fa DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1568402886; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=BBEMLZnLm26tjDsc8qn1/8XcgCfCIPk3+lDhvg0ZFL0=; b=EM7nLtYp2GgdRc4DJ/6JvC/efTaftgBOZUhUY+kogS8Hlz4r8Hj5nP1w XJ4r40sIA/l6y8uGYdvB6j1AJwwXoHV6A4wPDWPScmopOUMiwX9A8iQmR y6MRWl+qdZ1J4A6+N45p8TizTsy4BqaqxrYVFYTH6Ric3lDdFsACowp74 s=; Authentication-Results: esa2.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=andrew.cooper3@citrix.com; spf=Pass smtp.mailfrom=Andrew.Cooper3@citrix.com; spf=None smtp.helo=postmaster@mail.citrix.com Received-SPF: none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Received-SPF: None (esa2.hc3370-68.iphmx.com: no sender authenticity information available from domain of andrew.cooper3@citrix.com) identity=pra; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="andrew.cooper3@citrix.com"; x-conformance=sidf_compatible Received-SPF: Pass (esa2.hc3370-68.iphmx.com: domain of Andrew.Cooper3@citrix.com designates 162.221.158.21 as permitted sender) identity=mailfrom; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="Andrew.Cooper3@citrix.com"; x-conformance=sidf_compatible; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ~all" Received-SPF: None (esa2.hc3370-68.iphmx.com: no sender authenticity information available from domain of postmaster@mail.citrix.com) identity=helo; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="postmaster@mail.citrix.com"; x-conformance=sidf_compatible IronPort-SDR: WIJNVgLDnCAc99Gi9yrvYIIDDJsyf74ZNdhpJQJAcucky4RduIMnRMEqGx8gtihtRO0wMe/rcK xsA1hfwpzjIIaP1J0KXJF0xVwwWb5R1HtXgFqUgvxavEiAgrz0dr21B3slg3/PQg8HEZ9HkmSM EoBenp0kUkYdhsCXHmO06CHxn3v08BHq9qyn66MZJ20G4erjMwIz+RT3THx8muwJw0ocG/5GG3 VGEz4xshA1FBuX2TvKJcmbi6oPGUoPODgSFYRL0ilOb9pCIUgIfwwk41/PLF5DZ2AfXOxbCUul XgA= X-SBRS: 2.7 X-MesageID: 5553055 X-Ironport-Server: esa2.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.64,501,1559534400"; d="scan'208";a="5553055" From: Andrew Cooper To: Xen-devel Date: Fri, 13 Sep 2019 20:27:50 +0100 Message-ID: <20190913192759.10795-2-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20190913192759.10795-1-andrew.cooper3@citrix.com> References: <20190913192759.10795-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Subject: [Xen-devel] [PATCH v2 01/10] x86/msr: Offer CPUID Faulting to PVH control domains X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Andrew Cooper , Wei Liu , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) The control domain exclusion for CPUID Faulting predates dom0 PVH, but the reason for the exclusion (to allow the domain builder to see host CPUID values) isn't applicable. The domain builder *is* broken in PVH control domains, and restricting the = use of CPUID Faulting doesn't make it any less broken. Tweak the logic to only exclude PV control domains. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- CC: Jan Beulich CC: Wei Liu CC: Roger Pau Monn=C3=A9 v2: * New --- xen/arch/x86/cpu/common.c | 5 +++-- xen/arch/x86/msr.c | 4 ++-- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/xen/arch/x86/cpu/common.c b/xen/arch/x86/cpu/common.c index 937d8e82a8..4bf852c948 100644 --- a/xen/arch/x86/cpu/common.c +++ b/xen/arch/x86/cpu/common.c @@ -169,7 +169,7 @@ void ctxt_switch_levelling(const struct vcpu *next) if (nextd && is_idle_domain(nextd)) return; /* - * We *should* be enabling faulting for the control domain. + * We *should* be enabling faulting for PV control domains. * * Unfortunately, the domain builder (having only ever been a * PV guest) expects to be able to see host cpuid state in a @@ -184,7 +184,8 @@ void ctxt_switch_levelling(const struct vcpu *next) * generating the maximum full cpuid policy into Xen, at which * this problem will disappear. */ - set_cpuid_faulting(nextd && !is_control_domain(nextd) && + set_cpuid_faulting(nextd && (!is_control_domain(nextd) || + !is_pv_domain(nextd)) && (is_pv_domain(nextd) || next->arch.msrs-> misc_features_enables.cpuid_faulting)); diff --git a/xen/arch/x86/msr.c b/xen/arch/x86/msr.c index e65961fccb..a6c8cc7627 100644 --- a/xen/arch/x86/msr.c +++ b/xen/arch/x86/msr.c @@ -91,8 +91,8 @@ int init_domain_msr_policy(struct domain *d) if ( !mp ) return -ENOMEM; =20 - /* See comment in intel_ctxt_switch_levelling() */ - if ( is_control_domain(d) ) + /* See comment in ctxt_switch_levelling() */ + if ( is_control_domain(d) && is_pv_domain(d) ) mp->platform_info.cpuid_faulting =3D false; =20 d->arch.msr =3D mp; --=20 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel From nobody Tue May 7 07:25:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org ARC-Seal: i=1; a=rsa-sha256; t=1568403038; cv=none; d=zoho.com; s=zohoarc; b=Fm12j4Hnr+LmwtZuTGltqABP8zsnY5f6Rlcnvhz1+zBUDyQuQZre3ekxRYb6INsoKGWePMCFBU+g2oPpAabpq1AEmOHEgggP+gUyf4xJeTap6xW+D1i+LVBQ3cN363xxDV9buUP8jyMUtCpErirBqJ8Wi/wMCeRtKmMFnuUuafY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1568403038; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=/LaKG6yrIlSenylOVoHLB42LE+uc2UDd6HSoOhEETAM=; b=EV2Auiu+GuULbyI9hgkx9ZxSF2tA3st+ap0ssleZs5OvWBOv4MmBemTunK2hwQ14RlNbd0HftPgfgL6y4nSlotPi6vTbcnu8FPH8ocj4f/JGAJV3Qd1nqR98OVLsQs4kCROwVVmTbwQ04sImRG9nScWyBbTBJmgQyHfVCTYSg60= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=fail; spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1568403038110851.4979627444675; Fri, 13 Sep 2019 12:30:38 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1i8rEm-0006mp-Bv; Fri, 13 Sep 2019 19:28:08 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1i8rEl-0006lg-Gi for xen-devel@lists.xenproject.org; Fri, 13 Sep 2019 19:28:07 +0000 Received: from esa2.hc3370-68.iphmx.com (unknown [216.71.145.153]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id 9c29c5d8-d65c-11e9-a337-bc764e2007e4; Fri, 13 Sep 2019 19:28:06 +0000 (UTC) X-Inumbo-ID: 9c29c5d8-d65c-11e9-a337-bc764e2007e4 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1568402887; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=2KM4DZBk2g56GnnO52jzfswnVb2YplISytBcxF6k4Yk=; b=Ef7fBbqNc9wGCNX6nPy45zYy7/tHPMHx4gZtbE1bWu1tcMgB+IHhOpUO TIO3t9xGWx/vC1otvr6IZbZkceuhliOJ9tiaWtNE5WcYgPFRDawj4tY/R hMRiWooq1PCe+KA6taz+soPFXb08knwHrTbU4wZcQo9x6WgE9St/xbTdN E=; Authentication-Results: esa2.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=andrew.cooper3@citrix.com; spf=Pass smtp.mailfrom=Andrew.Cooper3@citrix.com; spf=None smtp.helo=postmaster@mail.citrix.com Received-SPF: none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Received-SPF: None (esa2.hc3370-68.iphmx.com: no sender authenticity information available from domain of andrew.cooper3@citrix.com) identity=pra; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="andrew.cooper3@citrix.com"; x-conformance=sidf_compatible Received-SPF: Pass (esa2.hc3370-68.iphmx.com: domain of Andrew.Cooper3@citrix.com designates 162.221.158.21 as permitted sender) identity=mailfrom; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="Andrew.Cooper3@citrix.com"; x-conformance=sidf_compatible; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ~all" Received-SPF: None (esa2.hc3370-68.iphmx.com: no sender authenticity information available from domain of postmaster@mail.citrix.com) identity=helo; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="postmaster@mail.citrix.com"; x-conformance=sidf_compatible IronPort-SDR: mxHt8pHkZG+7kgqmyH+MTFHzx6DcD8D2yGTLwbCDCsfBsa6OJMdkA7HmPOb8O0IzU5TBrVdYQW OENFtUeAw34hihqd6kPml8mJ7OL3gBESInSON9UyVzJphPN6OtE0WvQalbJj5rXWux+wueAU65 CvxltXPhKdZP94jwovGlstqa2zGdLHtKn84+om6+ghm5rDFBAXGJo/I5jQLdSVjGj4pnIhqD/i UVR2j2+/zd+U9sPL0XnRVXx2WnefDDBCU7qDFchk5Euv+3tI6/ju2pcwE1qAFs8+OkP1+/Ohs6 uf4= X-SBRS: 2.7 X-MesageID: 5553057 X-Ironport-Server: esa2.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.64,501,1559534400"; d="scan'208";a="5553057" From: Andrew Cooper To: Xen-devel Date: Fri, 13 Sep 2019 20:27:51 +0100 Message-ID: <20190913192759.10795-3-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20190913192759.10795-1-andrew.cooper3@citrix.com> References: <20190913192759.10795-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Subject: [Xen-devel] [PATCH v2 02/10] libx86: Proactively initialise error pointers X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Andrew Cooper , Wei Liu , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) This results in better behaviour for the caller. Suggested-by: Jan Beulich Signed-off-by: Andrew Cooper Acked-by: Jan Beulich --- CC: Jan Beulich CC: Wei Liu CC: Roger Pau Monn=C3=A9 v2: * New --- tools/tests/cpu-policy/test-cpu-policy.c | 4 ++-- xen/include/xen/lib/x86/cpuid.h | 6 +++--- xen/include/xen/lib/x86/msr.h | 4 ++-- xen/lib/x86/cpuid.c | 5 +++++ xen/lib/x86/msr.c | 3 +++ 5 files changed, 15 insertions(+), 7 deletions(-) diff --git a/tools/tests/cpu-policy/test-cpu-policy.c b/tools/tests/cpu-pol= icy/test-cpu-policy.c index fe00cd4276..201358d210 100644 --- a/tools/tests/cpu-policy/test-cpu-policy.c +++ b/tools/tests/cpu-policy/test-cpu-policy.c @@ -283,7 +283,7 @@ static void test_cpuid_deserialise_failure(void) for ( size_t i =3D 0; i < ARRAY_SIZE(tests); ++i ) { const struct test *t =3D &tests[i]; - uint32_t err_leaf =3D ~0u, err_subleaf =3D ~0u; + uint32_t err_leaf, err_subleaf; int rc; =20 /* No writes should occur. Use NULL to catch errors. */ @@ -336,7 +336,7 @@ static void test_msr_deserialise_failure(void) for ( size_t i =3D 0; i < ARRAY_SIZE(tests); ++i ) { const struct test *t =3D &tests[i]; - uint32_t err_msr =3D ~0u; + uint32_t err_msr; int rc; =20 /* No writes should occur. Use NULL to catch errors. */ diff --git a/xen/include/xen/lib/x86/cpuid.h b/xen/include/xen/lib/x86/cpui= d.h index df5946b6b1..79840f99ce 100644 --- a/xen/include/xen/lib/x86/cpuid.h +++ b/xen/include/xen/lib/x86/cpuid.h @@ -376,13 +376,13 @@ int x86_cpuid_copy_to_buffer(const struct cpuid_polic= y *policy, * @param policy The cpuid_policy to unserialise into. * @param leaves The array of leaves to unserialise from. * @param nr_entries The number of entries in 'leaves'. - * @param err_leaf Optional hint filled on error. - * @param err_subleaf Optional hint filled on error. + * @param err_leaf Optional hint for error diagnostics. + * @param err_subleaf Optional hint for error diagnostics. * @returns -errno * * Reads at most CPUID_MAX_SERIALISED_LEAVES. May return -ERANGE if an * incoming leaf is out of range of cpuid_policy, in which case the option= al - * err_* pointers are filled to aid diagnostics. + * err_* pointers will identify the out-of-range indicies. * * No content validation of in-range leaves is performed. Synthesised dat= a is * recalculated. diff --git a/xen/include/xen/lib/x86/msr.h b/xen/include/xen/lib/x86/msr.h index e83a8fbb0f..203c713320 100644 --- a/xen/include/xen/lib/x86/msr.h +++ b/xen/include/xen/lib/x86/msr.h @@ -54,14 +54,14 @@ int x86_msr_copy_to_buffer(const struct msr_policy *pol= icy, * @param policy The msr_policy object to unserialise into. * @param msrs The array of msrs to unserialise from. * @param nr_entries The number of entries in 'msrs'. - * @param err_msr Optional hint filled on error. + * @param err_msr Optional hint for error diagnostics. * @returns -errno * * Reads at most MSR_MAX_SERIALISED_ENTRIES. May fail for a number of rea= sons * based on the content in an individual 'msrs' entry, including the MSR i= ndex * not being valid in the policy, the flags field being nonzero, or if the * value provided would truncate when stored in the policy. In such cases, - * the optional err_* pointer is filled in to aid diagnostics. + * the optional err_* pointer will identify the problematic MSR. * * No content validation is performed on the data stored in the policy obj= ect. */ diff --git a/xen/lib/x86/cpuid.c b/xen/lib/x86/cpuid.c index 266084e613..76b8511034 100644 --- a/xen/lib/x86/cpuid.c +++ b/xen/lib/x86/cpuid.c @@ -381,6 +381,11 @@ int x86_cpuid_copy_from_buffer(struct cpuid_policy *p, unsigned int i; xen_cpuid_leaf_t data; =20 + if ( err_leaf ) + *err_leaf =3D -1; + if ( err_subleaf ) + *err_subleaf =3D -1; + /* * A well formed caller is expected to pass an array with leaves in or= der, * and without any repetitions. However, due to per-vendor difference= s, diff --git a/xen/lib/x86/msr.c b/xen/lib/x86/msr.c index 256b5ec632..171abf7008 100644 --- a/xen/lib/x86/msr.c +++ b/xen/lib/x86/msr.c @@ -55,6 +55,9 @@ int x86_msr_copy_from_buffer(struct msr_policy *p, xen_msr_entry_t data; int rc; =20 + if ( err_msr ) + *err_msr =3D -1; + /* * A well formed caller is expected to pass an array with entries in * order, and without any repetitions. However, due to per-vendor --=20 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel From nobody Tue May 7 07:25:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org ARC-Seal: i=1; a=rsa-sha256; t=1568403037; cv=none; d=zoho.com; s=zohoarc; b=DT67lIFDwMQQ4SjpZCn7A066Rx4ICRjYhB+O72svlaae69KnnaiFyl+32IOjtZNM4GjfhOXdAmnuHdKxA1VXxPYOCsMEk5/+J5eGvjR+JdATabS4qsLGDP20EFJvSdBo37ysARIktVU+n8NNT8Se14xyKe2LOfZGPOb9Iy5gJzU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1568403037; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=ARVBRBYPbc/rzSKiP0q/N76pmaO7e+sSrPZW250Epyg=; b=byiaVZS4C8by/P+9Ut3tMUAPS/7+Ni21fsV/B0p/n472BA767kHhGql6NMVLJ6Ab4YDLWOh3IxO0pS+DmEwHuQIFpshCi+kaRANQP4U4tkqEneDFd0JK5fxNou7KsTJ75u22p+7i4JoIrIOTLnk+uJc6W2Dqzt/jI7Cw0YCwfJw= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=fail; spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1568403037471825.0279075261137; Fri, 13 Sep 2019 12:30:37 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1i8rEv-0006pR-FO; Fri, 13 Sep 2019 19:28:17 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1i8rEu-0006oV-5B for xen-devel@lists.xenproject.org; Fri, 13 Sep 2019 19:28:16 +0000 Received: from esa2.hc3370-68.iphmx.com (unknown [216.71.145.153]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id 9c5bdef9-d65c-11e9-95b9-12813bfff9fa; Fri, 13 Sep 2019 19:28:06 +0000 (UTC) X-Inumbo-ID: 9c5bdef9-d65c-11e9-95b9-12813bfff9fa DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1568402887; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=NSxqpz48anlJu4u5FGAeqGGWrRboyp0W0USHGtqzIOs=; b=P7zihcwfgPFHDLz+mj+LJynSDtnBK1DUswNCUqYlegCJJrba+z6+72pn RpixRtI6fvFpF56Wy1T9he6o46Z1wj/DWNtwSnVkDWf3qBmJbw/xtXn9g obDYwxH5M4twArFW30tV457KyIk2D+4ngSF3ig6DXywwdZJfC53hsO+oE g=; Authentication-Results: esa2.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=andrew.cooper3@citrix.com; spf=Pass smtp.mailfrom=Andrew.Cooper3@citrix.com; spf=None smtp.helo=postmaster@mail.citrix.com Received-SPF: none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Received-SPF: None (esa2.hc3370-68.iphmx.com: no sender authenticity information available from domain of andrew.cooper3@citrix.com) identity=pra; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="andrew.cooper3@citrix.com"; x-conformance=sidf_compatible Received-SPF: Pass (esa2.hc3370-68.iphmx.com: domain of Andrew.Cooper3@citrix.com designates 162.221.158.21 as permitted sender) identity=mailfrom; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="Andrew.Cooper3@citrix.com"; x-conformance=sidf_compatible; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ~all" Received-SPF: None (esa2.hc3370-68.iphmx.com: no sender authenticity information available from domain of postmaster@mail.citrix.com) identity=helo; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="postmaster@mail.citrix.com"; x-conformance=sidf_compatible IronPort-SDR: OSV/0nXyCGimodPvZaoMV4fyXYQIMxmQt9uu+/kaubKB+nvrxcH1Rcjd/VrResoPxIZBAPJ0IF slWvfp+hHfZglRxbr0jBWld/HSbtZLHqVNSEfw06q7Ez1RTRJjCTeIJvtYLQCVP2ksb97eD+S6 HVbdh+V/n91WqGutauAfJ/MKLGKqysByHuAVBOa7mtIlbTwEAUKgQyufMgpD7ZQqApOQre3s8f mUPFmfqMzo+XdCYVBcxPymzNpnc6Jtm0sNtIdrPiUpUwLZCu3d32vi3J2WgGG+FuyBRFUaJJQw XMA= X-SBRS: 2.7 X-MesageID: 5553059 X-Ironport-Server: esa2.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.64,501,1559534400"; d="scan'208";a="5553059" From: Andrew Cooper To: Xen-devel Date: Fri, 13 Sep 2019 20:27:52 +0100 Message-ID: <20190913192759.10795-4-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20190913192759.10795-1-andrew.cooper3@citrix.com> References: <20190913192759.10795-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Subject: [Xen-devel] [PATCH v2 03/10] libx86: Introduce x86_cpu_policies_are_compatible() X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Andrew Cooper , Wei Liu , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) This helper will eventually be the core "can a guest configured like this r= un on the CPU?" logic. For now, it is just enough of a stub to allow us to replace the hypercall interface while retaining the previous behaviour. It will be expanded as various other bits of CPUID handling get cleaned up. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- CC: Jan Beulich CC: Wei Liu CC: Roger Pau Monn=C3=A9 v2: * Rebase over 'plaform' typo fix * Proactively initialise the error pointer * Expand the function documentation --- tools/tests/cpu-policy/Makefile | 2 +- tools/tests/cpu-policy/test-cpu-policy.c | 111 +++++++++++++++++++++++++++= +++- xen/include/xen/lib/x86/cpu-policy.h | 26 ++++++++ xen/lib/x86/Makefile | 1 + xen/lib/x86/policy.c | 54 +++++++++++++++ 5 files changed, 191 insertions(+), 3 deletions(-) create mode 100644 xen/lib/x86/policy.c diff --git a/tools/tests/cpu-policy/Makefile b/tools/tests/cpu-policy/Makef= ile index fb548c9b9a..70ff154da6 100644 --- a/tools/tests/cpu-policy/Makefile +++ b/tools/tests/cpu-policy/Makefile @@ -39,7 +39,7 @@ CFLAGS +=3D $(APPEND_CFLAGS) =20 vpath %.c ../../../xen/lib/x86 =20 -test-cpu-policy: test-cpu-policy.o msr.o cpuid.o +test-cpu-policy: test-cpu-policy.o msr.o cpuid.o policy.o $(CC) $(CFLAGS) $^ -o $@ =20 -include $(DEPS_INCLUDE) diff --git a/tools/tests/cpu-policy/test-cpu-policy.c b/tools/tests/cpu-pol= icy/test-cpu-policy.c index 201358d210..20ebed923b 100644 --- a/tools/tests/cpu-policy/test-cpu-policy.c +++ b/tools/tests/cpu-policy/test-cpu-policy.c @@ -9,8 +9,7 @@ =20 #include #include -#include -#include +#include #include =20 static unsigned int nr_failures; @@ -503,6 +502,111 @@ static void test_cpuid_out_of_range_clearing(void) } } =20 +static void test_is_compatible_success(void) +{ + static struct test { + const char *name; + struct cpuid_policy host_cpuid; + struct cpuid_policy guest_cpuid; + struct msr_policy host_msr; + struct msr_policy guest_msr; + } tests[] =3D { + { + .name =3D "Host CPUID faulting, Guest not", + .host_msr =3D { + .platform_info.cpuid_faulting =3D true, + }, + }, + { + .name =3D "Host CPUID faulting, Guest wanted", + .host_msr =3D { + .platform_info.cpuid_faulting =3D true, + }, + .guest_msr =3D { + .platform_info.cpuid_faulting =3D true, + }, + }, + }; + struct cpu_policy_errors no_errors =3D INIT_CPU_POLICY_ERRORS; + + printf("Testing policy compatibility success:\n"); + + for ( size_t i =3D 0; i < ARRAY_SIZE(tests); ++i ) + { + struct test *t =3D &tests[i]; + struct cpu_policy sys =3D { + &t->host_cpuid, + &t->host_msr, + }, new =3D { + &t->guest_cpuid, + &t->guest_msr, + }; + struct cpu_policy_errors e; + int res =3D x86_cpu_policies_are_compatible(&sys, &new, &e); + + /* Check the expected error output. */ + if ( res !=3D 0 || memcmp(&no_errors, &e, sizeof(no_errors)) ) + fail(" Test '%s' expected no errors\n" + " got res %d { leaf %08x, subleaf %08x, msr %08x }\n", + t->name, res, e.leaf, e.subleaf, e.msr); + } +} + +static void test_is_compatible_failure(void) +{ + static struct test { + const char *name; + struct cpuid_policy host_cpuid; + struct cpuid_policy guest_cpuid; + struct msr_policy host_msr; + struct msr_policy guest_msr; + struct cpu_policy_errors e; + } tests[] =3D { + { + .name =3D "Host basic.max_leaf out of range", + .guest_cpuid.basic.max_leaf =3D 1, + .e =3D { 0, -1, -1 }, + }, + { + .name =3D "Host extd.max_leaf out of range", + .guest_cpuid.extd.max_leaf =3D 1, + .e =3D { 0x80000008, -1, -1 }, + }, + { + .name =3D "Host no CPUID faulting, Guest wanted", + .guest_msr =3D { + .platform_info.cpuid_faulting =3D true, + }, + .e =3D { -1, -1, 0xce }, + }, + }; + + printf("Testing policy compatibility failure:\n"); + + for ( size_t i =3D 0; i < ARRAY_SIZE(tests); ++i ) + { + struct test *t =3D &tests[i]; + struct cpu_policy sys =3D { + &t->host_cpuid, + &t->host_msr, + }, new =3D { + &t->guest_cpuid, + &t->guest_msr, + }; + struct cpu_policy_errors e; + int res =3D x86_cpu_policies_are_compatible(&sys, &new, &e); + + /* Check the expected error output. */ + if ( res =3D=3D 0 || memcmp(&t->e, &e, sizeof(t->e)) ) + fail(" Test '%s' res %d\n" + " expected { leaf %08x, subleaf %08x, msr %08x }\n" + " got { leaf %08x, subleaf %08x, msr %08x }\n", + t->name, res, + t->e.leaf, t->e.subleaf, t->e.msr, + e.leaf, e.subleaf, e.msr); + } +} + int main(int argc, char **argv) { printf("CPU Policy unit tests\n"); @@ -516,6 +620,9 @@ int main(int argc, char **argv) test_msr_serialise_success(); test_msr_deserialise_failure(); =20 + test_is_compatible_success(); + test_is_compatible_failure(); + if ( nr_failures ) printf("Done: %u failures\n", nr_failures); else diff --git a/xen/include/xen/lib/x86/cpu-policy.h b/xen/include/xen/lib/x86= /cpu-policy.h index 6f07c4b493..b7e38732a0 100644 --- a/xen/include/xen/lib/x86/cpu-policy.h +++ b/xen/include/xen/lib/x86/cpu-policy.h @@ -11,6 +11,32 @@ struct cpu_policy struct msr_policy *msr; }; =20 +struct cpu_policy_errors +{ + uint32_t leaf, subleaf; + uint32_t msr; +}; + +#define INIT_CPU_POLICY_ERRORS { ~0u, ~0u, ~0u } + +/* + * Calculate whether two policies are compatible. + * + * i.e. Can a VM configured with @guest run on a CPU supporting @host. + * + * @param host A cpu_policy describing the hardware capabilities. + * @param guest A cpu_policy describing the intended VM configuration. + * @param err Optional hint for error diagnostics. + * @returns -errno + * + * For typical usage, @host should be a system policy. In the case that an + * incompatibility is detected, the optional err pointer may identify the + * problematic leaf/subleaf and/or MSR. + */ +int x86_cpu_policies_are_compatible(const struct cpu_policy *host, + const struct cpu_policy *guest, + struct cpu_policy_errors *err); + #endif /* !XEN_LIB_X86_POLICIES_H */ =20 /* diff --git a/xen/lib/x86/Makefile b/xen/lib/x86/Makefile index 2f9691e964..780ea05db1 100644 --- a/xen/lib/x86/Makefile +++ b/xen/lib/x86/Makefile @@ -1,2 +1,3 @@ obj-y +=3D cpuid.o obj-y +=3D msr.o +obj-y +=3D policy.o diff --git a/xen/lib/x86/policy.c b/xen/lib/x86/policy.c new file mode 100644 index 0000000000..33a347ff9b --- /dev/null +++ b/xen/lib/x86/policy.c @@ -0,0 +1,54 @@ +#include "private.h" + +#include + +int x86_cpu_policies_are_compatible(const struct cpu_policy *host, + const struct cpu_policy *guest, + struct cpu_policy_errors *err) +{ + struct cpu_policy_errors e =3D INIT_CPU_POLICY_ERRORS; + int ret =3D -EINVAL; + + if ( err ) + *err =3D e; + +#define NA XEN_CPUID_NO_SUBLEAF +#define FAIL_CPUID(l, s) \ + do { e.leaf =3D (l); e.subleaf =3D (s); goto out; } while ( 0 ) +#define FAIL_MSR(m) \ + do { e.msr =3D (m); goto out; } while ( 0 ) + + if ( guest->cpuid->basic.max_leaf > host->cpuid->basic.max_leaf ) + FAIL_CPUID(0, NA); + + if ( guest->cpuid->extd.max_leaf > host->cpuid->extd.max_leaf ) + FAIL_CPUID(0x80000008, NA); + + /* TODO: Audit more CPUID data. */ + + if ( ~host->msr->platform_info.raw & guest->msr->platform_info.raw ) + FAIL_MSR(MSR_INTEL_PLATFORM_INFO); + +#undef FAIL_MSR +#undef FAIL_CPUID +#undef NA + + /* Success. */ + ret =3D 0; + + out: + if ( ret && err ) + *err =3D e; + + return ret; +} + +/* + * Local variables: + * mode: C + * c-file-style: "BSD" + * c-basic-offset: 4 + * tab-width: 4 + * indent-tabs-mode: nil + * End: + */ --=20 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel From nobody Tue May 7 07:25:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org ARC-Seal: i=1; a=rsa-sha256; t=1568403058; cv=none; d=zoho.com; s=zohoarc; b=KLasRuosS+h4flZxtizaWDG+Ap7GHmpKZD1+Xhw+jIHnPcnDBzpxtbIt8j98Jdky/kCpVXVHc7oj3yuihyOrkrWw5SCcBfjDWcy2h7TVfAYcMi9+LXuwnRp4t30vBDeXXqcQpk59VQ1LYpj0hNhgd/jurHIr9KpKQ7EmSyb+zxQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1568403058; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=OOwo/zWi5teTy2OEqtxMulyAJt03L6e44INpjJ8I5zQ=; b=WdrdS3S+C691o/pyt4QvCyirOi/ZHONwnTy6A17WkIQXBkqX9HQyfhEE5w7dGR+R/jWot4JpFAPhPQa2VtQ4WKAAa32H4R2WUEVSwIpkwqBd2RI9V8lccQ4JJ9VH+HqXhB9dKgcQl44MDgegilz2pi+AHW8m05pxKD5Ma0Czv9A= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=fail; spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 15684030581740.5433266724573969; Fri, 13 Sep 2019 12:30:58 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1i8rFF-00071Y-Hr; Fri, 13 Sep 2019 19:28:37 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1i8rFE-00070h-5g for xen-devel@lists.xenproject.org; Fri, 13 Sep 2019 19:28:36 +0000 Received: from esa5.hc3370-68.iphmx.com (unknown [216.71.155.168]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id 9f7b5828-d65c-11e9-95b9-12813bfff9fa; Fri, 13 Sep 2019 19:28:11 +0000 (UTC) X-Inumbo-ID: 9f7b5828-d65c-11e9-95b9-12813bfff9fa DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1568402891; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=CtZxoswxLwoE+1p95337s4yOXkbz5afQCx5L8jaPq0w=; b=AWD5Ie0jbWvbw8LvWkeas11LLQ+Nrmz2UFz73Fn8d4ET7y5RGwnpbrJo LEHppAaxf7jt6I5zl+bPCfGpj7AK5OoYo3ICdv06E+Fpj9eaknF025Xfi S9f7uinNQ/GBFDLKABwb6oahE9fV1v2m2hscxsInql1xt9ik2BXe4/doH c=; Authentication-Results: esa5.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=andrew.cooper3@citrix.com; spf=Pass smtp.mailfrom=Andrew.Cooper3@citrix.com; spf=None smtp.helo=postmaster@mail.citrix.com Received-SPF: none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Received-SPF: None (esa5.hc3370-68.iphmx.com: no sender authenticity information available from domain of andrew.cooper3@citrix.com) identity=pra; client-ip=162.221.158.21; receiver=esa5.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="andrew.cooper3@citrix.com"; x-conformance=sidf_compatible Received-SPF: Pass (esa5.hc3370-68.iphmx.com: domain of Andrew.Cooper3@citrix.com designates 162.221.158.21 as permitted sender) identity=mailfrom; client-ip=162.221.158.21; receiver=esa5.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="Andrew.Cooper3@citrix.com"; x-conformance=sidf_compatible; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ~all" Received-SPF: None (esa5.hc3370-68.iphmx.com: no sender authenticity information available from domain of postmaster@mail.citrix.com) identity=helo; client-ip=162.221.158.21; receiver=esa5.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="postmaster@mail.citrix.com"; x-conformance=sidf_compatible IronPort-SDR: a9xk/ubCjVitqvdxJ56BwgL6U+c7/Fq4N3FRgqRIMfwdWah5b2lwGWcYpl6UvlHFb6KPgDCG5B IfRa39EALdirFHu64sYmIdno5PESWX1kdR/g9SuxfryA2uXNrTBgVhpiJQ/PsJB5JU1JRXSxu4 x4a6PI/F4aOxNaZHXVCK9t/sFtBqxqgbT1ThvKdlEaMojZmy7qgVDCcn/ALbxY3UxlcHcWmkbn 6rYeOE+ovZQvAVJIDdQnZRtCkOhpfFJfiih5pjT2BWUq3EEhNI6b3HBrHMgSLjvEhcffJL/NRp GsI= X-SBRS: 2.7 X-MesageID: 5754529 X-Ironport-Server: esa5.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.64,501,1559534400"; d="scan'208";a="5754529" From: Andrew Cooper To: Xen-devel Date: Fri, 13 Sep 2019 20:27:53 +0100 Message-ID: <20190913192759.10795-5-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20190913192759.10795-1-andrew.cooper3@citrix.com> References: <20190913192759.10795-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Subject: [Xen-devel] [PATCH v2 04/10] x86/cpuid: Split update_domain_cpuid_info() in half X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Andrew Cooper , Wei Liu , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) update_domain_cpuid_info() currently serves two purposes. First to merge n= ew CPUID data from the toolstack, and second, to perform any necessary updating of derived domain/vcpu settings. The first part of this is going to be superseded by a new and substantially more efficient hypercall. Carve the second part out into a new domain_cpu_policy_changed() helper, and call this from the remains of update_domain_cpuid_info(). This does drop the call_policy_changed, but with the new hypercall in place, the common case will be a single call per domain. Dropping the optimisation here allows for a cleaner set of following changes. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- CC: Jan Beulich CC: Wei Liu CC: Roger Pau Monn=C3=A9 v2: * Drop duplicate 'hypercall' in commit message * Fix for_each_vcpu () style --- xen/arch/x86/domctl.c | 245 ++++++++++++++++++++--------------------------= ---- 1 file changed, 99 insertions(+), 146 deletions(-) diff --git a/xen/arch/x86/domctl.c b/xen/arch/x86/domctl.c index a744696c6b..48fccf2f7b 100644 --- a/xen/arch/x86/domctl.c +++ b/xen/arch/x86/domctl.c @@ -46,101 +46,14 @@ static int gdbsx_guest_mem_io(domid_t domid, struct xe= n_domctl_gdbsx_memio *iop) return iop->remain ? -EFAULT : 0; } =20 -static int update_domain_cpuid_info(struct domain *d, - const struct xen_domctl_cpuid *ctl) +static void domain_cpu_policy_changed(struct domain *d) { - struct cpuid_policy *p =3D d->arch.cpuid; - const struct cpuid_leaf leaf =3D { ctl->eax, ctl->ebx, ctl->ecx, ctl->= edx }; - int old_vendor =3D p->x86_vendor; - unsigned int old_7d0 =3D p->feat.raw[0].d, old_e8b =3D p->extd.raw[8].= b; - bool call_policy_changed =3D false; /* Avoid for_each_vcpu() unnecessa= rily */ - - /* - * Skip update for leaves we don't care about, to avoid the overhead of - * recalculate_cpuid_policy(). - */ - switch ( ctl->input[0] ) - { - case 0x00000000 ... ARRAY_SIZE(p->basic.raw) - 1: - if ( ctl->input[0] =3D=3D 4 && - ctl->input[1] >=3D ARRAY_SIZE(p->cache.raw) ) - return 0; - - if ( ctl->input[0] =3D=3D 7 && - ctl->input[1] >=3D ARRAY_SIZE(p->feat.raw) ) - return 0; - - if ( ctl->input[0] =3D=3D 0xb && - ctl->input[1] >=3D ARRAY_SIZE(p->topo.raw) ) - return 0; - - BUILD_BUG_ON(ARRAY_SIZE(p->xstate.raw) < 2); - if ( ctl->input[0] =3D=3D XSTATE_CPUID && - ctl->input[1] !=3D 1 ) /* Everything else automatically calcu= lated. */ - return 0; - break; - - case 0x40000000: case 0x40000100: - /* Only care about the max_leaf limit. */ - - case 0x80000000 ... 0x80000000 + ARRAY_SIZE(p->extd.raw) - 1: - break; - - default: - return 0; - } - - /* Insert ctl data into cpuid_policy. */ - switch ( ctl->input[0] ) - { - case 0x00000000 ... ARRAY_SIZE(p->basic.raw) - 1: - switch ( ctl->input[0] ) - { - case 4: - p->cache.raw[ctl->input[1]] =3D leaf; - break; - - case 7: - p->feat.raw[ctl->input[1]] =3D leaf; - break; - - case 0xb: - p->topo.raw[ctl->input[1]] =3D leaf; - break; - - case XSTATE_CPUID: - p->xstate.raw[ctl->input[1]] =3D leaf; - break; - - default: - p->basic.raw[ctl->input[0]] =3D leaf; - break; - } - break; - - case 0x40000000: - p->hv_limit =3D ctl->eax; - break; + const struct cpuid_policy *p =3D d->arch.cpuid; + struct vcpu *v; =20 - case 0x40000100: - p->hv2_limit =3D ctl->eax; - break; - - case 0x80000000 ... 0x80000000 + ARRAY_SIZE(p->extd.raw) - 1: - p->extd.raw[ctl->input[0] - 0x80000000] =3D leaf; - break; - } - - recalculate_cpuid_policy(d); - - switch ( ctl->input[0] ) + if ( is_pv_domain(d) ) { - case 0: - call_policy_changed =3D (p->x86_vendor !=3D old_vendor); - break; - - case 1: - if ( is_pv_domain(d) && ((levelling_caps & LCAP_1cd) =3D=3D LCAP_1= cd) ) + if ( ((levelling_caps & LCAP_1cd) =3D=3D LCAP_1cd) ) { uint64_t mask =3D cpuidmask_defaults._1cd; uint32_t ecx =3D p->basic._1c; @@ -197,25 +110,18 @@ static int update_domain_cpuid_info(struct domain *d, =20 d->arch.pv.cpuidmasks->_1cd =3D mask; } - break; =20 - case 6: - if ( is_pv_domain(d) && ((levelling_caps & LCAP_6c) =3D=3D LCAP_6c= ) ) + if ( ((levelling_caps & LCAP_6c) =3D=3D LCAP_6c) ) { uint64_t mask =3D cpuidmask_defaults._6c; =20 if ( boot_cpu_data.x86_vendor =3D=3D X86_VENDOR_AMD ) - mask &=3D (~0ULL << 32) | ctl->ecx; + mask &=3D (~0ULL << 32) | p->basic.raw[6].c; =20 d->arch.pv.cpuidmasks->_6c =3D mask; } - break; - - case 7: - if ( ctl->input[1] !=3D 0 ) - break; =20 - if ( is_pv_domain(d) && ((levelling_caps & LCAP_7ab0) =3D=3D LCAP_= 7ab0) ) + if ( ((levelling_caps & LCAP_7ab0) =3D=3D LCAP_7ab0) ) { uint64_t mask =3D cpuidmask_defaults._7ab0; =20 @@ -232,35 +138,7 @@ static int update_domain_cpuid_info(struct domain *d, d->arch.pv.cpuidmasks->_7ab0 =3D mask; } =20 - /* - * If the IBRS/IBPB policy has changed, we need to recalculate the= MSR - * interception bitmaps. - */ - call_policy_changed =3D (is_hvm_domain(d) && - ((old_7d0 ^ p->feat.raw[0].d) & - (cpufeat_mask(X86_FEATURE_IBRSB) | - cpufeat_mask(X86_FEATURE_L1D_FLUSH)))); - break; - - case 0xa: - if ( boot_cpu_data.x86_vendor !=3D X86_VENDOR_INTEL ) - break; - - /* If PMU version is zero then the guest doesn't have VPMU */ - if ( p->basic.pmu_version =3D=3D 0 ) - { - struct vcpu *v; - - for_each_vcpu ( d, v ) - vpmu_destroy(v); - } - break; - - case 0xd: - if ( ctl->input[1] !=3D 1 ) - break; - - if ( is_pv_domain(d) && ((levelling_caps & LCAP_Da1) =3D=3D LCAP_D= a1) ) + if ( ((levelling_caps & LCAP_Da1) =3D=3D LCAP_Da1) ) { uint64_t mask =3D cpuidmask_defaults.Da1; uint32_t eax =3D p->xstate.Da1; @@ -270,10 +148,8 @@ static int update_domain_cpuid_info(struct domain *d, =20 d->arch.pv.cpuidmasks->Da1 =3D mask; } - break; =20 - case 0x80000001: - if ( is_pv_domain(d) && ((levelling_caps & LCAP_e1cd) =3D=3D LCAP_= e1cd) ) + if ( ((levelling_caps & LCAP_e1cd) =3D=3D LCAP_e1cd) ) { uint64_t mask =3D cpuidmask_defaults.e1cd; uint32_t ecx =3D p->extd.e1c; @@ -317,27 +193,104 @@ static int update_domain_cpuid_info(struct domain *d, =20 d->arch.pv.cpuidmasks->e1cd =3D mask; } + } + + for_each_vcpu ( d, v ) + { + cpuid_policy_updated(v); + + /* If PMU version is zero then the guest doesn't have VPMU */ + if ( boot_cpu_data.x86_vendor =3D=3D X86_VENDOR_INTEL && + p->basic.pmu_version =3D=3D 0 ) + vpmu_destroy(v); + } +} + +static int update_domain_cpuid_info(struct domain *d, + const struct xen_domctl_cpuid *ctl) +{ + struct cpuid_policy *p =3D d->arch.cpuid; + const struct cpuid_leaf leaf =3D { ctl->eax, ctl->ebx, ctl->ecx, ctl->= edx }; + + /* + * Skip update for leaves we don't care about, to avoid the overhead of + * recalculate_cpuid_policy(). + */ + switch ( ctl->input[0] ) + { + case 0x00000000 ... ARRAY_SIZE(p->basic.raw) - 1: + if ( ctl->input[0] =3D=3D 4 && + ctl->input[1] >=3D ARRAY_SIZE(p->cache.raw) ) + return 0; + + if ( ctl->input[0] =3D=3D 7 && + ctl->input[1] >=3D ARRAY_SIZE(p->feat.raw) ) + return 0; + + if ( ctl->input[0] =3D=3D 0xb && + ctl->input[1] >=3D ARRAY_SIZE(p->topo.raw) ) + return 0; + + BUILD_BUG_ON(ARRAY_SIZE(p->xstate.raw) < 2); + if ( ctl->input[0] =3D=3D XSTATE_CPUID && + ctl->input[1] !=3D 1 ) /* Everything else automatically calcu= lated. */ + return 0; break; =20 - case 0x80000008: - /* - * If the IBPB policy has changed, we need to recalculate the MSR - * interception bitmaps. - */ - call_policy_changed =3D (is_hvm_domain(d) && - ((old_e8b ^ p->extd.raw[8].b) & - cpufeat_mask(X86_FEATURE_IBPB))); + case 0x40000000: case 0x40000100: + /* Only care about the max_leaf limit. */ + + case 0x80000000 ... 0x80000000 + ARRAY_SIZE(p->extd.raw) - 1: break; + + default: + return 0; } =20 - if ( call_policy_changed ) + /* Insert ctl data into cpuid_policy. */ + switch ( ctl->input[0] ) { - struct vcpu *v; + case 0x00000000 ... ARRAY_SIZE(p->basic.raw) - 1: + switch ( ctl->input[0] ) + { + case 4: + p->cache.raw[ctl->input[1]] =3D leaf; + break; + + case 7: + p->feat.raw[ctl->input[1]] =3D leaf; + break; + + case 0xb: + p->topo.raw[ctl->input[1]] =3D leaf; + break; =20 - for_each_vcpu( d, v ) - cpuid_policy_updated(v); + case XSTATE_CPUID: + p->xstate.raw[ctl->input[1]] =3D leaf; + break; + + default: + p->basic.raw[ctl->input[0]] =3D leaf; + break; + } + break; + + case 0x40000000: + p->hv_limit =3D ctl->eax; + break; + + case 0x40000100: + p->hv2_limit =3D ctl->eax; + break; + + case 0x80000000 ... 0x80000000 + ARRAY_SIZE(p->extd.raw) - 1: + p->extd.raw[ctl->input[0] - 0x80000000] =3D leaf; + break; } =20 + recalculate_cpuid_policy(d); + domain_cpu_policy_changed(d); + return 0; } =20 --=20 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel From nobody Tue May 7 07:25:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org ARC-Seal: i=1; a=rsa-sha256; t=1568403041; cv=none; d=zoho.com; s=zohoarc; b=M6TGVV/Dhhrmd492wJFCM+PIS8fOU7oxvsyRAOBuejh+IzVdkXLojryzr4vpu+X4uaOX6GEx8J/cBw3eQISsrchu+9DAbm8eFRZUjJnB9wQ80uAUtjqGQgGftRigS292CBS97luS3baSwFKtRYdPmNjv90q+ebTSy1VH5+Zvq84= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1568403041; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=+NxQo33Y1dCWFfQsvcqgqeoSWVr5VNu1dQ9LFQZORXc=; b=DG6wNcg2GdT29oCTAQCMKuXjz2YdIkEjOga9gi0hMrJ0DBaq63oNdVf6dV7Z/96nX6DWegFgQlLBecFXbcfmMJJGe+BdKKpaMon2aDXwH6it09SLAw487lO/T94DsHZMSj96I4inch+2eohBMmLuyjVInGAQmozF1YfxeqVyp+4= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=fail; spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1568403041412533.7432783658787; Fri, 13 Sep 2019 12:30:41 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1i8rEw-0006q8-Qa; Fri, 13 Sep 2019 19:28:18 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1i8rEv-0006pQ-DS for xen-devel@lists.xenproject.org; Fri, 13 Sep 2019 19:28:17 +0000 Received: from esa2.hc3370-68.iphmx.com (unknown [216.71.145.153]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id 9d1cd2b4-d65c-11e9-a337-bc764e2007e4; Fri, 13 Sep 2019 19:28:07 +0000 (UTC) X-Inumbo-ID: 9d1cd2b4-d65c-11e9-a337-bc764e2007e4 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1568402888; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=YbW7SS92a1SCXA6E4gpxQoKvv/lPGhwZNvL2NxV9CWA=; b=OE1TJGG9Raf2b/dIKMB6m2tgvAR9oQYcjmuwNS/cPOGKNgbiVXq7gT2m rgTxBnDunkOEnU8A9gOxBVaoFW6RwXKTb+rmH3yn7wSnJOKeGe6H8mQlJ /L5IfGUyAEA0cue8YhrWq6qQH27uGL71trD5tzt2s7kdzL3he6PWiidgK k=; Authentication-Results: esa2.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=andrew.cooper3@citrix.com; spf=Pass smtp.mailfrom=Andrew.Cooper3@citrix.com; spf=None smtp.helo=postmaster@mail.citrix.com Received-SPF: none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Received-SPF: None (esa2.hc3370-68.iphmx.com: no sender authenticity information available from domain of andrew.cooper3@citrix.com) identity=pra; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="andrew.cooper3@citrix.com"; x-conformance=sidf_compatible Received-SPF: Pass (esa2.hc3370-68.iphmx.com: domain of Andrew.Cooper3@citrix.com designates 162.221.158.21 as permitted sender) identity=mailfrom; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="Andrew.Cooper3@citrix.com"; x-conformance=sidf_compatible; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ~all" Received-SPF: None (esa2.hc3370-68.iphmx.com: no sender authenticity information available from domain of postmaster@mail.citrix.com) identity=helo; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="postmaster@mail.citrix.com"; x-conformance=sidf_compatible IronPort-SDR: 3rq8c88b/Cf/vHaODqynd0eTcZXExqK7OG/Be/rAtY3sp5By84LDh4QYeoq9fIwFQ8EEsAhkrH ib8qFlJO/i6kFCZ3arkvpkcokmOpzEJfXmcdn9YyYvgs8XRLsM3qiLgIoptDHpFMmOhgt2V5W1 3JUsJiG9qXqT3O70Q7t/zNy7+zZn1a7CPbsq+YirNqBcUU5tZMmr8AqyV8Zp0O1Q/C93XafTUh Fk4RDhFBr54dgWS3eXy9sRwIWIl6+KqLWXdBfJT3ZeCTAzGxJcVUqBFxsX4HTXOdQl86hBHplP FsI= X-SBRS: 2.7 X-MesageID: 5553061 X-Ironport-Server: esa2.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.64,501,1559534400"; d="scan'208";a="5553061" From: Andrew Cooper To: Xen-devel Date: Fri, 13 Sep 2019 20:27:54 +0100 Message-ID: <20190913192759.10795-6-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20190913192759.10795-1-andrew.cooper3@citrix.com> References: <20190913192759.10795-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Subject: [Xen-devel] [PATCH v2 05/10] x86/domctl: Implement XEN_DOMCTL_set_cpumsr_policy X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Sergey Dyasli , Wei Liu , Andrew Cooper , Ian Jackson , Jan Beulich , Daniel De Graaf , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) This hypercall allows the toolstack to present one combined CPUID and MSR policy for a domain, which can be audited in one go by Xen, which is necess= ary for correctness of the auditing. Reuse the existing set_cpuid XSM access vector, as this is logically the sa= me operation. As x86_cpu_policies_are_compatible() is still only a stub, retain the call = to recalculate_cpuid_policy() to discard unsafe toolstack settings. Signed-off-by: Andrew Cooper Signed-off-by: Sergey Dyasli Signed-off-by: Roger Pau Monn=C3=A9 Reviewed-by: Jan Beulich --- CC: Jan Beulich CC: Ian Jackson CC: Wei Liu CC: Roger Pau Monn=C3=A9 CC: Daniel De Graaf v2: * Bump the DOMCTL interface version * Proactively set the error pointers in xc_set_domain_cpu_policy() * Adjust domctl API documentation to reflect that not all DOMCTL failures will write the error pointers. --- tools/libxc/include/xenctrl.h | 5 +++ tools/libxc/xc_cpuid_x86.c | 46 +++++++++++++++++++++ xen/arch/x86/domctl.c | 80 +++++++++++++++++++++++++++++++++= ++++ xen/include/public/domctl.h | 18 ++++++--- xen/xsm/flask/hooks.c | 1 + xen/xsm/flask/policy/access_vectors | 1 + 6 files changed, 146 insertions(+), 5 deletions(-) diff --git a/tools/libxc/include/xenctrl.h b/tools/libxc/include/xenctrl.h index 7559e1bc69..0da437318e 100644 --- a/tools/libxc/include/xenctrl.h +++ b/tools/libxc/include/xenctrl.h @@ -2530,6 +2530,11 @@ int xc_get_system_cpu_policy(xc_interface *xch, uint= 32_t index, int xc_get_domain_cpu_policy(xc_interface *xch, uint32_t domid, uint32_t *nr_leaves, xen_cpuid_leaf_t *leaves, uint32_t *nr_msrs, xen_msr_entry_t *msrs); +int xc_set_domain_cpu_policy(xc_interface *xch, uint32_t domid, + uint32_t nr_leaves, xen_cpuid_leaf_t *leaves, + uint32_t nr_msrs, xen_msr_entry_t *msrs, + uint32_t *err_leaf_p, uint32_t *err_subleaf_p, + uint32_t *err_msr_p); =20 uint32_t xc_get_cpu_featureset_size(void); =20 diff --git a/tools/libxc/xc_cpuid_x86.c b/tools/libxc/xc_cpuid_x86.c index b829336082..0f07317b54 100644 --- a/tools/libxc/xc_cpuid_x86.c +++ b/tools/libxc/xc_cpuid_x86.c @@ -229,6 +229,52 @@ int xc_get_domain_cpu_policy(xc_interface *xch, uint32= _t domid, return ret; } =20 +int xc_set_domain_cpu_policy(xc_interface *xch, uint32_t domid, + uint32_t nr_leaves, xen_cpuid_leaf_t *leaves, + uint32_t nr_msrs, xen_msr_entry_t *msrs, + uint32_t *err_leaf_p, uint32_t *err_subleaf_p, + uint32_t *err_msr_p) +{ + DECLARE_DOMCTL; + DECLARE_HYPERCALL_BOUNCE(leaves, + nr_leaves * sizeof(*leaves), + XC_HYPERCALL_BUFFER_BOUNCE_IN); + DECLARE_HYPERCALL_BOUNCE(msrs, + nr_msrs * sizeof(*msrs), + XC_HYPERCALL_BUFFER_BOUNCE_IN); + int ret; + + if ( xc_hypercall_bounce_pre(xch, leaves) ) + return -1; + + if ( xc_hypercall_bounce_pre(xch, msrs) ) + return -1; + + domctl.cmd =3D XEN_DOMCTL_set_cpu_policy; + domctl.domain =3D domid; + domctl.u.cpu_policy.nr_leaves =3D nr_leaves; + set_xen_guest_handle(domctl.u.cpu_policy.cpuid_policy, leaves); + domctl.u.cpu_policy.nr_msrs =3D nr_msrs; + set_xen_guest_handle(domctl.u.cpu_policy.msr_policy, msrs); + domctl.u.cpu_policy.err_leaf =3D ~0; + domctl.u.cpu_policy.err_subleaf =3D ~0; + domctl.u.cpu_policy.err_msr =3D ~0; + + ret =3D do_domctl(xch, &domctl); + + xc_hypercall_bounce_post(xch, leaves); + xc_hypercall_bounce_post(xch, msrs); + + if ( err_leaf_p ) + *err_leaf_p =3D domctl.u.cpu_policy.err_leaf; + if ( err_subleaf_p ) + *err_subleaf_p =3D domctl.u.cpu_policy.err_subleaf; + if ( err_msr_p ) + *err_msr_p =3D domctl.u.cpu_policy.err_msr; + + return ret; +} + struct cpuid_domain_info { unsigned int vendor; /* X86_VENDOR_* */ diff --git a/xen/arch/x86/domctl.c b/xen/arch/x86/domctl.c index 48fccf2f7b..97ced32c21 100644 --- a/xen/arch/x86/domctl.c +++ b/xen/arch/x86/domctl.c @@ -294,6 +294,65 @@ static int update_domain_cpuid_info(struct domain *d, return 0; } =20 +static int update_domain_cpu_policy(struct domain *d, + xen_domctl_cpu_policy_t *xdpc) +{ + struct cpu_policy new =3D {}; + const struct cpu_policy *sys =3D is_pv_domain(d) + ? &system_policies[XEN_SYSCTL_cpu_policy_pv_max] + : &system_policies[XEN_SYSCTL_cpu_policy_hvm_max]; + struct cpu_policy_errors err =3D INIT_CPU_POLICY_ERRORS; + int ret =3D -ENOMEM; + + /* Start by copying the domain's existing policies. */ + if ( !(new.cpuid =3D xmemdup(d->arch.cpuid)) || + !(new.msr =3D xmemdup(d->arch.msr)) ) + goto out; + + /* Merge the toolstack provided data. */ + if ( (ret =3D x86_cpuid_copy_from_buffer( + new.cpuid, xdpc->cpuid_policy, xdpc->nr_leaves, + &err.leaf, &err.subleaf)) || + (ret =3D x86_msr_copy_from_buffer( + new.msr, xdpc->msr_policy, xdpc->nr_msrs, &err.msr)) ) + goto out; + + /* Trim any newly-stale out-of-range leaves. */ + x86_cpuid_policy_clear_out_of_range_leaves(new.cpuid); + + /* Audit the combined dataset. */ + ret =3D x86_cpu_policies_are_compatible(sys, &new, &err); + if ( ret ) + goto out; + + /* + * Audit was successful. Replace existing policies, leaving the old + * policies to be freed. + */ + SWAP(new.cpuid, d->arch.cpuid); + SWAP(new.msr, d->arch.msr); + + /* TODO: Drop when x86_cpu_policies_are_compatible() is completed. */ + recalculate_cpuid_policy(d); + + /* Recalculate relevant dom/vcpu state now the policy has changed. */ + domain_cpu_policy_changed(d); + + out: + /* Free whichever cpuid/msr structs are not installed in struct domain= . */ + xfree(new.cpuid); + xfree(new.msr); + + if ( ret ) + { + xdpc->err_leaf =3D err.leaf; + xdpc->err_subleaf =3D err.subleaf; + xdpc->err_msr =3D err.msr; + } + + return ret; +} + static int vcpu_set_vmce(struct vcpu *v, const struct xen_domctl_ext_vcpucontext *evc) { @@ -1476,6 +1535,27 @@ long arch_do_domctl( copyback =3D true; break; =20 + case XEN_DOMCTL_set_cpu_policy: + if ( d =3D=3D currd ) /* No domain_pause() */ + { + ret =3D -EINVAL; + break; + } + + domain_pause(d); + + if ( d->creation_finished ) + ret =3D -EEXIST; /* No changing once the domain is running. */ + else + { + ret =3D update_domain_cpu_policy(d, &domctl->u.cpu_policy); + if ( ret ) /* Copy domctl->u.cpu_policy.err_* to guest. */ + copyback =3D true; + } + + domain_unpause(d); + break; + default: ret =3D iommu_do_domctl(domctl, d, u_domctl); break; diff --git a/xen/include/public/domctl.h b/xen/include/public/domctl.h index 77f546cbb8..bd7d26545d 100644 --- a/xen/include/public/domctl.h +++ b/xen/include/public/domctl.h @@ -38,7 +38,7 @@ #include "hvm/save.h" #include "memory.h" =20 -#define XEN_DOMCTL_INTERFACE_VERSION 0x00000011 +#define XEN_DOMCTL_INTERFACE_VERSION 0x00000012 =20 /* * NB. xen_domctl.domain is an IN/OUT parameter for this operation. @@ -658,17 +658,24 @@ struct xen_domctl_cpuid { }; =20 /* - * XEN_DOMCTL_get_cpu_policy (x86 specific) + * XEN_DOMCTL_{get,set}_cpu_policy (x86 specific) * - * Query the CPUID and MSR policies for a specific domain. + * Query or set the CPUID and MSR policies for a specific domain. */ struct xen_domctl_cpu_policy { uint32_t nr_leaves; /* IN/OUT: Number of leaves in/written to * 'cpuid_policy'. */ uint32_t nr_msrs; /* IN/OUT: Number of MSRs in/written to * 'msr_domain_policy' */ - XEN_GUEST_HANDLE_64(xen_cpuid_leaf_t) cpuid_policy; /* OUT */ - XEN_GUEST_HANDLE_64(xen_msr_entry_t) msr_policy; /* OUT */ + XEN_GUEST_HANDLE_64(xen_cpuid_leaf_t) cpuid_policy; /* IN/OUT */ + XEN_GUEST_HANDLE_64(xen_msr_entry_t) msr_policy; /* IN/OUT */ + + /* + * OUT, set_policy only. Written in some (but not all) error cases to + * identify problem the CPUID leaf/subleaf and/or MSR which auditing + * objects to. + */ + uint32_t err_leaf, err_subleaf, err_msr; }; typedef struct xen_domctl_cpu_policy xen_domctl_cpu_policy_t; DEFINE_XEN_GUEST_HANDLE(xen_domctl_cpu_policy_t); @@ -1193,6 +1200,7 @@ struct xen_domctl { /* #define XEN_DOMCTL_set_gnttab_limits 80 - Moved into XEN_DOMCT= L_createdomain */ #define XEN_DOMCTL_vuart_op 81 #define XEN_DOMCTL_get_cpu_policy 82 +#define XEN_DOMCTL_set_cpu_policy 83 #define XEN_DOMCTL_gdbsx_guestmemio 1000 #define XEN_DOMCTL_gdbsx_pausevcpu 1001 #define XEN_DOMCTL_gdbsx_unpausevcpu 1002 diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c index 6800f2d9a0..b23772786a 100644 --- a/xen/xsm/flask/hooks.c +++ b/xen/xsm/flask/hooks.c @@ -715,6 +715,7 @@ static int flask_domctl(struct domain *d, int cmd) case XEN_DOMCTL_set_virq_handler: return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SET_VIRQ_HANDL= ER); =20 + case XEN_DOMCTL_set_cpu_policy: case XEN_DOMCTL_set_cpuid: return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__SET_CPUID); =20 diff --git a/xen/xsm/flask/policy/access_vectors b/xen/xsm/flask/policy/acc= ess_vectors index 76f3d60ddd..6f3f9493f8 100644 --- a/xen/xsm/flask/policy/access_vectors +++ b/xen/xsm/flask/policy/access_vectors @@ -207,6 +207,7 @@ class domain2 # source =3D the domain making the hypercall # target =3D the new target domain set_as_target +# XEN_DOMCTL_set_cpu_policy # XEN_DOMCTL_set_cpuid set_cpuid # XEN_DOMCTL_gettscinfo --=20 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel From nobody Tue May 7 07:25:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org ARC-Seal: i=1; a=rsa-sha256; t=1568403048; cv=none; d=zoho.com; s=zohoarc; b=WXa0+8mcgwPFjVud0/Hf8GEmlTA9QdmHqYTQ6ItP/kKr4YlNiPvrTnougH86eJjC2txJwbqE86NxN0ZxVfJvd22wqyBG1QE16V0Sx6AB0wrqxodGKWTeqYRtfmPYemghqSNXWtZSy6VGjZJcAC8Nzy+XZwza9F31vp9rUYRCQTI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1568403048; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=fdXcgX9AkJ6edP2yao4NSz5jP76ZfHIpcHS6/ZFGRN4=; b=KizJJsdtCg3quAmVOQJ4a8O8bmeZxF0bntAfN9U9OfAJjAVsHQu8b3nCKrW6xiQHlz+fcFP+nViYNMQ1cx0LZ+zQiATyTwRb9ixsoytS/r3B+3BgvBe7ejFv54ikJCawZtSk/KO7cXsXfjFgIke4AgVSNxniHWZH+OWXX6SBqWg= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=fail; spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1568403048196580.3740278358715; Fri, 13 Sep 2019 12:30:48 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1i8rF4-0006uY-On; Fri, 13 Sep 2019 19:28:26 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1i8rF4-0006uD-5r for xen-devel@lists.xenproject.org; Fri, 13 Sep 2019 19:28:26 +0000 Received: from esa5.hc3370-68.iphmx.com (unknown [216.71.155.168]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id 9e8fe85d-d65c-11e9-95b9-12813bfff9fa; Fri, 13 Sep 2019 19:28:10 +0000 (UTC) X-Inumbo-ID: 9e8fe85d-d65c-11e9-95b9-12813bfff9fa DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1568402890; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=/upZBzGAszcwIpyuQpeTBNr65pTRgh7FR1YW/jSBUGQ=; b=AQztp1ba922OoAgxQQx2+Bnx+PxssqJQhDbNw7T+yTl1+YvfUy3amO4E ymxRGGk7tqmB2NY0QMpfk1lkOtEDZilVj7VvobdvDsJ+QabCoJ+wot5qK JGzLrLoszo1Pe8iIxmVg0BWPs3758S8zHXuVAOyCGq7Z420ONjonXdGB5 w=; Authentication-Results: esa5.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=andrew.cooper3@citrix.com; spf=Pass smtp.mailfrom=Andrew.Cooper3@citrix.com; spf=None smtp.helo=postmaster@mail.citrix.com Received-SPF: none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Received-SPF: None (esa5.hc3370-68.iphmx.com: no sender authenticity information available from domain of andrew.cooper3@citrix.com) identity=pra; client-ip=162.221.158.21; receiver=esa5.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="andrew.cooper3@citrix.com"; x-conformance=sidf_compatible Received-SPF: Pass (esa5.hc3370-68.iphmx.com: domain of Andrew.Cooper3@citrix.com designates 162.221.158.21 as permitted sender) identity=mailfrom; client-ip=162.221.158.21; receiver=esa5.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="Andrew.Cooper3@citrix.com"; x-conformance=sidf_compatible; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ~all" Received-SPF: None (esa5.hc3370-68.iphmx.com: no sender authenticity information available from domain of postmaster@mail.citrix.com) identity=helo; client-ip=162.221.158.21; receiver=esa5.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="postmaster@mail.citrix.com"; x-conformance=sidf_compatible IronPort-SDR: Ci7k6c0lS09hF1NJvcVfiHB4szfMArsf6lPR7cg3ZEpIiHn6b3sJers+Sl+liUFZbiI/kMRL3l T56rOkp0Q3InVBo0F4GqM3ZxxKFmvCrvFIUYSHj6H2pn4aXqgfrU4TGEXPOtsBMZFjEhVd4+9P A5KhrOGk/VyOw2J5VB4v0nx0WWvyY+8TLiX3dWZQU3nB1SW5PJD7BL1DFeSIt0cza6KYPkcbLV L/3wDIrfXEBQzM0oW6z2YqaHsGEZCAkZEE413kTgXr9EH0jVGv+LzINU5H+j9eR5jhczPe6w9+ ye0= X-SBRS: 2.7 X-MesageID: 5754526 X-Ironport-Server: esa5.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.64,501,1559534400"; d="scan'208";a="5754526" From: Andrew Cooper To: Xen-devel Date: Fri, 13 Sep 2019 20:27:55 +0100 Message-ID: <20190913192759.10795-7-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20190913192759.10795-1-andrew.cooper3@citrix.com> References: <20190913192759.10795-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Subject: [Xen-devel] [PATCH v2 06/10] tools/libxc: Pre-cleanup for xc_cpuid_{set, apply_policy}() X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Andrew Cooper , Ian Jackson , Wei Liu , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) This patch is broken out just to simplify the following two. For xc_cpuid_set(), document how the 's' and 'k' options works because it is quite subtle. Replace a memset() with a for loop of 4 explicit NULL assigments. This mirrors the free()'s in the fail path. For xc_cpuid_apply_policy(), const-ify the featureset pointer. It isn't written to, and was never intended to be mutable. Drop three pieces of trailing whitespace. No functional change. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- CC: Jan Beulich CC: Wei Liu CC: Roger Pau Monn=C3=A9 CC: Ian Jackson v2: * Adjust the comments to include 's' along with 'k' --- tools/libxc/include/xenctrl.h | 2 +- tools/libxc/xc_cpuid_x86.c | 21 ++++++++++++++------- 2 files changed, 15 insertions(+), 8 deletions(-) diff --git a/tools/libxc/include/xenctrl.h b/tools/libxc/include/xenctrl.h index 0da437318e..f4431687b3 100644 --- a/tools/libxc/include/xenctrl.h +++ b/tools/libxc/include/xenctrl.h @@ -1800,7 +1800,7 @@ int xc_cpuid_set(xc_interface *xch, char **config_transformed); int xc_cpuid_apply_policy(xc_interface *xch, uint32_t domid, - uint32_t *featureset, + const uint32_t *featureset, unsigned int nr_features); int xc_mca_op(xc_interface *xch, struct xen_mc *mc); int xc_mca_op_inject_v2(xc_interface *xch, unsigned int flags, diff --git a/tools/libxc/xc_cpuid_x86.c b/tools/libxc/xc_cpuid_x86.c index 0f07317b54..8785cae329 100644 --- a/tools/libxc/xc_cpuid_x86.c +++ b/tools/libxc/xc_cpuid_x86.c @@ -1,5 +1,5 @@ /*************************************************************************= ***** - * xc_cpuid_x86.c=20 + * xc_cpuid_x86.c * * Compute cpuid of a domain. * @@ -329,7 +329,7 @@ static void cpuid(const unsigned int *input, unsigned i= nt *regs) =20 static int get_cpuid_domain_info(xc_interface *xch, uint32_t domid, struct cpuid_domain_info *info, - uint32_t *featureset, + const uint32_t *featureset, unsigned int nr_features) { struct xen_domctl domctl =3D {}; @@ -804,8 +804,7 @@ static void sanitise_featureset(struct cpuid_domain_inf= o *info) } =20 int xc_cpuid_apply_policy(xc_interface *xch, uint32_t domid, - uint32_t *featureset, - unsigned int nr_features) + const uint32_t *featureset, unsigned int nr_feat= ures) { struct cpuid_domain_info info =3D {}; unsigned int input[2] =3D { 0, 0 }, regs[4]; @@ -895,7 +894,7 @@ int xc_cpuid_apply_policy(xc_interface *xch, uint32_t d= omid, * 'k' -> pass through host value * 's' -> pass through the first time and then keep the same value * across save/restore and migration. - *=20 + * * For 's' and 'x' the configuration is overwritten with the value applied. */ int xc_cpuid_set( @@ -906,7 +905,8 @@ int xc_cpuid_set( unsigned int i, j, regs[4], polregs[4]; struct cpuid_domain_info info =3D {}; =20 - memset(config_transformed, 0, 4 * sizeof(*config_transformed)); + for ( i =3D 0; i < 4; ++i ) + config_transformed[i] =3D NULL; =20 rc =3D get_cpuid_domain_info(xch, domid, &info, NULL, 0); if ( rc ) @@ -924,7 +924,7 @@ int xc_cpuid_set( regs[i] =3D polregs[i]; continue; } - =20 + config_transformed[i] =3D calloc(33, 1); /* 32 bits, NUL terminato= r. */ if ( config_transformed[i] =3D=3D NULL ) { @@ -932,6 +932,13 @@ int xc_cpuid_set( goto fail; } =20 + /* + * Notes for following this algorithm: + * + * While it will accept any leaf data, it only makes sense to use = on + * feature leaves. regs[] initially contains the host values. Th= is, + * with the fall-through chain is how the 's' and 'k' options work= s. + */ for ( j =3D 0; j < 32; j++ ) { unsigned char val =3D !!((regs[i] & (1U << (31 - j)))); --=20 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel From nobody Tue May 7 07:25:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org ARC-Seal: i=1; a=rsa-sha256; t=1568403036; cv=none; d=zoho.com; s=zohoarc; b=RqwvMtXB6nUkNIdxNS+/Ta7lZcbpneJYrIkSlviqpEaQ1Rv9F9xJaswNJkMMZxSygiFbm2cIcWEYy2wfEyC98xysbnF4SRgVijoVD8rNq/CRJVBg5y8Yl3CMWTFDNoTp1tTnThoqiz6SHCH8+QbXzvoFrp4SVemXtnl3nbqVdSU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1568403036; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=EQWIaXNI4xWqHWRvfMhM0Tl5+ZZNKn73U6uvrZ+17Yc=; b=bYSo0cDXZscsV0PkFhBp7l/craShYJW0oVu26I9PgrOmKLkfiSOkWV8/cSD0cWFequLc9sKuTphctoDG8ARHOnbMVxTvaJ+E/3FXebr2jhLtZ5VdE4XUXYY7Cs9yAQCZM7F6q0XrbRYu+pIMs1KDGfmCTp9IOqayuygpXF6WRSk= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=fail; spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1568403036066547.6302785970032; Fri, 13 Sep 2019 12:30:36 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1i8rEr-0006nL-VU; Fri, 13 Sep 2019 19:28:13 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1i8rEq-0006n8-Ck for xen-devel@lists.xenproject.org; Fri, 13 Sep 2019 19:28:12 +0000 Received: from esa2.hc3370-68.iphmx.com (unknown [216.71.145.153]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id 9ccc2f6c-d65c-11e9-a337-bc764e2007e4; Fri, 13 Sep 2019 19:28:07 +0000 (UTC) X-Inumbo-ID: 9ccc2f6c-d65c-11e9-a337-bc764e2007e4 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1568402888; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=KxL0uF2fdDQlL0Z8KL8i80DFo81YGc/cGCmm6s1ebNU=; b=dOktXEOmTXmBv5tS/DWE+6o/VqerM7tWbGBXZlA+8Y6Qtey4PjACGIus C4MQRVRNw/a298xlNjdr7BgCbKGFr1Z4FtqTbk/U3nj7i088faS+4U/LI QqxfIbLdIaqql5zaNqrhQwG9Z/7Fra41GInh1pxzxqAOA4swRqK4jvc2p Y=; Authentication-Results: esa2.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=andrew.cooper3@citrix.com; spf=Pass smtp.mailfrom=Andrew.Cooper3@citrix.com; spf=None smtp.helo=postmaster@mail.citrix.com Received-SPF: none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Received-SPF: None (esa2.hc3370-68.iphmx.com: no sender authenticity information available from domain of andrew.cooper3@citrix.com) identity=pra; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="andrew.cooper3@citrix.com"; x-conformance=sidf_compatible Received-SPF: Pass (esa2.hc3370-68.iphmx.com: domain of Andrew.Cooper3@citrix.com designates 162.221.158.21 as permitted sender) identity=mailfrom; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="Andrew.Cooper3@citrix.com"; x-conformance=sidf_compatible; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ~all" Received-SPF: None (esa2.hc3370-68.iphmx.com: no sender authenticity information available from domain of postmaster@mail.citrix.com) identity=helo; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="postmaster@mail.citrix.com"; x-conformance=sidf_compatible IronPort-SDR: kONV0tIMmPtfzNhFdtJRIP8t8gpPESNuhXx3RYJ+BcSileBkqC+fI9yURoJJpvHkalyjHnXcPT oE2ONdPXpV5Qyk/IIkObJQv3zqE3kBW4dJBdmz7tGMBYc9XLQI60yNlaVjNKHY/gYdl2xgF2a3 acdcQ8EcBl8mKZeLsigHDO13MYf5S57R8RQQVRdwlmLGSVqW8FfgSQO2bgB/cllu/HvC+ET+fh zuA9VbWxuHKKCltrw3XWZ8p545TDA7GaHkHSEEcOw1JM9AGkgsSi1h6wpYa7KYVIM0A/7WaoWk W1s= X-SBRS: 2.7 X-MesageID: 5553060 X-Ironport-Server: esa2.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.64,501,1559534400"; d="scan'208";a="5553060" From: Andrew Cooper To: Xen-devel Date: Fri, 13 Sep 2019 20:27:56 +0100 Message-ID: <20190913192759.10795-8-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20190913192759.10795-1-andrew.cooper3@citrix.com> References: <20190913192759.10795-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Subject: [Xen-devel] [PATCH v2 07/10] tools/libxc: Rework xc_cpuid_set() to use {get, set}_cpu_policy() X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Andrew Cooper , Ian Jackson , Wei Liu , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) The purpose of this change is to stop using xc_cpuid_do_domctl(), and to st= op basing decisions on a local CPUID instruction. This is not an appropriate = way to construct policy information for other domains. Obtain the host and domain-max policies from Xen, and mix the results as before. Provide rather more error logging than before. No semantics changes to xc_cpuid_set(). There are conceptual problems with how the function works, which will be addressed in future toolstack work. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- CC: Jan Beulich CC: Wei Liu CC: Roger Pau Monn=C3=A9 CC: Ian Jackson --- tools/libxc/xc_cpuid_x86.c | 95 ++++++++++++++++++++++++++++++++++++++++--= ---- 1 file changed, 84 insertions(+), 11 deletions(-) diff --git a/tools/libxc/xc_cpuid_x86.c b/tools/libxc/xc_cpuid_x86.c index 8785cae329..77f96a4ea6 100644 --- a/tools/libxc/xc_cpuid_x86.c +++ b/tools/libxc/xc_cpuid_x86.c @@ -902,20 +902,80 @@ int xc_cpuid_set( const char **config, char **config_transformed) { int rc; - unsigned int i, j, regs[4], polregs[4]; - struct cpuid_domain_info info =3D {}; + unsigned int i, j, regs[4] =3D {}, polregs[4] =3D {}; + xc_dominfo_t di; + xen_cpuid_leaf_t *leaves =3D NULL; + unsigned int nr_leaves, policy_leaves, nr_msrs; + uint32_t err_leaf =3D -1, err_subleaf =3D -1, err_msr =3D -1; =20 for ( i =3D 0; i < 4; ++i ) config_transformed[i] =3D NULL; =20 - rc =3D get_cpuid_domain_info(xch, domid, &info, NULL, 0); + if ( xc_domain_getinfo(xch, domid, 1, &di) !=3D 1 || + di.domid !=3D domid ) + { + ERROR("Failed to obtain d%d info", domid); + rc =3D -ESRCH; + goto fail; + } + + rc =3D xc_get_cpu_policy_size(xch, &nr_leaves, &nr_msrs); if ( rc ) - goto out; + { + PERROR("Failed to obtain policy info size"); + rc =3D -errno; + goto fail; + } =20 - cpuid(input, regs); + rc =3D -ENOMEM; + if ( (leaves =3D calloc(nr_leaves, sizeof(*leaves))) =3D=3D NULL ) + { + ERROR("Unable to allocate memory for %u CPUID leaves", nr_leaves); + goto fail; + } =20 - memcpy(polregs, regs, sizeof(regs)); - xc_cpuid_policy(&info, input, polregs); + /* Get the domain's max policy. */ + nr_msrs =3D 0; + policy_leaves =3D nr_leaves; + rc =3D xc_get_system_cpu_policy(xch, di.hvm ? XEN_SYSCTL_cpu_policy_hv= m_max + : XEN_SYSCTL_cpu_policy_pv_m= ax, + &policy_leaves, leaves, &nr_msrs, NULL); + if ( rc ) + { + PERROR("Failed to obtain %s max policy", di.hvm ? "hvm" : "pv"); + rc =3D -errno; + goto fail; + } + for ( i =3D 0; i < policy_leaves; ++i ) + if ( leaves[i].leaf =3D=3D input[0] && leaves[i].subleaf =3D=3D in= put[1] ) + { + polregs[0] =3D leaves[i].a; + polregs[1] =3D leaves[i].b; + polregs[2] =3D leaves[i].c; + polregs[3] =3D leaves[i].d; + break; + } + + /* Get the host policy. */ + nr_msrs =3D 0; + policy_leaves =3D nr_leaves; + rc =3D xc_get_system_cpu_policy(xch, XEN_SYSCTL_cpu_policy_host, + &policy_leaves, leaves, &nr_msrs, NULL); + if ( rc ) + { + PERROR("Failed to obtain host policy"); + rc =3D -errno; + goto fail; + } + for ( i =3D 0; i < policy_leaves; ++i ) + if ( leaves[i].leaf =3D=3D input[0] && leaves[i].subleaf =3D=3D in= put[1] ) + { + regs[0] =3D leaves[i].a; + regs[1] =3D leaves[i].b; + regs[2] =3D leaves[i].c; + regs[3] =3D leaves[i].d; + break; + } =20 for ( i =3D 0; i < 4; i++ ) { @@ -966,9 +1026,21 @@ int xc_cpuid_set( } } =20 - rc =3D xc_cpuid_do_domctl(xch, domid, input, regs); - if ( rc =3D=3D 0 ) - goto out; + /* Feed the transformed leaf back up to Xen. */ + leaves[0] =3D (xen_cpuid_leaf_t){ input[0], input[1], + regs[0], regs[1], regs[2], regs[3] }; + rc =3D xc_set_domain_cpu_policy(xch, domid, 1, leaves, 0, NULL, + &err_leaf, &err_subleaf, &err_msr); + if ( rc ) + { + PERROR("Failed to set d%d's policy (err leaf %#x, subleaf %#x, msr= %#x)", + domid, err_leaf, err_subleaf, err_msr); + rc =3D -errno; + goto fail; + } + + /* Success! */ + goto out; =20 fail: for ( i =3D 0; i < 4; i++ ) @@ -978,6 +1050,7 @@ int xc_cpuid_set( } =20 out: - free_cpuid_domain_info(&info); + free(leaves); + return rc; } --=20 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel From nobody Tue May 7 07:25:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org ARC-Seal: i=1; a=rsa-sha256; t=1568403047; cv=none; d=zoho.com; s=zohoarc; b=WVuQmQzueJW+NBNLDB9TpggqNhZhw2PMta4lcVMj4W56/yvePmIi+UOiyLG18o/QyjKo7PVg42eXct3e+Q7A1T4Kdb6EO9Mr14XYr5DOf2kxrfbkJ9qFhmjlLNc+2sVdwClLczkPiHEnbTET0GxfqNmnWQ+5qzLun45WqGLab54= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1568403047; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=yjal7sJuhDtQSicI5V6WaBsX9KZLWysJZVW8Lko7tEo=; b=KXttzKAZyD+f0DWmgnF4r13oaU+HnPyoOHiHRfVBEYi68s5sVBoPuuv20Ovbcs6iz91ggZuQ2phUSofOttg+7TBGqUTElC/59JkVqt1xgvim8cgVWA+qBMpWYobxV7CGlKqkSg96vslcMW4Kn0cTEHS0sBnpZD6OJCvHLjWmzjM= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=fail; spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1568403047004675.4283588960493; Fri, 13 Sep 2019 12:30:47 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1i8rF0-0006s4-5o; Fri, 13 Sep 2019 19:28:22 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1i8rEz-0006rZ-5i for xen-devel@lists.xenproject.org; Fri, 13 Sep 2019 19:28:21 +0000 Received: from esa2.hc3370-68.iphmx.com (unknown [216.71.145.153]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id 9daa6548-d65c-11e9-95b9-12813bfff9fa; Fri, 13 Sep 2019 19:28:08 +0000 (UTC) X-Inumbo-ID: 9daa6548-d65c-11e9-95b9-12813bfff9fa DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1568402889; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=HPF2LqOFEVPBHPCbJpDnIFpAC0MfHtcMA3F3skg4t6U=; b=bNRNC1G3gDmGzzBZik3z+bWGy7ZghUl0KV4kbG5KBTjKvttKEemjXNnQ X9LNT7kyUB5TYuKdGVvqM/nbH+9gKOSk1oueqg+YzfVfJELNXEnN5qQu2 l9ARMkG0nhUGZH2SWGikW+JcsApS/CffEQIalsagkFkWk3QXD08bKvVs/ U=; Authentication-Results: esa2.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=andrew.cooper3@citrix.com; spf=Pass smtp.mailfrom=Andrew.Cooper3@citrix.com; spf=None smtp.helo=postmaster@mail.citrix.com Received-SPF: none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Received-SPF: None (esa2.hc3370-68.iphmx.com: no sender authenticity information available from domain of andrew.cooper3@citrix.com) identity=pra; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="andrew.cooper3@citrix.com"; x-conformance=sidf_compatible Received-SPF: Pass (esa2.hc3370-68.iphmx.com: domain of Andrew.Cooper3@citrix.com designates 162.221.158.21 as permitted sender) identity=mailfrom; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="Andrew.Cooper3@citrix.com"; x-conformance=sidf_compatible; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ~all" Received-SPF: None (esa2.hc3370-68.iphmx.com: no sender authenticity information available from domain of postmaster@mail.citrix.com) identity=helo; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="postmaster@mail.citrix.com"; x-conformance=sidf_compatible IronPort-SDR: 3WF5f3IlZDLHGpkjaR7RMetW4HrMeXAnygIYs2ngfocPAsSOIS3Goj7Epnr7V1jlJYcZPBDCDB Hw/wzb87qzVILfynjnjRJQaV3UmqsaICQD0awVJ/4EsukRd4tgnWqBV+uVC/WKMtnq+YHFes4R legQUtK/iLBJzFLCoAe1zw+ZuX4Sqmx0U3X/x8cGZkoXedSzS/3ndKn5RtL6RNsT8fKxa2Gz3l Z3HH88t6gaAxkYnJsr9dqMNQtI4H2P6S/nLsVy/jcxB1p1goFmFNnZmeZD4amCwUMful6OP4cQ hPk= X-SBRS: 2.7 X-MesageID: 5553062 X-Ironport-Server: esa2.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.64,501,1559534400"; d="scan'208";a="5553062" From: Andrew Cooper To: Xen-devel Date: Fri, 13 Sep 2019 20:27:57 +0100 Message-ID: <20190913192759.10795-9-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20190913192759.10795-1-andrew.cooper3@citrix.com> References: <20190913192759.10795-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Subject: [Xen-devel] [PATCH v2 08/10] tools/libxc: Rework xc_cpuid_apply_policy() to use {get, set}_cpu_policy() X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Andrew Cooper , Ian Jackson , Wei Liu , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) The purpose of this change is to stop using xc_cpuid_do_domctl(), and to st= op basing decisions on a local CPUID instruction. This is not a correct or appropriate way to construct policy information for other domains. The overwhelming majority of this logic is redundant with the policy logic = in Xen, but has a habit of becoming stale (e.g. c/s 97e4ebdcd76 resulting in t= he CPUID.7[1].eax not being offered to guests even when Xen is happy with the content). There are a few subtle side effects which need to remain in place. A successful call to xc_cpuid_apply_policy() must result in a call to xc_set_domain_cpu_policy() because that is currently the only way the ITSC/VMX/SVM bits become reflected in the guests CPUID view. Future cleanup will remove this side effect. The topology tweaks are local to libxc. Extend struct cpuid_policy with enough named fields to express the logic, but keep it identical to before. Fixing topology representation is another future area of work. No (expected) change in behaviour. Signed-off-by: Andrew Cooper Acked-by: Wei Liu Reviewed-by: Jan Beulich --- CC: Jan Beulich CC: Wei Liu CC: Roger Pau Monn=C3=A9 CC: Ian Jackson The repositioning of xc_cpuid_apply_policy() relative to xc_cpuid_set() is simply to make the diff readable. It is completely illegible otherwise. v2: * Reword the commit message to drop AVX512_BF16 * Initialise host_featureset[] just in case. --- tools/libxc/xc_cpuid_x86.c | 798 ++++++++++--------------------------= ---- xen/include/xen/lib/x86/cpuid.h | 11 +- 2 files changed, 197 insertions(+), 612 deletions(-) diff --git a/tools/libxc/xc_cpuid_x86.c b/tools/libxc/xc_cpuid_x86.c index 77f96a4ea6..8e93a60978 100644 --- a/tools/libxc/xc_cpuid_x86.c +++ b/tools/libxc/xc_cpuid_x86.c @@ -34,18 +34,13 @@ enum { =20 #include =20 -#include -#include +#include =20 #define bitmaskof(idx) (1u << ((idx) & 31)) #define featureword_of(idx) ((idx) >> 5) #define clear_feature(idx, dst) ((dst) &=3D ~bitmaskof(idx)) #define set_feature(idx, dst) ((dst) |=3D bitmaskof(idx)) =20 -#define DEF_MAX_BASE 0x0000000du -#define DEF_MAX_INTELEXT 0x80000008u -#define DEF_MAX_AMDEXT 0x8000001cu - int xc_get_cpu_levelling_caps(xc_interface *xch, uint32_t *caps) { DECLARE_SYSCTL; @@ -275,609 +270,6 @@ int xc_set_domain_cpu_policy(xc_interface *xch, uint3= 2_t domid, return ret; } =20 -struct cpuid_domain_info -{ - unsigned int vendor; /* X86_VENDOR_* */ - - bool hvm; - uint64_t xfeature_mask; - - /* - * Careful with featureset lengths. - * - * Code in this file requires featureset to have at least - * xc_get_cpu_featureset_size() entries. This is a libxc compiletime - * constant. - * - * The featureset length used by the hypervisor may be different. If = the - * hypervisor version is longer, XEN_SYSCTL_get_cpu_featureset will fa= il - * with -ENOBUFS, and libxc really does need rebuilding. If the - * hypervisor version is shorter, it is safe to zero-extend. - */ - uint32_t *featureset; - unsigned int nr_features; - - /* PV-only information. */ - bool pv64; - - /* HVM-only information. */ - bool pae; - bool nestedhvm; -}; - -static void cpuid(const unsigned int *input, unsigned int *regs) -{ - unsigned int count =3D (input[1] =3D=3D XEN_CPUID_INPUT_UNUSED) ? 0 : = input[1]; -#ifdef __i386__ - /* Use the stack to avoid reg constraint failures with some gcc flags = */ - asm ( - "push %%ebx; push %%edx\n\t" - "cpuid\n\t" - "mov %%ebx,4(%4)\n\t" - "mov %%edx,12(%4)\n\t" - "pop %%edx; pop %%ebx\n\t" - : "=3Da" (regs[0]), "=3Dc" (regs[2]) - : "0" (input[0]), "1" (count), "S" (regs) - : "memory" ); -#else - asm ( - "cpuid" - : "=3Da" (regs[0]), "=3Db" (regs[1]), "=3Dc" (regs[2]), "=3Dd" (re= gs[3]) - : "0" (input[0]), "2" (count) ); -#endif -} - -static int get_cpuid_domain_info(xc_interface *xch, uint32_t domid, - struct cpuid_domain_info *info, - const uint32_t *featureset, - unsigned int nr_features) -{ - struct xen_domctl domctl =3D {}; - xc_dominfo_t di; - unsigned int in[2] =3D { 0, ~0U }, regs[4]; - unsigned int i, host_nr_features =3D xc_get_cpu_featureset_size(); - int rc; - - cpuid(in, regs); - info->vendor =3D x86_cpuid_lookup_vendor(regs[1], regs[2], regs[3]); - - if ( xc_domain_getinfo(xch, domid, 1, &di) !=3D 1 || - di.domid !=3D domid ) - return -ESRCH; - - info->hvm =3D di.hvm; - - info->featureset =3D calloc(host_nr_features, sizeof(*info->featureset= )); - if ( !info->featureset ) - return -ENOMEM; - - info->nr_features =3D host_nr_features; - - if ( featureset ) - { - /* - * The user supplied featureset may be shorter or longer than - * host_nr_features. Shorter is fine, and we will zero-extend. - * Longer is fine, so long as it only padded with zeros. - */ - unsigned int fslen =3D min(host_nr_features, nr_features); - - memcpy(info->featureset, featureset, - fslen * sizeof(*info->featureset)); - - /* Check for truncated set bits. */ - for ( i =3D fslen; i < nr_features; ++i ) - if ( featureset[i] !=3D 0 ) - return -EOPNOTSUPP; - } - else - { - rc =3D xc_get_cpu_featureset(xch, (info->hvm - ? XEN_SYSCTL_cpu_featureset_hvm - : XEN_SYSCTL_cpu_featureset_pv), - &host_nr_features, info->featureset); - if ( rc ) - return -errno; - } - - /* Get xstate information. */ - domctl.cmd =3D XEN_DOMCTL_getvcpuextstate; - domctl.domain =3D domid; - rc =3D do_domctl(xch, &domctl); - if ( rc ) - return -errno; - - info->xfeature_mask =3D domctl.u.vcpuextstate.xfeature_mask; - - if ( di.hvm ) - { - uint64_t val; - - rc =3D xc_hvm_param_get(xch, domid, HVM_PARAM_PAE_ENABLED, &val); - if ( rc ) - return -errno; - - info->pae =3D !!val; - - rc =3D xc_hvm_param_get(xch, domid, HVM_PARAM_NESTEDHVM, &val); - if ( rc ) - return -errno; - - info->nestedhvm =3D !!val; - } - else - { - unsigned int width; - - rc =3D xc_domain_get_guest_width(xch, domid, &width); - if ( rc ) - return -errno; - - info->pv64 =3D (width =3D=3D 8); - } - - return 0; -} - -static void free_cpuid_domain_info(struct cpuid_domain_info *info) -{ - free(info->featureset); -} - -static void amd_xc_cpuid_policy(const struct cpuid_domain_info *info, - const unsigned int *input, unsigned int *r= egs) -{ - switch ( input[0] ) - { - case 0x00000002: - case 0x00000004: - regs[0] =3D regs[1] =3D regs[2] =3D 0; - break; - - case 0x80000000: - if ( regs[0] > DEF_MAX_AMDEXT ) - regs[0] =3D DEF_MAX_AMDEXT; - break; - - case 0x80000008: - /* - * ECX[15:12] is ApicIdCoreSize: ECX[7:0] is NumberOfCores (minus = one). - * Update to reflect vLAPIC_ID =3D vCPU_ID * 2. - */ - regs[2] =3D ((regs[2] + (1u << 12)) & 0xf000u) | - ((regs[2] & 0xffu) << 1) | 1u; - break; - - case 0x8000000a: { - if ( !info->nestedhvm ) - { - regs[0] =3D regs[1] =3D regs[2] =3D regs[3] =3D 0; - break; - } - -#define SVM_FEATURE_NPT 0x00000001 /* Nested page table support= */ -#define SVM_FEATURE_LBRV 0x00000002 /* LBR virtualization suppor= t */ -#define SVM_FEATURE_SVML 0x00000004 /* SVM locking MSR support */ -#define SVM_FEATURE_NRIPS 0x00000008 /* Next RIP save on VMEXIT */ -#define SVM_FEATURE_TSCRATEMSR 0x00000010 /* TSC ratio MSR support */ -#define SVM_FEATURE_VMCBCLEAN 0x00000020 /* VMCB clean bits support */ -#define SVM_FEATURE_FLUSHBYASID 0x00000040 /* TLB flush by ASID support= */ -#define SVM_FEATURE_DECODEASSISTS 0x00000080 /* Decode assists support */ -#define SVM_FEATURE_PAUSEFILTER 0x00000400 /* Pause intercept filter */ - - /* Pass 1: Only passthrough SVM features which are - * available in hw and which are implemented - */ - regs[3] &=3D (SVM_FEATURE_NPT | SVM_FEATURE_LBRV | \ - SVM_FEATURE_NRIPS | SVM_FEATURE_PAUSEFILTER | \ - SVM_FEATURE_DECODEASSISTS); - - /* Pass 2: Always enable SVM features which are emulated */ - regs[3] |=3D SVM_FEATURE_VMCBCLEAN | SVM_FEATURE_TSCRATEMSR; - break; - } - - } -} - -static void intel_xc_cpuid_policy(const struct cpuid_domain_info *info, - const unsigned int *input, unsigned int = *regs) -{ - switch ( input[0] ) - { - case 0x00000004: - /* - * EAX[31:26] is Maximum Cores Per Package (minus one). - * Update to reflect vLAPIC_ID =3D vCPU_ID * 2. - */ - regs[0] =3D (((regs[0] & 0x7c000000u) << 1) | 0x04000000u | - (regs[0] & 0x3ffu)); - regs[3] &=3D 0x3ffu; - break; - - case 0x80000000: - if ( regs[0] > DEF_MAX_INTELEXT ) - regs[0] =3D DEF_MAX_INTELEXT; - break; - - case 0x80000005: - regs[0] =3D regs[1] =3D regs[2] =3D 0; - break; - - case 0x80000008: - /* Mask AMD Number of Cores information. */ - regs[2] =3D 0; - break; - } -} - -static void xc_cpuid_hvm_policy(const struct cpuid_domain_info *info, - const unsigned int *input, unsigned int *r= egs) -{ - switch ( input[0] ) - { - case 0x00000000: - if ( regs[0] > DEF_MAX_BASE ) - regs[0] =3D DEF_MAX_BASE; - break; - - case 0x00000001: - /* - * EBX[23:16] is Maximum Logical Processors Per Package. - * Update to reflect vLAPIC_ID =3D vCPU_ID * 2. - */ - regs[1] =3D (regs[1] & 0x0000ffffu) | ((regs[1] & 0x007f0000u) << = 1); - - regs[2] =3D info->featureset[featureword_of(X86_FEATURE_SSE3)]; - regs[3] =3D (info->featureset[featureword_of(X86_FEATURE_FPU)] | - bitmaskof(X86_FEATURE_HTT)); - break; - - case 0x00000007: /* Intel-defined CPU features */ - if ( input[1] =3D=3D 0 ) - { - regs[1] =3D info->featureset[featureword_of(X86_FEATURE_FSGSBA= SE)]; - regs[2] =3D info->featureset[featureword_of(X86_FEATURE_PREFET= CHWT1)]; - regs[3] =3D info->featureset[featureword_of(X86_FEATURE_AVX512= _4VNNIW)]; - } - else - { - regs[1] =3D 0; - regs[2] =3D 0; - regs[3] =3D 0; - } - regs[0] =3D 0; - break; - - case 0x0000000d: /* Xen automatically calculates almost everything. */ - if ( input[1] =3D=3D 1 ) - regs[0] =3D info->featureset[featureword_of(X86_FEATURE_XSAVEO= PT)]; - else - regs[0] =3D 0; - regs[1] =3D regs[2] =3D regs[3] =3D 0; - break; - - case 0x80000000: - /* Passthrough to cpu vendor specific functions */ - break; - - case 0x80000001: - regs[2] =3D (info->featureset[featureword_of(X86_FEATURE_LAHF_LM)]= & - ~bitmaskof(X86_FEATURE_CMP_LEGACY)); - regs[3] =3D info->featureset[featureword_of(X86_FEATURE_SYSCALL)]; - break; - - case 0x80000007: - /* - * Keep only TSCInvariant. This may be cleared by the hypervisor - * depending on guest TSC and migration settings. - */ - regs[0] =3D regs[1] =3D regs[2] =3D 0; - regs[3] &=3D 1u<<8; - break; - - case 0x80000008: - regs[0] &=3D 0x0000ffffu; - regs[1] =3D info->featureset[featureword_of(X86_FEATURE_CLZERO)]; - /* regs[2] handled in the per-vendor logic. */ - regs[3] =3D 0; - break; - - case 0x00000002: /* Intel cache info (dumped by AMD policy) */ - case 0x00000004: /* Intel cache info (dumped by AMD policy) */ - case 0x0000000a: /* Architectural Performance Monitor Features */ - case 0x80000002: /* Processor name string */ - case 0x80000003: /* ... continued */ - case 0x80000004: /* ... continued */ - case 0x80000005: /* AMD L1 cache/TLB info (dumped by Intel policy) */ - case 0x80000006: /* AMD L2/3 cache/TLB info ; Intel L2 cache features = */ - case 0x8000000a: /* AMD SVM feature bits */ - case 0x80000019: /* AMD 1G TLB */ - case 0x8000001a: /* AMD perf hints */ - case 0x8000001c: /* AMD lightweight profiling */ - break; - - default: - regs[0] =3D regs[1] =3D regs[2] =3D regs[3] =3D 0; - break; - } - - if ( info->vendor & (X86_VENDOR_AMD | X86_VENDOR_HYGON) ) - amd_xc_cpuid_policy(info, input, regs); - else - intel_xc_cpuid_policy(info, input, regs); -} - -static void xc_cpuid_pv_policy(const struct cpuid_domain_info *info, - const unsigned int *input, unsigned int *re= gs) -{ - switch ( input[0] ) - { - case 0x00000000: - if ( regs[0] > DEF_MAX_BASE ) - regs[0] =3D DEF_MAX_BASE; - break; - - case 0x00000001: - { - /* Host topology exposed to PV guest. Provide host value. */ - bool host_htt =3D regs[3] & bitmaskof(X86_FEATURE_HTT); - - /* - * Don't pick host's Initial APIC ID which can change from run - * to run. - */ - regs[1] &=3D 0x00ffffffu; - - regs[2] =3D info->featureset[featureword_of(X86_FEATURE_SSE3)]; - regs[3] =3D (info->featureset[featureword_of(X86_FEATURE_FPU)] & - ~bitmaskof(X86_FEATURE_HTT)); - - if ( host_htt ) - regs[3] |=3D bitmaskof(X86_FEATURE_HTT); - break; - } - - case 0x00000007: - if ( input[1] =3D=3D 0 ) - { - regs[1] =3D info->featureset[featureword_of(X86_FEATURE_FSGSBA= SE)]; - regs[2] =3D info->featureset[featureword_of(X86_FEATURE_PREFET= CHWT1)]; - regs[3] =3D info->featureset[featureword_of(X86_FEATURE_AVX512= _4VNNIW)]; - } - else - { - regs[1] =3D 0; - regs[2] =3D 0; - regs[3] =3D 0; - } - regs[0] =3D 0; - break; - - case 0x0000000d: /* Xen automatically calculates almost everything. */ - if ( input[1] =3D=3D 1 ) - regs[0] =3D info->featureset[featureword_of(X86_FEATURE_XSAVEO= PT)]; - else - regs[0] =3D 0; - regs[1] =3D regs[2] =3D regs[3] =3D 0; - break; - - case 0x80000000: - { - unsigned int max =3D (info->vendor & (X86_VENDOR_AMD | X86_VENDOR_= HYGON)) - ? DEF_MAX_AMDEXT : DEF_MAX_INTELEXT; - - if ( regs[0] > max ) - regs[0] =3D max; - break; - } - - case 0x80000001: - { - /* Host topology exposed to PV guest. Provide host CMP_LEGACY val= ue. */ - bool host_cmp_legacy =3D regs[2] & bitmaskof(X86_FEATURE_CMP_LEGAC= Y); - - regs[2] =3D (info->featureset[featureword_of(X86_FEATURE_LAHF_LM)]= & - ~bitmaskof(X86_FEATURE_CMP_LEGACY)); - regs[3] =3D info->featureset[featureword_of(X86_FEATURE_SYSCALL)]; - - if ( host_cmp_legacy ) - regs[2] |=3D bitmaskof(X86_FEATURE_CMP_LEGACY); - - break; - } - - case 0x80000008: - regs[0] &=3D 0x0000ffffu; - regs[1] =3D info->featureset[featureword_of(X86_FEATURE_CLZERO)]; - regs[2] =3D regs[3] =3D 0; - break; - - case 0x00000005: /* MONITOR/MWAIT */ - case 0x0000000b: /* Extended Topology Enumeration */ - case 0x8000000a: /* SVM revision and features */ - case 0x8000001b: /* Instruction Based Sampling */ - case 0x8000001c: /* Light Weight Profiling */ - case 0x8000001e: /* Extended topology reporting */ - regs[0] =3D regs[1] =3D regs[2] =3D regs[3] =3D 0; - break; - } -} - -static void xc_cpuid_policy(const struct cpuid_domain_info *info, - const unsigned int *input, unsigned int *regs) -{ - /* - * For hypervisor leaves (0x4000XXXX) only 0x4000xx00.EAX[7:0] bits (m= ax - * number of leaves) can be set by user. Hypervisor will enforce this = so - * all other bits are don't-care and we can set them to zero. - */ - if ( (input[0] & 0xffff0000) =3D=3D 0x40000000 ) - { - regs[0] =3D regs[1] =3D regs[2] =3D regs[3] =3D 0; - return; - } - - if ( info->hvm ) - xc_cpuid_hvm_policy(info, input, regs); - else - xc_cpuid_pv_policy(info, input, regs); -} - -static int xc_cpuid_do_domctl( - xc_interface *xch, uint32_t domid, - const unsigned int *input, const unsigned int *regs) -{ - DECLARE_DOMCTL; - - memset(&domctl, 0, sizeof (domctl)); - domctl.domain =3D domid; - domctl.cmd =3D XEN_DOMCTL_set_cpuid; - domctl.u.cpuid.input[0] =3D input[0]; - domctl.u.cpuid.input[1] =3D input[1]; - domctl.u.cpuid.eax =3D regs[0]; - domctl.u.cpuid.ebx =3D regs[1]; - domctl.u.cpuid.ecx =3D regs[2]; - domctl.u.cpuid.edx =3D regs[3]; - - return do_domctl(xch, &domctl); -} - -static void sanitise_featureset(struct cpuid_domain_info *info) -{ - const uint32_t fs_size =3D xc_get_cpu_featureset_size(); - uint32_t disabled_features[fs_size]; - static const uint32_t deep_features[] =3D INIT_DEEP_FEATURES; - unsigned int i, b; - - if ( info->hvm ) - { - /* HVM or PVH Guest */ - - if ( !info->pae ) - clear_bit(X86_FEATURE_PAE, info->featureset); - - if ( !info->nestedhvm ) - { - clear_bit(X86_FEATURE_SVM, info->featureset); - clear_bit(X86_FEATURE_VMX, info->featureset); - } - } - else - { - /* PV Guest */ - - if ( !info->pv64 ) - { - clear_bit(X86_FEATURE_LM, info->featureset); - if ( !(info->vendor & (X86_VENDOR_AMD | X86_VENDOR_HYGON)) ) - clear_bit(X86_FEATURE_SYSCALL, info->featureset); - } - - clear_bit(X86_FEATURE_PSE, info->featureset); - clear_bit(X86_FEATURE_PSE36, info->featureset); - clear_bit(X86_FEATURE_PGE, info->featureset); - clear_bit(X86_FEATURE_PAGE1GB, info->featureset); - } - - if ( info->xfeature_mask =3D=3D 0 ) - clear_bit(X86_FEATURE_XSAVE, info->featureset); - - /* Disable deep dependencies of disabled features. */ - for ( i =3D 0; i < ARRAY_SIZE(disabled_features); ++i ) - disabled_features[i] =3D ~info->featureset[i] & deep_features[i]; - - for ( b =3D 0; b < sizeof(disabled_features) * CHAR_BIT; ++b ) - { - const uint32_t *dfs; - - if ( !test_bit(b, disabled_features) || - !(dfs =3D x86_cpuid_lookup_deep_deps(b)) ) - continue; - - for ( i =3D 0; i < ARRAY_SIZE(disabled_features); ++i ) - { - info->featureset[i] &=3D ~dfs[i]; - disabled_features[i] &=3D ~dfs[i]; - } - } -} - -int xc_cpuid_apply_policy(xc_interface *xch, uint32_t domid, - const uint32_t *featureset, unsigned int nr_feat= ures) -{ - struct cpuid_domain_info info =3D {}; - unsigned int input[2] =3D { 0, 0 }, regs[4]; - unsigned int base_max, ext_max; - int rc; - - rc =3D get_cpuid_domain_info(xch, domid, &info, featureset, nr_feature= s); - if ( rc ) - goto out; - - cpuid(input, regs); - base_max =3D (regs[0] <=3D DEF_MAX_BASE) ? regs[0] : DEF_MAX_BASE; - input[0] =3D 0x80000000; - cpuid(input, regs); - - if ( info.vendor =3D=3D X86_VENDOR_AMD || info.vendor =3D=3D X86_VENDO= R_HYGON ) - ext_max =3D (regs[0] <=3D DEF_MAX_AMDEXT) ? regs[0] : DEF_MAX_AMDE= XT; - else - ext_max =3D (regs[0] <=3D DEF_MAX_INTELEXT) ? regs[0] : DEF_MAX_IN= TELEXT; - - sanitise_featureset(&info); - - input[0] =3D 0; - input[1] =3D XEN_CPUID_INPUT_UNUSED; - for ( ; ; ) - { - cpuid(input, regs); - xc_cpuid_policy(&info, input, regs); - - if ( regs[0] || regs[1] || regs[2] || regs[3] ) - { - rc =3D xc_cpuid_do_domctl(xch, domid, input, regs); - if ( rc ) - goto out; - } - - /* Intel cache descriptor leaves. */ - if ( input[0] =3D=3D 4 ) - { - input[1]++; - /* More to do? Then loop keeping %%eax=3D=3D0x00000004. */ - if ( (regs[0] & 0x1f) !=3D 0 ) - continue; - } - /* Extended Topology leaves. */ - else if ( input[0] =3D=3D 0xb ) - { - uint8_t level_type =3D regs[2] >> 8; - - input[1]++; - if ( level_type >=3D 1 && level_type <=3D 2 ) - continue; - } - - input[0]++; - if ( !(input[0] & 0x80000000u) && (input[0] > base_max ) ) - input[0] =3D 0x80000000u; - - input[1] =3D XEN_CPUID_INPUT_UNUSED; - if ( (input[0] =3D=3D 4) || (input[0] =3D=3D 7) || (input[0] =3D= =3D 0xb) ) - input[1] =3D 0; - else if ( input[0] =3D=3D 0xd ) - input[1] =3D 1; /* Xen automatically calculates almost everyth= ing. */ - - if ( (input[0] & 0x80000000u) && (input[0] > ext_max) ) - break; - } - - out: - free_cpuid_domain_info(&info); - return rc; -} - /* * Configure a single input with the informatiom from config. * @@ -1054,3 +446,191 @@ int xc_cpuid_set( =20 return rc; } + +int xc_cpuid_apply_policy(xc_interface *xch, uint32_t domid, + const uint32_t *featureset, unsigned int nr_feat= ures) +{ + int rc; + xc_dominfo_t di; + unsigned int i, nr_leaves, nr_msrs; + xen_cpuid_leaf_t *leaves =3D NULL; + struct cpuid_policy *p =3D NULL; + uint32_t err_leaf =3D -1, err_subleaf =3D -1, err_msr =3D -1; + + if ( xc_domain_getinfo(xch, domid, 1, &di) !=3D 1 || + di.domid !=3D domid ) + { + ERROR("Failed to obtain d%d info", domid); + rc =3D -ESRCH; + goto out; + } + + rc =3D xc_get_cpu_policy_size(xch, &nr_leaves, &nr_msrs); + if ( rc ) + { + PERROR("Failed to obtain policy info size"); + rc =3D -errno; + goto out; + } + + rc =3D -ENOMEM; + if ( (leaves =3D calloc(nr_leaves, sizeof(*leaves))) =3D=3D NULL || + (p =3D calloc(1, sizeof(*p))) =3D=3D NULL ) + goto out; + + nr_msrs =3D 0; + rc =3D xc_get_domain_cpu_policy(xch, domid, &nr_leaves, leaves, + &nr_msrs, NULL); + if ( rc ) + { + PERROR("Failed to obtain d%d's policy", domid); + rc =3D -errno; + goto out; + } + + rc =3D x86_cpuid_copy_from_buffer(p, leaves, nr_leaves, + &err_leaf, &err_subleaf); + if ( rc ) + { + ERROR("Failed to deserialise CPUID (err leaf %#x, subleaf %#x) (%d= =3D %s)", + err_leaf, err_subleaf, -rc, strerror(-rc)); + goto out; + } + + if ( featureset ) + { + uint32_t disabled_features[FEATURESET_NR_ENTRIES], + feat[FEATURESET_NR_ENTRIES] =3D {}; + static const uint32_t deep_features[] =3D INIT_DEEP_FEATURES; + unsigned int i, b; + + /* + * The user supplied featureset may be shorter or longer than + * FEATURESET_NR_ENTRIES. Shorter is fine, and we will zero-exten= d. + * Longer is fine, so long as it only padded with zeros. + */ + unsigned int user_len =3D min(FEATURESET_NR_ENTRIES + 0u, nr_featu= res); + + /* Check for truncated set bits. */ + rc =3D -EOPNOTSUPP; + for ( i =3D user_len; i < nr_features; ++i ) + if ( featureset[i] !=3D 0 ) + goto out; + + memcpy(feat, featureset, sizeof(*featureset) * user_len); + + /* Disable deep dependencies of disabled features. */ + for ( i =3D 0; i < ARRAY_SIZE(disabled_features); ++i ) + disabled_features[i] =3D ~feat[i] & deep_features[i]; + + for ( b =3D 0; b < sizeof(disabled_features) * CHAR_BIT; ++b ) + { + const uint32_t *dfs; + + if ( !test_bit(b, disabled_features) || + !(dfs =3D x86_cpuid_lookup_deep_deps(b)) ) + continue; + + for ( i =3D 0; i < ARRAY_SIZE(disabled_features); ++i ) + { + feat[i] &=3D ~dfs[i]; + disabled_features[i] &=3D ~dfs[i]; + } + } + + cpuid_featureset_to_policy(feat, p); + } + + if ( !di.hvm ) + { + uint32_t host_featureset[FEATURESET_NR_ENTRIES] =3D {}; + uint32_t len =3D ARRAY_SIZE(host_featureset); + + rc =3D xc_get_cpu_featureset(xch, XEN_SYSCTL_cpu_featureset_host, + &len, host_featureset); + if ( rc ) + { + /* Tolerate "buffer too small", as we've got the bits we need.= */ + if ( errno =3D=3D ENOBUFS ) + rc =3D 0; + else + { + PERROR("Failed to obtain host featureset"); + rc =3D -errno; + goto out; + } + } + + /* + * On hardware without CPUID Faulting, PV guests see real topology. + * As a consequence, they also need to see the host htt/cmp fields. + */ + p->basic.htt =3D test_bit(X86_FEATURE_HTT, host_featureset); + p->extd.cmp_legacy =3D test_bit(X86_FEATURE_CMP_LEGACY, host_featu= reset); + } + else + { + /* + * Topology for HVM guests is entirely controlled by Xen. For now= , we + * hardcode APIC_ID =3D vcpu_id * 2 to give the illusion of no SMT. + */ + p->basic.htt =3D true; + p->extd.cmp_legacy =3D false; + + p->basic.lppp *=3D 2; + + switch ( p->x86_vendor ) + { + case X86_VENDOR_INTEL: + for ( i =3D 0; (p->cache.subleaf[i].type && + i < ARRAY_SIZE(p->cache.raw)); ++i ) + { + p->cache.subleaf[i].cores_per_package =3D + (p->cache.subleaf[i].cores_per_package << 1) | 1; + p->cache.subleaf[i].threads_per_cache =3D 0; + } + break; + + case X86_VENDOR_AMD: + case X86_VENDOR_HYGON: + p->extd.nc =3D (p->extd.nc << 1) | 1; + p->extd.apic_id_size++; + break; + } + + /* + * These settings are necessary to cause earlier HVM_PARAM_NESTEDH= VM / + * XEN_DOMCTL_disable_migrate settings to be reflected correctly in + * CPUID. Xen will discard these bits if configuration hasn't been + * set for the domain. + */ + p->extd.itsc =3D true; + p->basic.vmx =3D true; + p->extd.svm =3D true; + } + + rc =3D x86_cpuid_copy_to_buffer(p, leaves, &nr_leaves); + if ( rc ) + { + ERROR("Failed to serialise CPUID (%d =3D %s)", -rc, strerror(-rc)); + goto out; + } + + rc =3D xc_set_domain_cpu_policy(xch, domid, nr_leaves, leaves, 0, NULL, + &err_leaf, &err_subleaf, &err_msr); + if ( rc ) + { + PERROR("Failed to set d%d's policy (err leaf %#x, subleaf %#x, msr= %#x)", + domid, err_leaf, err_subleaf, err_msr); + rc =3D -errno; + goto out; + } + + rc =3D 0; + +out: + free(p); + free(leaves); + + return rc; +} diff --git a/xen/include/xen/lib/x86/cpuid.h b/xen/include/xen/lib/x86/cpui= d.h index 79840f99ce..331ef4f4f0 100644 --- a/xen/include/xen/lib/x86/cpuid.h +++ b/xen/include/xen/lib/x86/cpuid.h @@ -154,8 +154,12 @@ struct cpuid_policy union { struct cpuid_leaf raw[CPUID_GUEST_NR_CACHE]; struct cpuid_cache_leaf { - uint32_t type:5, - :27, :32, :32, :32; + uint32_t /* a */ type:5, level:3; + bool self_init:1, fully_assoc:1; + uint32_t :4, threads_per_cache:12, cores_per_package:6; + uint32_t /* b */ line_size:12, partitions:10, ways:10; + uint32_t /* c */ sets; + bool /* d */ wbinvd:1, inclusive:1, complex:1; } subleaf[CPUID_GUEST_NR_CACHE]; } cache; =20 @@ -259,7 +263,8 @@ struct cpuid_policy uint32_t e8b; struct { DECL_BITFIELD(e8b); }; }; - uint32_t /* c */:32, /* d */:32; + uint32_t nc:8, :4, apic_id_size:4, :16; + uint32_t /* d */:32; }; } extd; =20 --=20 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel From nobody Tue May 7 07:25:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org ARC-Seal: i=1; a=rsa-sha256; t=1568403053; cv=none; d=zoho.com; s=zohoarc; b=GgKwYgiD+JBQfaTEF0YyL7GYZFuOsMpNjnWH1nJ+e2wWih6tHfi10+W8MZ7wrTTADo0KBLHi7w6vQ5GKbeGhAZpCEtt6cfeA29eJ5j3gU+MZmTEgz9iHs/kFwIvsYCmTqe3jAAXk6ckaOecb2SjcE2i6RcOaWnVd2FirjhY0Vog= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1568403053; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=u+lR8jCPYeZEOcnosRhXBe/vy0za0bMaMVxSdFLjaT0=; b=IdX0XzeLMatGnIFxxJDz/AMBxYiEDwbj1cZ7WG9fRTPno9vTiLwoEJEIrK2aNeQT3BVAdXRt2SBJXPCQfH1XLUKbbv7Y12Wsg18mVswesMNGwZYDv3JkQNV+WJ50zLTaxSlC5ieHEmpAuJ20Ijm/kvsEJXZiue35UyALIN7lbM0= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=fail; spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1568403053259811.0037324624592; Fri, 13 Sep 2019 12:30:53 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1i8rFA-0006xx-4G; Fri, 13 Sep 2019 19:28:32 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1i8rF9-0006xJ-6K for xen-devel@lists.xenproject.org; Fri, 13 Sep 2019 19:28:31 +0000 Received: from esa6.hc3370-68.iphmx.com (unknown [216.71.155.175]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id 9ed6855a-d65c-11e9-95b9-12813bfff9fa; Fri, 13 Sep 2019 19:28:10 +0000 (UTC) X-Inumbo-ID: 9ed6855a-d65c-11e9-95b9-12813bfff9fa DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1568402890; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=akyO5g0JmeWjDPcSn3cgUEp57LTyDw3KHLOPupwHu+Q=; b=edDskKAZDfFtgNmD8RC2Mvge813s/spHcEsH+NJAwFmCzfouPo7M9wD2 7TKx9wZ7YroFTZ/FR46r2SIyhKnr2Y1UDO3RfVYo4VpZ3qNJVf/lKw32J nrKy/B/76D0OWMasQv8L3ru2Wupj+9FOct9I3POdUzO1cfQJzXjqTp/j0 o=; Authentication-Results: esa6.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=andrew.cooper3@citrix.com; spf=Pass smtp.mailfrom=Andrew.Cooper3@citrix.com; spf=None smtp.helo=postmaster@mail.citrix.com Received-SPF: none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Received-SPF: None (esa6.hc3370-68.iphmx.com: no sender authenticity information available from domain of andrew.cooper3@citrix.com) identity=pra; client-ip=162.221.158.21; receiver=esa6.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="andrew.cooper3@citrix.com"; x-conformance=sidf_compatible Received-SPF: Pass (esa6.hc3370-68.iphmx.com: domain of Andrew.Cooper3@citrix.com designates 162.221.158.21 as permitted sender) identity=mailfrom; client-ip=162.221.158.21; receiver=esa6.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="Andrew.Cooper3@citrix.com"; x-conformance=sidf_compatible; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ~all" Received-SPF: None (esa6.hc3370-68.iphmx.com: no sender authenticity information available from domain of postmaster@mail.citrix.com) identity=helo; client-ip=162.221.158.21; receiver=esa6.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="postmaster@mail.citrix.com"; x-conformance=sidf_compatible IronPort-SDR: QnfxZm/UZEb1gwWqd8leRCeI1mq8/fVlGFQ7/TvrwJaA0LZKJA8QzQviDa1NByTEXVFcocAP0a 0pBNgoK/jy/iGp4trL0rLOuuIOsbcb5zsdjnx+ffgGiBlTOPJU//01hqOp9rW3aztxavMGj4OQ RgWaqpo2Hu18SsNQqGJy3IZvJUTzeXmfV34kmapuOneZtHwG1W7279wj5AMm5GaNI7BkakqYt8 6yU8j3dKCnwu252KT7NzE5XdaaTwkGTLX/mvFqdZ6ixpDcSxR53JirBTb9nXc0xr5JPpBXBpFW ujs= X-SBRS: 2.7 X-MesageID: 5802300 X-Ironport-Server: esa6.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.64,501,1559534400"; d="scan'208";a="5802300" From: Andrew Cooper To: Xen-devel Date: Fri, 13 Sep 2019 20:27:58 +0100 Message-ID: <20190913192759.10795-10-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20190913192759.10795-1-andrew.cooper3@citrix.com> References: <20190913192759.10795-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Subject: [Xen-devel] [PATCH v2 09/10] x86/domctl: Drop XEN_DOMCTL_set_cpuid X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Andrew Cooper , Daniel De Graaf , Wei Liu , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) With the final users moved over to using XEN_DOMCTL_set_cpumsr_policy, drop this domctl and associated infrastructure. Rename the preexisting set_cpuid XSM vector to set_cpu_policy, now that it = is back to having a single user. Signed-off-by: Andrew Cooper Acked-by: Jan Beulich --- CC: Jan Beulich CC: Wei Liu CC: Roger Pau Monn=C3=A9 CC: Daniel De Graaf --- tools/flask/policy/modules/dom0.te | 2 +- tools/flask/policy/modules/xen.if | 2 +- xen/arch/x86/domctl.c | 101 --------------------------------= ---- xen/include/public/domctl.h | 11 +--- xen/xsm/flask/hooks.c | 3 +- xen/xsm/flask/policy/access_vectors | 3 +- 6 files changed, 5 insertions(+), 117 deletions(-) diff --git a/tools/flask/policy/modules/dom0.te b/tools/flask/policy/module= s/dom0.te index 9970f9dc08..272f6a4f75 100644 --- a/tools/flask/policy/modules/dom0.te +++ b/tools/flask/policy/modules/dom0.te @@ -38,7 +38,7 @@ allow dom0_t dom0_t:domain { getpodtarget setpodtarget set_misc_info set_virq_handler }; allow dom0_t dom0_t:domain2 { - set_cpuid gettsc settsc setscheduler set_vnumainfo + set_cpu_policy gettsc settsc setscheduler set_vnumainfo get_vnumainfo psr_cmt_op psr_alloc get_cpu_policy }; allow dom0_t dom0_t:resource { add remove }; diff --git a/tools/flask/policy/modules/xen.if b/tools/flask/policy/modules= /xen.if index de5fb331bf..8eb2293a52 100644 --- a/tools/flask/policy/modules/xen.if +++ b/tools/flask/policy/modules/xen.if @@ -50,7 +50,7 @@ define(`create_domain_common', ` getdomaininfo hypercall setvcpucontext getscheduler getvcpuinfo getaddrsize getaffinity setaffinity settime setdomainhandle getvcpucontext set_misc_info }; - allow $1 $2:domain2 { set_cpuid settsc setscheduler setclaim + allow $1 $2:domain2 { set_cpu_policy settsc setscheduler setclaim set_vnumainfo get_vnumainfo cacheflush psr_cmt_op psr_alloc soft_reset resource_map get_cpu_policy }; diff --git a/xen/arch/x86/domctl.c b/xen/arch/x86/domctl.c index 97ced32c21..f31edf923b 100644 --- a/xen/arch/x86/domctl.c +++ b/xen/arch/x86/domctl.c @@ -206,94 +206,6 @@ static void domain_cpu_policy_changed(struct domain *d) } } =20 -static int update_domain_cpuid_info(struct domain *d, - const struct xen_domctl_cpuid *ctl) -{ - struct cpuid_policy *p =3D d->arch.cpuid; - const struct cpuid_leaf leaf =3D { ctl->eax, ctl->ebx, ctl->ecx, ctl->= edx }; - - /* - * Skip update for leaves we don't care about, to avoid the overhead of - * recalculate_cpuid_policy(). - */ - switch ( ctl->input[0] ) - { - case 0x00000000 ... ARRAY_SIZE(p->basic.raw) - 1: - if ( ctl->input[0] =3D=3D 4 && - ctl->input[1] >=3D ARRAY_SIZE(p->cache.raw) ) - return 0; - - if ( ctl->input[0] =3D=3D 7 && - ctl->input[1] >=3D ARRAY_SIZE(p->feat.raw) ) - return 0; - - if ( ctl->input[0] =3D=3D 0xb && - ctl->input[1] >=3D ARRAY_SIZE(p->topo.raw) ) - return 0; - - BUILD_BUG_ON(ARRAY_SIZE(p->xstate.raw) < 2); - if ( ctl->input[0] =3D=3D XSTATE_CPUID && - ctl->input[1] !