From nobody Thu Mar 28 17:18:07 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=none (zohomail.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=fail(p=none dis=none) header.from=citrix.com Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1581436361907783.4184981100348; Tue, 11 Feb 2020 07:52:41 -0800 (PST) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1j1XpS-0000oi-6X; Tue, 11 Feb 2020 15:52:02 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1j1XpQ-0000od-PQ for xen-devel@lists.xenproject.org; Tue, 11 Feb 2020 15:52:00 +0000 Received: from esa6.hc3370-68.iphmx.com (unknown [216.71.155.175]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id 6fa3b1f8-4ce6-11ea-b5cb-12813bfff9fa; Tue, 11 Feb 2020 15:51:59 +0000 (UTC) X-Inumbo-ID: 6fa3b1f8-4ce6-11ea-b5cb-12813bfff9fa DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1581436319; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=bQsi0H2yFc8xgZU38jH4Y+FaMPYqSbhcdm3vJ0u+G+0=; b=hX3KVH4mArGzHu7Sd7QshLqv2AeTBBQdmglWrw/HFZwtvgcEdH+Q1Q3J Q3cNvZRHdEzSVDTT4jZNx4mbMKBJkrifRyzDCY8y/VfNukhA8wRAzIwdJ TD8JZ3gaP5u6E37pPj/TcbG615wZucsD1x27lmlMHAQf0uRFIyG50vyA0 E=; Authentication-Results: esa6.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=andrew.cooper3@citrix.com; spf=Pass smtp.mailfrom=Andrew.Cooper3@citrix.com; spf=None smtp.helo=postmaster@mail.citrix.com Received-SPF: none (zohomail.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Received-SPF: None (esa6.hc3370-68.iphmx.com: no sender authenticity information available from domain of andrew.cooper3@citrix.com) identity=pra; client-ip=162.221.158.21; receiver=esa6.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="andrew.cooper3@citrix.com"; x-conformance=sidf_compatible Received-SPF: Pass (esa6.hc3370-68.iphmx.com: domain of Andrew.Cooper3@citrix.com designates 162.221.158.21 as permitted sender) identity=mailfrom; client-ip=162.221.158.21; receiver=esa6.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="Andrew.Cooper3@citrix.com"; x-conformance=sidf_compatible; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ip4:168.245.78.127 ~all" Received-SPF: None (esa6.hc3370-68.iphmx.com: no sender authenticity information available from domain of postmaster@mail.citrix.com) identity=helo; client-ip=162.221.158.21; receiver=esa6.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="postmaster@mail.citrix.com"; x-conformance=sidf_compatible IronPort-SDR: bXjUn0DzL7H/jdeKDJFeA677a6KvWgfnSgCiYf4TSl9Rarbw3lP9HLgeH7DPPSGDPQ/cBK9XqW Un3rX9YuCNhhhbYSN23YfD1dSsyKwJohYi385n616SHXEEHItkA80hZfQ997FP+F892ZL9gtS/ cGiM5U96UTLbJu+pi0bauzR8dBpClhDIKUynAOh/X1/G6bBMfjb9oPeZvpWUfLRQ3+82mAWU5o 4kV+XB+1fKL8MIJlgLJuNq9m6guLC42w3ape23bfn3esOXhyJzM/0NZHEuyC6xkvcXIPUQjOrJ Tio= X-SBRS: 2.7 X-MesageID: 12712084 X-Ironport-Server: esa6.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.70,428,1574139600"; d="scan'208";a="12712084" From: Andrew Cooper To: Xen-devel Date: Tue, 11 Feb 2020 15:51:54 +0000 Message-ID: <20200211155155.17396-1-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 MIME-Version: 1.0 Subject: [Xen-devel] [PATCH v2] x86/amd: Avoid cpu_has_hypervisor evaluating true on native hardware X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Igor Druzhinin , Claudia , Wei Liu , Andrew Cooper , =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Currently when booting native on AMD hardware, cpuidmask_defaults._1cd gets configured with the HYPERVISOR bit before native CPUID is scanned for featu= re bits. This results in cpu_has_hypervisor becoming set as part of identify_cpu(), = and ends up appearing in the raw and host CPU policies. A combination of this bug, and c/s bb502a8ca59 "x86: check feature flags af= ter resume" which checks that feature bits don't go missing, results in broken = S3 on AMD hardware. Alter amd_init_levelling() to exclude the HYPERVISOR bit from cpumask_defaults, and update domain_cpu_policy_changed() to allow it to be explicitly forwarded. This also fixes a bug on kexec, where the hypervisor bit is left enabled for the new kernel to find. These changes highlight a further but - dom0 construction is asymetric with domU construction, by not having any calls to domain_cpu_policy_changed(). Extend arch_domain_create() to always call domain_cpu_policy_changed(). Reported-by: Igor Druzhinin Signed-off-by: Andrew Cooper Acked-by: Jan Beulich Reviewed-by: Roger Pau Monn=C3=A9 --- CC: Jan Beulich CC: Wei Liu CC: Roger Pau Monn=C3=A9 CC: Igor Druzhinin CC: Marek Marczykowski-G=C3=B3recki CC: Claudia v2: * Rewrite the commit message. No change to the patch content. Marek/Claudia: Do either of you want a Reported-by tag seeing as you found a brand new way that this was broken? --- xen/arch/x86/cpu/amd.c | 3 --- xen/arch/x86/domain.c | 2 ++ xen/arch/x86/domctl.c | 9 ++++++++- xen/include/asm-x86/domain.h | 2 ++ 4 files changed, 12 insertions(+), 4 deletions(-) diff --git a/xen/arch/x86/cpu/amd.c b/xen/arch/x86/cpu/amd.c index e351dd227f..f95a8e0fd3 100644 --- a/xen/arch/x86/cpu/amd.c +++ b/xen/arch/x86/cpu/amd.c @@ -298,9 +298,6 @@ static void __init noinline amd_init_levelling(void) ecx |=3D cpufeat_mask(X86_FEATURE_OSXSAVE); edx |=3D cpufeat_mask(X86_FEATURE_APIC); =20 - /* Allow the HYPERVISOR bit to be set via guest policy. */ - ecx |=3D cpufeat_mask(X86_FEATURE_HYPERVISOR); - cpuidmask_defaults._1cd =3D ((uint64_t)ecx << 32) | edx; } =20 diff --git a/xen/arch/x86/domain.c b/xen/arch/x86/domain.c index f53ae5ff86..12bd554391 100644 --- a/xen/arch/x86/domain.c +++ b/xen/arch/x86/domain.c @@ -656,6 +656,8 @@ int arch_domain_create(struct domain *d, */ d->arch.x87_fip_width =3D cpu_has_fpu_sel ? 0 : 8; =20 + domain_cpu_policy_changed(d); + return 0; =20 fail: diff --git a/xen/arch/x86/domctl.c b/xen/arch/x86/domctl.c index 4fa9c91140..ce76d6d776 100644 --- a/xen/arch/x86/domctl.c +++ b/xen/arch/x86/domctl.c @@ -48,7 +48,7 @@ static int gdbsx_guest_mem_io(domid_t domid, struct xen_d= omctl_gdbsx_memio *iop) } #endif =20 -static void domain_cpu_policy_changed(struct domain *d) +void domain_cpu_policy_changed(struct domain *d) { const struct cpuid_policy *p =3D d->arch.cpuid; struct vcpu *v; @@ -106,6 +106,13 @@ static void domain_cpu_policy_changed(struct domain *d) ecx =3D 0; edx =3D cpufeat_mask(X86_FEATURE_APIC); =20 + /* + * If the Hypervisor bit is set in the policy, we can also + * forward it into real CPUID. + */ + if ( p->basic.hypervisor ) + ecx |=3D cpufeat_mask(X86_FEATURE_HYPERVISOR); + mask |=3D ((uint64_t)ecx << 32) | edx; break; } diff --git a/xen/include/asm-x86/domain.h b/xen/include/asm-x86/domain.h index f0c25ffec0..1843c76d1a 100644 --- a/xen/include/asm-x86/domain.h +++ b/xen/include/asm-x86/domain.h @@ -624,6 +624,8 @@ struct guest_memory_policy void update_guest_memory_policy(struct vcpu *v, struct guest_memory_policy *policy); =20 +void domain_cpu_policy_changed(struct domain *d); + bool update_runstate_area(struct vcpu *); bool update_secondary_system_time(struct vcpu *, struct vcpu_time_info *); --=20 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel