Don't assume there's going to be enough space at the tail of the
loaded kernel and instead try to find a suitable memory area where the
initrd and metadata can be loaded.
Reported-by: Andrew Cooper <andrew.cooper3@citrix.com>
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
---
Changes since v2:
- Simplify checks since the kernel used memory must always be a
subset of a RAM region.
- Fix comment grammar.
- Align the loaded kernel area to page boundaries.
- For safety assert that all RAM regions in the memory map are
page aligned.
Changes since v1:
- Calculate end of e820 entry earlier.
- Only check if the end of the region is < 1MB.
- Check for range overlaps with the kernel region.
- Check the region is of type RAM.
- Fix off-by-one checks in range overlaps.
- Add a comment about why initrd and metadata is placed together.
- Add parentheses around size calculations.
---
xen/arch/x86/hvm/dom0_build.c | 58 ++++++++++++++++++++++++++++++++++-
1 file changed, 57 insertions(+), 1 deletion(-)
diff --git a/xen/arch/x86/hvm/dom0_build.c b/xen/arch/x86/hvm/dom0_build.c
index eded87eaf5..cc719a0208 100644
--- a/xen/arch/x86/hvm/dom0_build.c
+++ b/xen/arch/x86/hvm/dom0_build.c
@@ -490,6 +490,45 @@ static int __init pvh_populate_p2m(struct domain *d)
#undef MB1_PAGES
}
+static paddr_t find_memory(const struct domain *d, const struct elf_binary *elf,
+ size_t size)
+{
+ paddr_t kernel_start = (paddr_t)elf->dest_base & PAGE_MASK;
+ paddr_t kernel_end = ROUNDUP((paddr_t)elf->dest_base + elf->dest_size,
+ PAGE_SIZE);
+ unsigned int i;
+
+ /*
+ * The memory map is sorted and all RAM regions starts and sizes are
+ * aligned to page boundaries.
+ */
+ for ( i = 0; i < d->arch.nr_e820; i++ )
+ {
+ paddr_t start, end = d->arch.e820[i].addr + d->arch.e820[i].size;
+
+ /* Don't use memory below 1MB, as it could overwrite the BDA/EBDA. */
+ if ( end <= MB(1) || d->arch.e820[i].type != E820_RAM )
+ continue;
+
+ start = MAX(ROUNDUP(d->arch.e820[i].addr, PAGE_SIZE), MB(1));
+
+ ASSERT(IS_ALIGNED(start, PAGE_SIZE) && IS_ALIGNED(end, PAGE_SIZE));
+
+ if ( end <= kernel_start || start >= kernel_end )
+ ; /* No overlap, nothing to do. */
+ /* Deal with the kernel already being loaded in the region. */
+ else if ( kernel_start - start > end - kernel_end )
+ end = kernel_start;
+ else
+ start = kernel_end;
+
+ if ( end - start >= size )
+ return start;
+ }
+
+ return INVALID_PADDR;
+}
+
static int __init pvh_load_kernel(struct domain *d, const module_t *image,
unsigned long image_headroom,
module_t *initrd, void *image_base,
@@ -546,7 +585,24 @@ static int __init pvh_load_kernel(struct domain *d, const module_t *image,
return rc;
}
- last_addr = ROUNDUP(parms.virt_kend - parms.virt_base, PAGE_SIZE);
+ /*
+ * Find a RAM region big enough (and that doesn't overlap with the loaded
+ * kernel) in order to load the initrd and the metadata. Note it could be
+ * split into smaller allocations, done as a single region in order to
+ * simplify it.
+ */
+ last_addr = find_memory(d, &elf, sizeof(start_info) +
+ (initrd ? ROUNDUP(initrd->mod_end, PAGE_SIZE) +
+ sizeof(mod)
+ : 0) +
+ (cmdline ? ROUNDUP(strlen(cmdline) + 1,
+ elf_64bit(&elf) ? 8 : 4)
+ : 0));
+ if ( last_addr == INVALID_PADDR )
+ {
+ printk("Unable to find a memory region to load initrd and metadata\n");
+ return -ENOMEM;
+ }
if ( initrd != NULL )
{
--
2.25.0
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-develOn 04.03.2020 11:25, Roger Pau Monne wrote:
> Don't assume there's going to be enough space at the tail of the
> loaded kernel and instead try to find a suitable memory area where the
> initrd and metadata can be loaded.
>
> Reported-by: Andrew Cooper <andrew.cooper3@citrix.com>
> Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
preferably with, as Andrew suggested, ...
> --- a/xen/arch/x86/hvm/dom0_build.c
> +++ b/xen/arch/x86/hvm/dom0_build.c
> @@ -490,6 +490,45 @@ static int __init pvh_populate_p2m(struct domain *d)
> #undef MB1_PAGES
> }
>
> +static paddr_t find_memory(const struct domain *d, const struct elf_binary *elf,
> + size_t size)
> +{
> + paddr_t kernel_start = (paddr_t)elf->dest_base & PAGE_MASK;
> + paddr_t kernel_end = ROUNDUP((paddr_t)elf->dest_base + elf->dest_size,
> + PAGE_SIZE);
> + unsigned int i;
> +
> + /*
> + * The memory map is sorted and all RAM regions starts and sizes are
> + * aligned to page boundaries.
> + */
> + for ( i = 0; i < d->arch.nr_e820; i++ )
> + {
> + paddr_t start, end = d->arch.e820[i].addr + d->arch.e820[i].size;
> +
> + /* Don't use memory below 1MB, as it could overwrite the BDA/EBDA. */
... IBFT added here (I'm not worried so much about whether BDA remains
here or gets dropped). This could of course be done while committing.
Jan
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
On Wed, Mar 04, 2020 at 11:31:23AM +0100, Jan Beulich wrote:
> On 04.03.2020 11:25, Roger Pau Monne wrote:
> > Don't assume there's going to be enough space at the tail of the
> > loaded kernel and instead try to find a suitable memory area where the
> > initrd and metadata can be loaded.
> >
> > Reported-by: Andrew Cooper <andrew.cooper3@citrix.com>
> > Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
>
> Reviewed-by: Jan Beulich <jbeulich@suse.com>
> preferably with, as Andrew suggested, ...
>
> > --- a/xen/arch/x86/hvm/dom0_build.c
> > +++ b/xen/arch/x86/hvm/dom0_build.c
> > @@ -490,6 +490,45 @@ static int __init pvh_populate_p2m(struct domain *d)
> > #undef MB1_PAGES
> > }
> >
> > +static paddr_t find_memory(const struct domain *d, const struct elf_binary *elf,
> > + size_t size)
> > +{
> > + paddr_t kernel_start = (paddr_t)elf->dest_base & PAGE_MASK;
> > + paddr_t kernel_end = ROUNDUP((paddr_t)elf->dest_base + elf->dest_size,
> > + PAGE_SIZE);
> > + unsigned int i;
> > +
> > + /*
> > + * The memory map is sorted and all RAM regions starts and sizes are
> > + * aligned to page boundaries.
> > + */
> > + for ( i = 0; i < d->arch.nr_e820; i++ )
> > + {
> > + paddr_t start, end = d->arch.e820[i].addr + d->arch.e820[i].size;
> > +
> > + /* Don't use memory below 1MB, as it could overwrite the BDA/EBDA. */
>
> ... IBFT added here (I'm not worried so much about whether BDA remains
> here or gets dropped). This could of course be done while committing.
Sure, thanks.
Roger.
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
© 2016 - 2024 Red Hat, Inc.