=3D 1 ) /* Everything else automatically calcu= lated. */ - return 0; - break; - - case 0x40000000: case 0x40000100: - /* Only care about the max_leaf limit. */ - - case 0x80000000 ... 0x80000000 + ARRAY_SIZE(p->extd.raw) - 1: - break; - - default: - return 0; - } - - /* Insert ctl data into cpuid_policy. */ - switch ( ctl->input[0] ) - { - case 0x00000000 ... ARRAY_SIZE(p->basic.raw) - 1: - switch ( ctl->input[0] ) - { - case 4: - p->cache.raw[ctl->input[1]] =3D leaf; - break; - - case 7: - p->feat.raw[ctl->input[1]] =3D leaf; - break; - - case 0xb: - p->topo.raw[ctl->input[1]] =3D leaf; - break; - - case XSTATE_CPUID: - p->xstate.raw[ctl->input[1]] =3D leaf; - break; - - default: - p->basic.raw[ctl->input[0]] =3D leaf; - break; - } - break; - - case 0x40000000: - p->hv_limit =3D ctl->eax; - break; - - case 0x40000100: - p->hv2_limit =3D ctl->eax; - break; - - case 0x80000000 ... 0x80000000 + ARRAY_SIZE(p->extd.raw) - 1: - p->extd.raw[ctl->input[0] - 0x80000000] =3D leaf; - break; - } - - recalculate_cpuid_policy(d); - domain_cpu_policy_changed(d); - - return 0; -} - static int update_domain_cpu_policy(struct domain *d, xen_domctl_cpu_policy_t *xdpc) { @@ -951,19 +863,6 @@ long arch_do_domctl( break; } =20 - case XEN_DOMCTL_set_cpuid: - if ( d =3D=3D currd ) /* no domain_pause() */ - ret =3D -EINVAL; - else if ( d->creation_finished ) - ret =3D -EEXIST; /* No changing once the domain is running. */ - else - { - domain_pause(d); - ret =3D update_domain_cpuid_info(d, &domctl->u.cpuid); - domain_unpause(d); - } - break; - case XEN_DOMCTL_gettscinfo: if ( d =3D=3D currd ) /* no domain_pause() */ ret =3D -EINVAL; diff --git a/xen/include/public/domctl.h b/xen/include/public/domctl.h index bd7d26545d..605207a3d4 100644 --- a/xen/include/public/domctl.h +++ b/xen/include/public/domctl.h @@ -648,14 +648,6 @@ struct xen_domctl_set_target { =20 #if defined(__i386__) || defined(__x86_64__) # define XEN_CPUID_INPUT_UNUSED 0xFFFFFFFF -/* XEN_DOMCTL_set_cpuid */ -struct xen_domctl_cpuid { - uint32_t input[2]; - uint32_t eax; - uint32_t ebx; - uint32_t ecx; - uint32_t edx; -}; =20 /* * XEN_DOMCTL_{get,set}_cpu_policy (x86 specific) @@ -1167,7 +1159,7 @@ struct xen_domctl { #define XEN_DOMCTL_set_target 46 #define XEN_DOMCTL_deassign_device 47 #define XEN_DOMCTL_unbind_pt_irq 48 -#define XEN_DOMCTL_set_cpuid 49 +/* #define XEN_DOMCTL_set_cpuid 49 - Obsolete - use set_c= pu_policy */ #define XEN_DOMCTL_get_device_group 50 /* #define XEN_DOMCTL_set_machine_address_size 51 - Obsolete */ /* #define XEN_DOMCTL_get_machine_address_size 52 - Obsolete */ @@ -1244,7 +1236,6 @@ struct xen_domctl { struct xen_domctl_vm_event_op vm_event_op; struct xen_domctl_mem_sharing_op mem_sharing_op; #if defined(__i386__) || defined(__x86_64__) - struct xen_domctl_cpuid cpuid; struct xen_domctl_cpu_policy cpu_policy; struct xen_domctl_vcpuextstate vcpuextstate; struct xen_domctl_vcpu_msrs vcpu_msrs; diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c index b23772786a..fd8d23c185 100644 --- a/xen/xsm/flask/hooks.c +++ b/xen/xsm/flask/hooks.c @@ -716,8 +716,7 @@ static int flask_domctl(struct domain *d, int cmd) return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SET_VIRQ_HANDL= ER); =20 case XEN_DOMCTL_set_cpu_policy: - case XEN_DOMCTL_set_cpuid: - return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__SET_CPUID); + return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__SET_CPU_POLI= CY); =20 case XEN_DOMCTL_gettscinfo: return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__GETTSC); diff --git a/xen/xsm/flask/policy/access_vectors b/xen/xsm/flask/policy/acc= ess_vectors index 6f3f9493f8..c055c14c26 100644 --- a/xen/xsm/flask/policy/access_vectors +++ b/xen/xsm/flask/policy/access_vectors @@ -208,8 +208,7 @@ class domain2 # target =3D the new target domain set_as_target # XEN_DOMCTL_set_cpu_policy -# XEN_DOMCTL_set_cpuid - set_cpuid + set_cpu_policy # XEN_DOMCTL_gettscinfo gettsc # XEN_DOMCTL_settscinfo --=20 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel From nobody Tue May 7 07:25:53 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org ARC-Seal: i=1; a=rsa-sha256; t=1568403697; cv=none; d=zoho.com; s=zohoarc; b=Mco/Ve9H9b5XALN9uFHl6mKJSF8bp5c2JsPkutfy0vjTbFIRIsnLbdxOVE7nHTklyhs6BiU5+G3vLecdANWmioLLy0zqv80vIUECCkcz5s6XjrmsKS6omotuw4IeRB+A5J4JpM8LO0aZrs5IOO9Ak37PBJ7Jb2n2El3fbc9zN98= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1568403697; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=V4i4lcd+qawbx+LP2xT/etCvOERrtE7pvtFxXJHBuuY=; b=ZwmyIeANyw2E4aErJC1cRLEqWK9e+axC+8k7JFt/RIZ+0kHyag0OV1apcccliaD8xjse7c6XAXFG1XsxKofAHK75GPCK7IAKbX6i5j/meZxgdXkwO65GGct6FvptkiDtFOzUuQTypiXrO07sdAQLw/roP3JesFF71pBOiDtgWus= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=fail; spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1568403697891309.00291790450694; Fri, 13 Sep 2019 12:41:37 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1i8rQn-0000qb-A6; Fri, 13 Sep 2019 19:40:33 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1i8rQl-0000qS-MX for xen-devel@lists.xenproject.org; Fri, 13 Sep 2019 19:40:31 +0000 Received: from esa5.hc3370-68.iphmx.com (unknown [216.71.155.168]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id 57fc7a0c-d65e-11e9-95b9-12813bfff9fa; Fri, 13 Sep 2019 19:40:30 +0000 (UTC) X-Inumbo-ID: 57fc7a0c-d65e-11e9-95b9-12813bfff9fa DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1568403630; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Cp6tFL/XHMEP63R0guP26d8reY1TYzmtk99bNV5kdU0=; b=fJQYl2DxhXZlY2m3n6w7ErOZ8d5/uriZkfc2oldyLN04VLSHqh48q09+ 6IbL63prVih3xWO43lqPY4BDnWE3RMplONDTBJQ9MnyJB45vyL4D+RZX4 stwaDnf8u/jkuoQhgEcmjSJ3kS8aKcRSiF411iZ84gVRi4HUIeruTZebS g=; Authentication-Results: esa5.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=andrew.cooper3@citrix.com; spf=Pass smtp.mailfrom=Andrew.Cooper3@citrix.com; spf=None smtp.helo=postmaster@mail.citrix.com Received-SPF: none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Received-SPF: None (esa5.hc3370-68.iphmx.com: no sender authenticity information available from domain of andrew.cooper3@citrix.com) identity=pra; client-ip=162.221.158.21; receiver=esa5.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="andrew.cooper3@citrix.com"; x-conformance=sidf_compatible Received-SPF: Pass (esa5.hc3370-68.iphmx.com: domain of Andrew.Cooper3@citrix.com designates 162.221.158.21 as permitted sender) identity=mailfrom; client-ip=162.221.158.21; receiver=esa5.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="Andrew.Cooper3@citrix.com"; x-conformance=sidf_compatible; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ~all" Received-SPF: None (esa5.hc3370-68.iphmx.com: no sender authenticity information available from domain of postmaster@mail.citrix.com) identity=helo; client-ip=162.221.158.21; receiver=esa5.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="postmaster@mail.citrix.com"; x-conformance=sidf_compatible IronPort-SDR: 4cQ5q2E0MdFngU9Gt327bvIFQTJCEugu2xZjTFptNXiHsedpQW8+aaelrjY7O9WMUkZc8yPHOy Fl4HXlof9mhBXpMCq8fJETkV/tkEsUbFBIHjrBjaTbsADUPJmSjlbvnpZw29kGHTaCwj5OwLam 6NiS7JpJON67lbAM+1B5yJlBCF+G9mPkkgki/W6haQtR9fVMXXJ9Pt2ILat5pk6dl8ozMhncRp 2arD6TbwDZT8MY8cW7v1xgjyv1eokIKGjNRZpmz3qy+Sl+nNb6QnqG/kzWn4DLqad+o/02HtUI JyI= X-SBRS: 2.7 X-MesageID: 5755000 X-Ironport-Server: esa5.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.64,501,1559534400"; d="scan'208";a="5755000" From: Andrew Cooper To: Xen-devel Date: Fri, 13 Sep 2019 20:27:59 +0100 Message-ID: <20190913192759.10795-11-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20190913192759.10795-1-andrew.cooper3@citrix.com> References: <20190913192759.10795-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Subject: [Xen-devel] [PATCH v2 10/10] x86/cpuid: Enable CPUID Faulting for PV control domains by default X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Andrew Cooper , Wei Liu , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) The domain builder no longer uses local CPUID instructions for policy decisions. This resolves a key issue for PVH dom0's. However, as PV dom0's have never had faulting enforced, leave a command line option to restore the old behaviour. Advertise virtualised faulting support to control domains unless the opt-out has been used. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- CC: Jan Beulich CC: Wei Liu CC: Roger Pau Monn=C3=A9 v2: * Introduce a command line option to retain old behaviour. * Advertise virtualised faulting support to dom0 when it is used. v2.1: * Split the PVH adjustment out. Rebase. * Recover the docs/ hunk which was accidentally missing. --- docs/misc/xen-command-line.pandoc | 19 ++++++++++++++++++- xen/arch/x86/cpu/common.c | 26 ++++++++++++++------------ xen/arch/x86/dom0_build.c | 2 ++ xen/arch/x86/msr.c | 3 ++- xen/include/asm-x86/setup.h | 1 + 5 files changed, 37 insertions(+), 14 deletions(-) diff --git a/docs/misc/xen-command-line.pandoc b/docs/misc/xen-command-line= .pandoc index 832797e2e2..fc64429064 100644 --- a/docs/misc/xen-command-line.pandoc +++ b/docs/misc/xen-command-line.pandoc @@ -658,7 +658,8 @@ The debug trace feature is only enabled in debugging bu= ilds of Xen. Specify the bit width of the DMA heap. =20 ### dom0 - =3D List of [ pv | pvh, shadow=3D, verbose=3D ] + =3D List of [ pv | pvh, shadow=3D, verbose=3D, + cpuid-faulting=3D ] =20 Applicability: x86 =20 @@ -691,6 +692,22 @@ Controls for how dom0 is constructed on x86 systems. information during the dom0 build. It defaults to the compile time ch= oice of `CONFIG_VERBOSE_DEBUG`. =20 +* The `cpuid-faulting` boolean is an interim option, is only applicable = to + PV dom0, and defaults to true. + + Before Xen 4.13, the domain builder logic for guest construction depen= ded + on seeing host CPUID values to function correctly. As a result, CPUID + Faulting was never activated for PV dom0's, even on capable hardware. + + In Xen 4.13, the domain builder logic has been fixed, and no longer has + this dependency. As a consequence, CPUID Faulting is activated by def= ault + even for PV dom0's. + + However, as PV dom0's have always seen host CPUID data in the past, th= ere + is a chance that further dependencies exist. This boolean can be used= to + restore the pre-4.13 behaviour. If specifying `no-cpuid-faulting` fix= es + an issue in dom0, please report a bug. + ### dom0-iommu =3D List of [ passthrough=3D, strict=3D, map-inclusive=3D<= bool>, map-reserved=3D, none ] diff --git a/xen/arch/x86/cpu/common.c b/xen/arch/x86/cpu/common.c index 4bf852c948..6c6bd63301 100644 --- a/xen/arch/x86/cpu/common.c +++ b/xen/arch/x86/cpu/common.c @@ -10,12 +10,15 @@ #include #include #include +#include #include #include /* for XEN_INVALID_{SOCKET,CORE}_ID */ =20 #include "cpu.h" #include "mcheck/x86_mca.h" =20 +bool __read_mostly opt_dom0_cpuid_faulting =3D true; + bool_t opt_arat =3D 1; boolean_param("arat", opt_arat); =20 @@ -171,20 +174,19 @@ void ctxt_switch_levelling(const struct vcpu *next) /* * We *should* be enabling faulting for PV control domains. * - * Unfortunately, the domain builder (having only ever been a - * PV guest) expects to be able to see host cpuid state in a - * native CPUID instruction, to correctly build a CPUID policy - * for HVM guests (notably the xstate leaves). - * - * This logic is fundimentally broken for HVM toolstack - * domains, and faulting causes PV guests to behave like HVM - * guests from their point of view. + * The domain builder has now been updated to not depend on + * seeing host CPUID values. This makes it compatible with + * PVH toolstack domains, and lets us enable faulting by + * default for all PV domains. * - * Future development plans will move responsibility for - * generating the maximum full cpuid policy into Xen, at which - * this problem will disappear. + * However, as PV control domains have never had faulting + * enforced on them before, there might plausibly be other + * dependenices on host CPUID data. Therefore, we have left + * an interim escape hatch in the form of + * `dom0=3Dno-cpuid-faulting` to restore the older behaviour. */ - set_cpuid_faulting(nextd && (!is_control_domain(nextd) || + set_cpuid_faulting(nextd && (opt_dom0_cpuid_faulting || + !is_control_domain(nextd) || !is_pv_domain(nextd)) && (is_pv_domain(nextd) || next->arch.msrs-> diff --git a/xen/arch/x86/dom0_build.c b/xen/arch/x86/dom0_build.c index c69570920c..4b75166db3 100644 --- a/xen/arch/x86/dom0_build.c +++ b/xen/arch/x86/dom0_build.c @@ -305,6 +305,8 @@ static int __init parse_dom0_param(const char *s) #endif else if ( (val =3D parse_boolean("verbose", s, ss)) >=3D 0 ) opt_dom0_verbose =3D val; + else if ( (val =3D parse_boolean("cpuid-faulting", s, ss)) >=3D 0 ) + opt_dom0_cpuid_faulting =3D val; else rc =3D -EINVAL; =20 diff --git a/xen/arch/x86/msr.c b/xen/arch/x86/msr.c index a6c8cc7627..4698d2bba1 100644 --- a/xen/arch/x86/msr.c +++ b/xen/arch/x86/msr.c @@ -26,6 +26,7 @@ =20 #include #include +#include =20 DEFINE_PER_CPU(uint32_t, tsc_aux); =20 @@ -92,7 +93,7 @@ int init_domain_msr_policy(struct domain *d) return -ENOMEM; =20 /* See comment in ctxt_switch_levelling() */ - if ( is_control_domain(d) && is_pv_domain(d) ) + if ( !opt_dom0_cpuid_faulting && is_control_domain(d) && is_pv_domain(= d) ) mp->platform_info.cpuid_faulting =3D false; =20 d->arch.msr =3D mp; diff --git a/xen/include/asm-x86/setup.h b/xen/include/asm-x86/setup.h index 15d6363022..861d46d6ac 100644 --- a/xen/include/asm-x86/setup.h +++ b/xen/include/asm-x86/setup.h @@ -66,6 +66,7 @@ extern bool opt_dom0_shadow; #endif extern bool opt_dom0_pvh; extern bool opt_dom0_verbose; +extern bool opt_dom0_cpuid_faulting; =20 #define max_init_domid (0) =20 --=20 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel