From nobody Mon Feb 9 13:22:26 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org ARC-Seal: i=1; a=rsa-sha256; t=1568403037; cv=none; d=zoho.com; s=zohoarc; b=DT67lIFDwMQQ4SjpZCn7A066Rx4ICRjYhB+O72svlaae69KnnaiFyl+32IOjtZNM4GjfhOXdAmnuHdKxA1VXxPYOCsMEk5/+J5eGvjR+JdATabS4qsLGDP20EFJvSdBo37ysARIktVU+n8NNT8Se14xyKe2LOfZGPOb9Iy5gJzU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1568403037; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=ARVBRBYPbc/rzSKiP0q/N76pmaO7e+sSrPZW250Epyg=; b=byiaVZS4C8by/P+9Ut3tMUAPS/7+Ni21fsV/B0p/n472BA767kHhGql6NMVLJ6Ab4YDLWOh3IxO0pS+DmEwHuQIFpshCi+kaRANQP4U4tkqEneDFd0JK5fxNou7KsTJ75u22p+7i4JoIrIOTLnk+uJc6W2Dqzt/jI7Cw0YCwfJw= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=fail; spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1568403037471825.0279075261137; Fri, 13 Sep 2019 12:30:37 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1i8rEv-0006pR-FO; Fri, 13 Sep 2019 19:28:17 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1i8rEu-0006oV-5B for xen-devel@lists.xenproject.org; Fri, 13 Sep 2019 19:28:16 +0000 Received: from esa2.hc3370-68.iphmx.com (unknown [216.71.145.153]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id 9c5bdef9-d65c-11e9-95b9-12813bfff9fa; Fri, 13 Sep 2019 19:28:06 +0000 (UTC) X-Inumbo-ID: 9c5bdef9-d65c-11e9-95b9-12813bfff9fa DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1568402887; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=NSxqpz48anlJu4u5FGAeqGGWrRboyp0W0USHGtqzIOs=; b=P7zihcwfgPFHDLz+mj+LJynSDtnBK1DUswNCUqYlegCJJrba+z6+72pn RpixRtI6fvFpF56Wy1T9he6o46Z1wj/DWNtwSnVkDWf3qBmJbw/xtXn9g obDYwxH5M4twArFW30tV457KyIk2D+4ngSF3ig6DXywwdZJfC53hsO+oE g=; Authentication-Results: esa2.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=andrew.cooper3@citrix.com; spf=Pass smtp.mailfrom=Andrew.Cooper3@citrix.com; spf=None smtp.helo=postmaster@mail.citrix.com Received-SPF: none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Received-SPF: None (esa2.hc3370-68.iphmx.com: no sender authenticity information available from domain of andrew.cooper3@citrix.com) identity=pra; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="andrew.cooper3@citrix.com"; x-conformance=sidf_compatible Received-SPF: Pass (esa2.hc3370-68.iphmx.com: domain of Andrew.Cooper3@citrix.com designates 162.221.158.21 as permitted sender) identity=mailfrom; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="Andrew.Cooper3@citrix.com"; x-conformance=sidf_compatible; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ~all" Received-SPF: None (esa2.hc3370-68.iphmx.com: no sender authenticity information available from domain of postmaster@mail.citrix.com) identity=helo; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="postmaster@mail.citrix.com"; x-conformance=sidf_compatible IronPort-SDR: OSV/0nXyCGimodPvZaoMV4fyXYQIMxmQt9uu+/kaubKB+nvrxcH1Rcjd/VrResoPxIZBAPJ0IF slWvfp+hHfZglRxbr0jBWld/HSbtZLHqVNSEfw06q7Ez1RTRJjCTeIJvtYLQCVP2ksb97eD+S6 HVbdh+V/n91WqGutauAfJ/MKLGKqysByHuAVBOa7mtIlbTwEAUKgQyufMgpD7ZQqApOQre3s8f mUPFmfqMzo+XdCYVBcxPymzNpnc6Jtm0sNtIdrPiUpUwLZCu3d32vi3J2WgGG+FuyBRFUaJJQw XMA= X-SBRS: 2.7 X-MesageID: 5553059 X-Ironport-Server: esa2.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.64,501,1559534400"; d="scan'208";a="5553059" From: Andrew Cooper To: Xen-devel Date: Fri, 13 Sep 2019 20:27:52 +0100 Message-ID: <20190913192759.10795-4-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20190913192759.10795-1-andrew.cooper3@citrix.com> References: <20190913192759.10795-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Subject: [Xen-devel] [PATCH v2 03/10] libx86: Introduce x86_cpu_policies_are_compatible() X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Andrew Cooper , Wei Liu , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) This helper will eventually be the core "can a guest configured like this r= un on the CPU?" logic. For now, it is just enough of a stub to allow us to replace the hypercall interface while retaining the previous behaviour. It will be expanded as various other bits of CPUID handling get cleaned up. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- CC: Jan Beulich CC: Wei Liu CC: Roger Pau Monn=C3=A9 v2: * Rebase over 'plaform' typo fix * Proactively initialise the error pointer * Expand the function documentation --- tools/tests/cpu-policy/Makefile | 2 +- tools/tests/cpu-policy/test-cpu-policy.c | 111 +++++++++++++++++++++++++++= +++- xen/include/xen/lib/x86/cpu-policy.h | 26 ++++++++ xen/lib/x86/Makefile | 1 + xen/lib/x86/policy.c | 54 +++++++++++++++ 5 files changed, 191 insertions(+), 3 deletions(-) create mode 100644 xen/lib/x86/policy.c diff --git a/tools/tests/cpu-policy/Makefile b/tools/tests/cpu-policy/Makef= ile index fb548c9b9a..70ff154da6 100644 --- a/tools/tests/cpu-policy/Makefile +++ b/tools/tests/cpu-policy/Makefile @@ -39,7 +39,7 @@ CFLAGS +=3D $(APPEND_CFLAGS) =20 vpath %.c ../../../xen/lib/x86 =20 -test-cpu-policy: test-cpu-policy.o msr.o cpuid.o +test-cpu-policy: test-cpu-policy.o msr.o cpuid.o policy.o $(CC) $(CFLAGS) $^ -o $@ =20 -include $(DEPS_INCLUDE) diff --git a/tools/tests/cpu-policy/test-cpu-policy.c b/tools/tests/cpu-pol= icy/test-cpu-policy.c index 201358d210..20ebed923b 100644 --- a/tools/tests/cpu-policy/test-cpu-policy.c +++ b/tools/tests/cpu-policy/test-cpu-policy.c @@ -9,8 +9,7 @@ =20 #include #include -#include -#include +#include #include =20 static unsigned int nr_failures; @@ -503,6 +502,111 @@ static void test_cpuid_out_of_range_clearing(void) } } =20 +static void test_is_compatible_success(void) +{ + static struct test { + const char *name; + struct cpuid_policy host_cpuid; + struct cpuid_policy guest_cpuid; + struct msr_policy host_msr; + struct msr_policy guest_msr; + } tests[] =3D { + { + .name =3D "Host CPUID faulting, Guest not", + .host_msr =3D { + .platform_info.cpuid_faulting =3D true, + }, + }, + { + .name =3D "Host CPUID faulting, Guest wanted", + .host_msr =3D { + .platform_info.cpuid_faulting =3D true, + }, + .guest_msr =3D { + .platform_info.cpuid_faulting =3D true, + }, + }, + }; + struct cpu_policy_errors no_errors =3D INIT_CPU_POLICY_ERRORS; + + printf("Testing policy compatibility success:\n"); + + for ( size_t i =3D 0; i < ARRAY_SIZE(tests); ++i ) + { + struct test *t =3D &tests[i]; + struct cpu_policy sys =3D { + &t->host_cpuid, + &t->host_msr, + }, new =3D { + &t->guest_cpuid, + &t->guest_msr, + }; + struct cpu_policy_errors e; + int res =3D x86_cpu_policies_are_compatible(&sys, &new, &e); + + /* Check the expected error output. */ + if ( res !=3D 0 || memcmp(&no_errors, &e, sizeof(no_errors)) ) + fail(" Test '%s' expected no errors\n" + " got res %d { leaf %08x, subleaf %08x, msr %08x }\n", + t->name, res, e.leaf, e.subleaf, e.msr); + } +} + +static void test_is_compatible_failure(void) +{ + static struct test { + const char *name; + struct cpuid_policy host_cpuid; + struct cpuid_policy guest_cpuid; + struct msr_policy host_msr; + struct msr_policy guest_msr; + struct cpu_policy_errors e; + } tests[] =3D { + { + .name =3D "Host basic.max_leaf out of range", + .guest_cpuid.basic.max_leaf =3D 1, + .e =3D { 0, -1, -1 }, + }, + { + .name =3D "Host extd.max_leaf out of range", + .guest_cpuid.extd.max_leaf =3D 1, + .e =3D { 0x80000008, -1, -1 }, + }, + { + .name =3D "Host no CPUID faulting, Guest wanted", + .guest_msr =3D { + .platform_info.cpuid_faulting =3D true, + }, + .e =3D { -1, -1, 0xce }, + }, + }; + + printf("Testing policy compatibility failure:\n"); + + for ( size_t i =3D 0; i < ARRAY_SIZE(tests); ++i ) + { + struct test *t =3D &tests[i]; + struct cpu_policy sys =3D { + &t->host_cpuid, + &t->host_msr, + }, new =3D { + &t->guest_cpuid, + &t->guest_msr, + }; + struct cpu_policy_errors e; + int res =3D x86_cpu_policies_are_compatible(&sys, &new, &e); + + /* Check the expected error output. */ + if ( res =3D=3D 0 || memcmp(&t->e, &e, sizeof(t->e)) ) + fail(" Test '%s' res %d\n" + " expected { leaf %08x, subleaf %08x, msr %08x }\n" + " got { leaf %08x, subleaf %08x, msr %08x }\n", + t->name, res, + t->e.leaf, t->e.subleaf, t->e.msr, + e.leaf, e.subleaf, e.msr); + } +} + int main(int argc, char **argv) { printf("CPU Policy unit tests\n"); @@ -516,6 +620,9 @@ int main(int argc, char **argv) test_msr_serialise_success(); test_msr_deserialise_failure(); =20 + test_is_compatible_success(); + test_is_compatible_failure(); + if ( nr_failures ) printf("Done: %u failures\n", nr_failures); else diff --git a/xen/include/xen/lib/x86/cpu-policy.h b/xen/include/xen/lib/x86= /cpu-policy.h index 6f07c4b493..b7e38732a0 100644 --- a/xen/include/xen/lib/x86/cpu-policy.h +++ b/xen/include/xen/lib/x86/cpu-policy.h @@ -11,6 +11,32 @@ struct cpu_policy struct msr_policy *msr; }; =20 +struct cpu_policy_errors +{ + uint32_t leaf, subleaf; + uint32_t msr; +}; + +#define INIT_CPU_POLICY_ERRORS { ~0u, ~0u, ~0u } + +/* + * Calculate whether two policies are compatible. + * + * i.e. Can a VM configured with @guest run on a CPU supporting @host. + * + * @param host A cpu_policy describing the hardware capabilities. + * @param guest A cpu_policy describing the intended VM configuration. + * @param err Optional hint for error diagnostics. + * @returns -errno + * + * For typical usage, @host should be a system policy. In the case that an + * incompatibility is detected, the optional err pointer may identify the + * problematic leaf/subleaf and/or MSR. + */ +int x86_cpu_policies_are_compatible(const struct cpu_policy *host, + const struct cpu_policy *guest, + struct cpu_policy_errors *err); + #endif /* !XEN_LIB_X86_POLICIES_H */ =20 /* diff --git a/xen/lib/x86/Makefile b/xen/lib/x86/Makefile index 2f9691e964..780ea05db1 100644 --- a/xen/lib/x86/Makefile +++ b/xen/lib/x86/Makefile @@ -1,2 +1,3 @@ obj-y +=3D cpuid.o obj-y +=3D msr.o +obj-y +=3D policy.o diff --git a/xen/lib/x86/policy.c b/xen/lib/x86/policy.c new file mode 100644 index 0000000000..33a347ff9b --- /dev/null +++ b/xen/lib/x86/policy.c @@ -0,0 +1,54 @@ +#include "private.h" + +#include + +int x86_cpu_policies_are_compatible(const struct cpu_policy *host, + const struct cpu_policy *guest, + struct cpu_policy_errors *err) +{ + struct cpu_policy_errors e =3D INIT_CPU_POLICY_ERRORS; + int ret =3D -EINVAL; + + if ( err ) + *err =3D e; + +#define NA XEN_CPUID_NO_SUBLEAF +#define FAIL_CPUID(l, s) \ + do { e.leaf =3D (l); e.subleaf =3D (s); goto out; } while ( 0 ) +#define FAIL_MSR(m) \ + do { e.msr =3D (m); goto out; } while ( 0 ) + + if ( guest->cpuid->basic.max_leaf > host->cpuid->basic.max_leaf ) + FAIL_CPUID(0, NA); + + if ( guest->cpuid->extd.max_leaf > host->cpuid->extd.max_leaf ) + FAIL_CPUID(0x80000008, NA); + + /* TODO: Audit more CPUID data. */ + + if ( ~host->msr->platform_info.raw & guest->msr->platform_info.raw ) + FAIL_MSR(MSR_INTEL_PLATFORM_INFO); + +#undef FAIL_MSR +#undef FAIL_CPUID +#undef NA + + /* Success. */ + ret =3D 0; + + out: + if ( ret && err ) + *err =3D e; + + return ret; +} + +/* + * Local variables: + * mode: C + * c-file-style: "BSD" + * c-basic-offset: 4 + * tab-width: 4 + * indent-tabs-mode: nil + * End: + */ --=20 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel