From nobody Sun Apr 28 22:56:55 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=fail(p=none dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1592230589; cv=none; d=zohomail.com; s=zohoarc; b=e0CdAy+CddXxXtnN8yD2x8hLhUIzMjEe0iolIreFQ/L4l4dt9NwYAlcHI0SrabkgqklyBMx4RnA6vJSdYORfHPBfxc/KrD6NwxiTH68wp740AOE73yTM7pS4XTwupsGQ467se5kQkx1XIJpmKntmNemmUnBi5utOPbPiC5wbpSQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592230589; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=74OsqNJXa0CmNCgsiR9j97HhWAVbmJ2aoQY1S42iI+Q=; b=Yrcd06A2DLHwh4+T9eU6AMtoZg/Yq33+R2S1SkCW9V8qF5CdVd0DzJ2xO2dZyASuro7Y+E6soB3hCK7s/D2ruI5b4oEFRid02oaVUtAJ/90N6HCoZe4MGWxo69DoKuhMk+ytiMN6mlwbv62DT0QHJiqGkIMt0Lff3Kp49I5/rf8= ARC-Authentication-Results: i=1; mx.zohomail.com; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1592230589026236.2263805789786; Mon, 15 Jun 2020 07:16:29 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jkpuI-00081k-Qm; Mon, 15 Jun 2020 14:16:14 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jkpuI-0007qe-5u for xen-devel@lists.xenproject.org; Mon, 15 Jun 2020 14:16:14 +0000 Received: from esa3.hc3370-68.iphmx.com (unknown [216.71.145.155]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id b9e8f80c-af12-11ea-bb8b-bc764e2007e4; Mon, 15 Jun 2020 14:15:55 +0000 (UTC) X-Inumbo-ID: b9e8f80c-af12-11ea-bb8b-bc764e2007e4 Authentication-Results: esa3.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: UDaqbc4TbHeYODtc+HkmveLoGbw/Tno3hC+KDZcJ96XhD748wssAHbyq/SyAnFuaZFPhHX+vxB bf1cOvEcp0XrYwqCjk25x88wV+9yrTrLLVnlEusbDIxnZ4PpdUg3a+Z87VhFRZFkHFN6X0fQXZ YOh1W6DRzAxgseB+FrUBfXJJ6zSxXo8A1nqKicOdIjaC0SInshwv1/D2pHwHSRMXxnEMCLs7Kj hkSjdhOwRY/mg9PzaAnrJ9vWkzMzIdWiK9nyKAvWl0IulfEsBIVT4PZwFNMarlVr63uUEv1R2Y SOY= X-SBRS: 2.7 X-MesageID: 20064840 X-Ironport-Server: esa3.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.73,514,1583211600"; d="scan'208";a="20064840" From: Andrew Cooper To: Xen-devel Subject: [PATCH 1/9] tools/libx[cl]: Introduce struct xc_xend_cpuid for xc_cpuid_set() Date: Mon, 15 Jun 2020 15:15:24 +0100 Message-ID: <20200615141532.1927-2-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20200615141532.1927-1-andrew.cooper3@citrix.com> References: <20200615141532.1927-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Wei Liu , Paul Durrant , Andrew Cooper , Jan Beulich , Ian Jackson , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" In order to combine the functionality of xc_cpuid_set() with xc_cpuid_apply_policy(), arrange to pass the data in a single contained struct, rather than two arrays. libxl__cpuid_policy is the ideal structure to use, but that would introduce= a reverse dependency between libxc and libxl. Introduce xc_xend_cpuid (with a transparent union to provide more useful names for the inputs), and use this structure in libxl. The public API has libxl_cpuid_policy as an opaque type referencing libxl__cpuid_policy. Drop the inappropriate comment about its internals, a= nd use xc_xend_cpuid as a differently named opaque backing object. Users of b= oth libxl and libxc are not permitted to look at the internals. No change in behaviour. Signed-off-by: Andrew Cooper Acked-by: Ian Jackson --- CC: Ian Jackson CC: Wei Liu CC: Jan Beulich CC: Wei Liu CC: Roger Pau Monn=C3=A9 CC: Paul Durrant --- tools/libxc/include/xenctrl.h | 30 ++++++++++++++++++++++++++++-- tools/libxc/xc_cpuid_x86.c | 39 +++++++++++---------------------------- tools/libxl/libxl.h | 8 ++++---- tools/libxl/libxl_cpuid.c | 7 +++---- tools/libxl/libxl_internal.h | 10 ---------- 5 files changed, 46 insertions(+), 48 deletions(-) diff --git a/tools/libxc/include/xenctrl.h b/tools/libxc/include/xenctrl.h index 113ddd935d..178144e8e2 100644 --- a/tools/libxc/include/xenctrl.h +++ b/tools/libxc/include/xenctrl.h @@ -1792,10 +1792,36 @@ int xc_domain_debug_control(xc_interface *xch, uint32_t vcpu); =20 #if defined(__i386__) || defined(__x86_64__) + +/* + * CPUID policy data, expressed in the legacy XEND format. + * + * Policy is an array of strings, 32 chars long: + * policy[0] =3D eax + * policy[1] =3D ebx + * policy[2] =3D ecx + * policy[3] =3D edx + * + * The format of the string is the following: + * '1' -> force to 1 + * '0' -> force to 0 + * 'x' -> we don't care (use default) + * 'k' -> pass through host value + * 's' -> legacy alias for 'k' + */ +struct xc_xend_cpuid { + union { + struct { + uint32_t leaf, subleaf; + }; + uint32_t input[2]; + }; + char *policy[4]; +}; + int xc_cpuid_set(xc_interface *xch, uint32_t domid, - const unsigned int *input, - const char **config); + const struct xc_xend_cpuid *xend); =20 /* * Make adjustments to the CPUID settings for a domain. diff --git a/tools/libxc/xc_cpuid_x86.c b/tools/libxc/xc_cpuid_x86.c index b42edd6457..edc2ad9b47 100644 --- a/tools/libxc/xc_cpuid_x86.c +++ b/tools/libxc/xc_cpuid_x86.c @@ -259,27 +259,8 @@ int xc_set_domain_cpu_policy(xc_interface *xch, uint32= _t domid, return ret; } =20 -/* - * Configure a single input with the informatiom from config. - * - * Config is an array of strings: - * config[0] =3D eax - * config[1] =3D ebx - * config[2] =3D ecx - * config[3] =3D edx - * - * The format of the string is the following: - * '1' -> force to 1 - * '0' -> force to 0 - * 'x' -> we don't care (use default) - * 'k' -> pass through host value - * 's' -> legacy alias for 'k' - * - * In all cases, the returned string consists of just '0' and '1'. - */ int xc_cpuid_set( - xc_interface *xch, uint32_t domid, const unsigned int *input, - const char **config) + xc_interface *xch, uint32_t domid, const struct xc_xend_cpuid *xend) { int rc; unsigned int i, j, regs[4] =3D {}, polregs[4] =3D {}; @@ -324,7 +305,8 @@ int xc_cpuid_set( goto fail; } for ( i =3D 0; i < policy_leaves; ++i ) - if ( leaves[i].leaf =3D=3D input[0] && leaves[i].subleaf =3D=3D in= put[1] ) + if ( leaves[i].leaf =3D=3D xend->leaf && + leaves[i].subleaf =3D=3D xend->subleaf ) { polregs[0] =3D leaves[i].a; polregs[1] =3D leaves[i].b; @@ -345,7 +327,8 @@ int xc_cpuid_set( goto fail; } for ( i =3D 0; i < policy_leaves; ++i ) - if ( leaves[i].leaf =3D=3D input[0] && leaves[i].subleaf =3D=3D in= put[1] ) + if ( leaves[i].leaf =3D=3D xend->leaf && + leaves[i].subleaf =3D=3D xend->subleaf ) { regs[0] =3D leaves[i].a; regs[1] =3D leaves[i].b; @@ -356,7 +339,7 @@ int xc_cpuid_set( =20 for ( i =3D 0; i < 4; i++ ) { - if ( config[i] =3D=3D NULL ) + if ( xend->policy[i] =3D=3D NULL ) { regs[i] =3D polregs[i]; continue; @@ -375,14 +358,14 @@ int xc_cpuid_set( unsigned char polval =3D !!((polregs[i] & (1U << (31 - j)))); =20 rc =3D -EINVAL; - if ( !strchr("10xks", config[i][j]) ) + if ( !strchr("10xks", xend->policy[i][j]) ) goto fail; =20 - if ( config[i][j] =3D=3D '1' ) + if ( xend->policy[i][j] =3D=3D '1' ) val =3D 1; - else if ( config[i][j] =3D=3D '0' ) + else if ( xend->policy[i][j] =3D=3D '0' ) val =3D 0; - else if ( config[i][j] =3D=3D 'x' ) + else if ( xend->policy[i][j] =3D=3D 'x' ) val =3D polval; =20 if ( val ) @@ -393,7 +376,7 @@ int xc_cpuid_set( } =20 /* Feed the transformed leaf back up to Xen. */ - leaves[0] =3D (xen_cpuid_leaf_t){ input[0], input[1], + leaves[0] =3D (xen_cpuid_leaf_t){ xend->leaf, xend->subleaf, regs[0], regs[1], regs[2], regs[3] }; rc =3D xc_set_domain_cpu_policy(xch, domid, 1, leaves, 0, NULL, &err_leaf, &err_subleaf, &err_msr); diff --git a/tools/libxl/libxl.h b/tools/libxl/libxl.h index 71709dc585..1cd6c38e83 100644 --- a/tools/libxl/libxl.h +++ b/tools/libxl/libxl.h @@ -1310,11 +1310,11 @@ typedef struct { void libxl_bitmap_init(libxl_bitmap *map); void libxl_bitmap_dispose(libxl_bitmap *map); =20 -/* libxl_cpuid_policy_list is a dynamic array storing CPUID policies - * for multiple leafs. It is terminated with an entry holding - * XEN_CPUID_INPUT_UNUSED in input[0] +/* + * libxl_cpuid_policy is opaque in the libxl ABI. Users of both libxl and + * libxc may not make assumptions about xc_xend_cpuid. */ -typedef struct libxl__cpuid_policy libxl_cpuid_policy; +typedef struct xc_xend_cpuid libxl_cpuid_policy; typedef libxl_cpuid_policy * libxl_cpuid_policy_list; void libxl_cpuid_dispose(libxl_cpuid_policy_list *cpuid_list); int libxl_cpuid_policy_list_length(const libxl_cpuid_policy_list *l); diff --git a/tools/libxl/libxl_cpuid.c b/tools/libxl/libxl_cpuid.c index 796ec4f2d9..e001cbcd4f 100644 --- a/tools/libxl/libxl_cpuid.c +++ b/tools/libxl/libxl_cpuid.c @@ -288,7 +288,7 @@ int libxl_cpuid_parse_config(libxl_cpuid_policy_list *c= puid, const char* str) char *sep, *val, *endptr; int i; const struct cpuid_flags *flag; - struct libxl__cpuid_policy *entry; + struct xc_xend_cpuid *entry; unsigned long num; char flags[33], *resstr; =20 @@ -366,7 +366,7 @@ int libxl_cpuid_parse_config_xend(libxl_cpuid_policy_li= st *cpuid, char *endptr; unsigned long value; uint32_t leaf, subleaf =3D XEN_CPUID_INPUT_UNUSED; - struct libxl__cpuid_policy *entry; + struct xc_xend_cpuid *entry; =20 /* parse the leaf number */ value =3D strtoul(str, &endptr, 0); @@ -442,8 +442,7 @@ void libxl__cpuid_legacy(libxl_ctx *ctx, uint32_t domid, return; =20 for (i =3D 0; cpuid[i].input[0] !=3D XEN_CPUID_INPUT_UNUSED; i++) - xc_cpuid_set(ctx->xch, domid, cpuid[i].input, - (const char**)cpuid[i].policy); + xc_cpuid_set(ctx->xch, domid, &cpuid[i]); } =20 static const char *input_names[2] =3D { "leaf", "subleaf" }; diff --git a/tools/libxl/libxl_internal.h b/tools/libxl/libxl_internal.h index c7ece066c4..79c2bf5f5e 100644 --- a/tools/libxl/libxl_internal.h +++ b/tools/libxl/libxl_internal.h @@ -2056,16 +2056,6 @@ typedef yajl_gen_status (*libxl__gen_json_callback)(= yajl_gen hand, void *); _hidden char *libxl__object_to_json(libxl_ctx *ctx, const char *type, libxl__gen_json_callback gen, void *p); =20 - /* holds the CPUID response for a single CPUID leaf - * input contains the value of the EAX and ECX register, - * and each policy string contains a filter to apply to - * the host given values for that particular leaf. - */ -struct libxl__cpuid_policy { - uint32_t input[2]; - char *policy[4]; -}; - _hidden void libxl__cpuid_legacy(libxl_ctx *ctx, uint32_t domid, libxl_domain_build_info *info); =20 --=20 2.11.0 From nobody Sun Apr 28 22:56:55 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=fail(p=none dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1592230574; cv=none; d=zohomail.com; s=zohoarc; b=FJkQezsREm97awF3i3GREbdEj+/lIqVRb8u4kTscFIXWGnmjb5tE5S/pasl2ZmzZ8rpV0M5Txt4i8u4ZLR9jWxwvS/Ae5yEJN8+d1k29VYP9HO2fZtFUYX+T72/qD+qYNTt6Ziljl0lPlwNXi06hKdl3356knaZMSyA/FdpN934= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592230574; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=HRsnPTmhI4nYNelh7BRWLGXWRUiFwcsKyboDYV6ycCw=; b=jirXLMq1zhEpvGT2QPrxNP+0IM7E4ZJSMaT/dcVALyivAAAqNGl6HGljzyE9pajr+5E+FD6NbQ6HRDtBszSh1DKRBQXIdgpIkRW1V4ZuGXOQolCoVveHSNOgaD5KhCgQzdRjgrWXAlFXddS3O43syIJxyRVC7UJyuM7fbptErww= ARC-Authentication-Results: i=1; mx.zohomail.com; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1592230574953803.5020217322974; Mon, 15 Jun 2020 07:16:14 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jkpu4-0007sF-8o; Mon, 15 Jun 2020 14:16:00 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jkpu3-0007qe-5V for xen-devel@lists.xenproject.org; Mon, 15 Jun 2020 14:15:59 +0000 Received: from esa3.hc3370-68.iphmx.com (unknown [216.71.145.155]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id b9508c70-af12-11ea-bca7-bc764e2007e4; Mon, 15 Jun 2020 14:15:54 +0000 (UTC) X-Inumbo-ID: b9508c70-af12-11ea-bca7-bc764e2007e4 Authentication-Results: esa3.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: A04GakzAv8qhrDMfu5/dxLlX0prS/Tx3wC3kejqOajtC++rwD9oS+SnvHudkC83u52g3DzSgfK TV4xr+pPX6QLzEvL6PvEecxK9IVuJvWM5gavfu1BY4YBVv788HXRmdJZjKwQxcXuI4hFAZEhhn OhmE/WvawQRTrWmdKTYl4c3S7Bxa9sRIyejEPhoK7RMm6rbmttT01M3UrL2UAzmSWTLbh4QgFh 0UjeNYb3NLqj63Q/8JIiPnq0UfM1Q9LNUS0FEQHlW5+48GZcHH7NpTG4oVyXlXBp5IqdZx7eGk wlE= X-SBRS: 2.7 X-MesageID: 20064837 X-Ironport-Server: esa3.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.73,514,1583211600"; d="scan'208";a="20064837" From: Andrew Cooper To: Xen-devel Subject: [PATCH 2/9] tests/cpu-policy: Confirm that CPUID serialisation is sorted Date: Mon, 15 Jun 2020 15:15:25 +0100 Message-ID: <20200615141532.1927-3-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20200615141532.1927-1-andrew.cooper3@citrix.com> References: <20200615141532.1927-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Wei Liu , Paul Durrant , Andrew Cooper , Jan Beulich , Ian Jackson , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" The existing x86_cpuid_copy_to_buffer() does produce sorted results, and we= 're about to start relying on this. Extend the unit tests. As test_cpuid_serialise_success() is a fairly limited set of synthetic examples right now, introduce test_cpuid_current() to operate on the full policy for the current CPU. Tweak the fail() macro to allow for simplified control flow. Signed-off-by: Andrew Cooper Acked-by: Ian Jackson Reviewed-by: Jan Beulich --- CC: Jan Beulich CC: Wei Liu CC: Roger Pau Monn=C3=A9 CC: Ian Jackson CC: Wei Liu CC: Paul Durrant --- tools/tests/cpu-policy/test-cpu-policy.c | 49 ++++++++++++++++++++++++++++= +++- 1 file changed, 48 insertions(+), 1 deletion(-) diff --git a/tools/tests/cpu-policy/test-cpu-policy.c b/tools/tests/cpu-pol= icy/test-cpu-policy.c index fe8cdf6ea9..7ba9707236 100644 --- a/tools/tests/cpu-policy/test-cpu-policy.c +++ b/tools/tests/cpu-policy/test-cpu-policy.c @@ -16,7 +16,7 @@ static unsigned int nr_failures; #define fail(fmt, ...) \ ({ \ nr_failures++; \ - printf(fmt, ##__VA_ARGS__); \ + (void)printf(fmt, ##__VA_ARGS__); \ }) =20 #define memdup(ptr) \ @@ -66,6 +66,45 @@ static void test_vendor_identification(void) } } =20 +static bool leaves_are_sorted(const xen_cpuid_leaf_t *leaves, unsigned int= nr) +{ + for ( unsigned int i =3D 1; i < nr; ++i ) + { + /* leaf index went backwards =3D> not sorted. */ + if ( leaves[i - 1].leaf > leaves[i].leaf ) + return false; + + /* leaf index went forwards =3D> ok */ + if ( leaves[i - 1].leaf < leaves[i].leaf ) + continue; + + /* leave index the same, subleaf didn't increase =3D> not sorted. = */ + if ( leaves[i - 1].subleaf >=3D leaves[i].subleaf ) + return false; + } + + return true; +} + +static void test_cpuid_current(void) +{ + struct cpuid_policy p; + xen_cpuid_leaf_t leaves[CPUID_MAX_SERIALISED_LEAVES]; + unsigned int nr =3D ARRAY_SIZE(leaves); + int rc; + + printf("Testing CPUID on current CPU\n"); + + x86_cpuid_policy_fill_native(&p); + + rc =3D x86_cpuid_copy_to_buffer(&p, leaves, &nr); + if ( rc !=3D 0 ) + return fail(" Serialise, expected rc 0, got %d\n", rc); + + if ( !leaves_are_sorted(leaves, nr) ) + return fail(" Leaves not sorted\n"); +} + static void test_cpuid_serialise_success(void) { static const struct test { @@ -178,6 +217,13 @@ static void test_cpuid_serialise_success(void) goto test_done; } =20 + if ( !leaves_are_sorted(leaves, nr) ) + { + fail(" Test %s, leaves not sorted\n", + t->name); + goto test_done; + } + test_done: free(leaves); } @@ -613,6 +659,7 @@ int main(int argc, char **argv) =20 test_vendor_identification(); =20 + test_cpuid_current(); test_cpuid_serialise_success(); test_cpuid_deserialise_failure(); test_cpuid_out_of_range_clearing(); --=20 2.11.0 From nobody Sun Apr 28 22:56:55 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=fail(p=none dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1592230577; cv=none; d=zohomail.com; s=zohoarc; b=BcEHz96VToAOOH5hROhyK5a6hjMoQEfBwlrN0LfvY4jo6COO5Fm2+8oj3qNJ1MacCztmz8Y8JFMa9zOLmjAE1zSpPTvwP438Tr1x0VHk+E8aa49t3XYUbStIzOtVrAHHI4BeuVfnccjrioC1gyLxcm9N4uV+awNkiy6AHP9+5yM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592230577; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=FYxp5+IjK7zyCIl5Vz+vAPOjWZ1xlzMI0sHFrTVpUMo=; b=eQWAZzW+IwrslJBqkpO1ukmyCgMa+9fBqr7vXWpJQPG+DOTuYoYQV6WzHDlgkWPr06QXoIES2BX3cHbt2GBcnru4L3nVvZ76p6yjDUTZNg70FffA6vnzYV1BbBxljAEJBG+cvRpj8tDtVE14d2aq94iP6u44kSzvaEYrzSG2qDg= ARC-Authentication-Results: i=1; mx.zohomail.com; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 15922305773527.409075508594583; Mon, 15 Jun 2020 07:16:17 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jkpu2-0007rJ-15; Mon, 15 Jun 2020 14:15:58 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jkpu0-0007r6-J6 for xen-devel@lists.xenproject.org; Mon, 15 Jun 2020 14:15:56 +0000 Received: from esa3.hc3370-68.iphmx.com (unknown [216.71.145.155]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id b9c24fe0-af12-11ea-b801-12813bfff9fa; Mon, 15 Jun 2020 14:15:55 +0000 (UTC) X-Inumbo-ID: b9c24fe0-af12-11ea-b801-12813bfff9fa Authentication-Results: esa3.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: Cu6wRtIKUxbfA+SASgGLv5eUG0SxnSpIjVacZ6OtwFV4F0RbLAW+psJUueV6Jou3w6iMeCBwFo YLki+Un47YVfO0rixgihdqXVtmUF/PgnMYvUMNs7guNvoROf6vMjE8rcSHh9SKoF0IcYHsO22C KcbXu2oLXZMKWWF4eQsJEkJmwGIi7qFrIJO0e/XTsRjFN0lvc+IfB4DIBBJY0R4UT0dX5n6Q0r cFfRfY0VZbsmPIEgmp3LGrjUcpMUiCE1T4dMwFxf29C8Mvf26QpeJkMx5Gx2jNMh1jwxD/OlM6 Cb0= X-SBRS: 2.7 X-MesageID: 20064841 X-Ironport-Server: esa3.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.73,514,1583211600"; d="scan'208";a="20064841" From: Andrew Cooper To: Xen-devel Subject: [PATCH 3/9] tools/libx[cl]: Move processing loop down into xc_cpuid_set() Date: Mon, 15 Jun 2020 15:15:26 +0100 Message-ID: <20200615141532.1927-4-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20200615141532.1927-1-andrew.cooper3@citrix.com> References: <20200615141532.1927-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Wei Liu , Paul Durrant , Andrew Cooper , Jan Beulich , Ian Jackson , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Currently, libxl__cpuid_legacy() passes each element of the policy list to xc_cpuid_set() individually. This is wasteful both in terms of the number = of hypercalls made, and the quantity of repeated merging/auditing work perform= ed by Xen. Move the loop processing down into xc_cpuid_set(), which allows us to do one set of hypercalls, rather than one per list entry. In xc_cpuid_set(), obtain the full host, guest max and current policies to begin with, and loop over the xend array, processing one leaf at a time. Replace the linear search with a binary search, seeing as the serialised leaves are sorted. No change in behaviour from the guests point of view. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- CC: Ian Jackson CC: Wei Liu CC: Jan Beulich CC: Wei Liu CC: Roger Pau Monn=C3=A9 CC: Paul Durrant --- tools/libxc/xc_cpuid_x86.c | 159 +++++++++++++++++++++++++++--------------= ---- tools/libxl/libxl_cpuid.c | 4 +- 2 files changed, 95 insertions(+), 68 deletions(-) diff --git a/tools/libxc/xc_cpuid_x86.c b/tools/libxc/xc_cpuid_x86.c index edc2ad9b47..e827c48fd1 100644 --- a/tools/libxc/xc_cpuid_x86.c +++ b/tools/libxc/xc_cpuid_x86.c @@ -38,8 +38,6 @@ enum { =20 #define bitmaskof(idx) (1u << ((idx) & 31)) #define featureword_of(idx) ((idx) >> 5) -#define clear_feature(idx, dst) ((dst) &=3D ~bitmaskof(idx)) -#define set_feature(idx, dst) ((dst) |=3D bitmaskof(idx)) =20 int xc_get_cpu_levelling_caps(xc_interface *xch, uint32_t *caps) { @@ -259,15 +257,42 @@ int xc_set_domain_cpu_policy(xc_interface *xch, uint3= 2_t domid, return ret; } =20 +static int compare_leaves(const void *l, const void *r) +{ + const xen_cpuid_leaf_t *lhs =3D l; + const xen_cpuid_leaf_t *rhs =3D r; + + if ( lhs->leaf !=3D rhs->leaf ) + return lhs->leaf < rhs->leaf ? -1 : 1; + + if ( lhs->subleaf !=3D rhs->subleaf ) + return lhs->subleaf < rhs->subleaf ? -1 : 1; + + return 0; +} + +static xen_cpuid_leaf_t *find_leaf( + xen_cpuid_leaf_t *leaves, unsigned int nr_leaves, + const struct xc_xend_cpuid *xend) +{ + const xen_cpuid_leaf_t key =3D { xend->leaf, xend->subleaf }; + + return bsearch(&key, leaves, nr_leaves, sizeof(*leaves), compare_leave= s); +} + int xc_cpuid_set( xc_interface *xch, uint32_t domid, const struct xc_xend_cpuid *xend) { int rc; - unsigned int i, j, regs[4] =3D {}, polregs[4] =3D {}; xc_dominfo_t di; - xen_cpuid_leaf_t *leaves =3D NULL; - unsigned int nr_leaves, policy_leaves, nr_msrs; + unsigned int nr_leaves, nr_msrs; uint32_t err_leaf =3D -1, err_subleaf =3D -1, err_msr =3D -1; + /* + * Three full policies. The host, domain max, and domain current for = the + * domain type. + */ + xen_cpuid_leaf_t *host =3D NULL, *max =3D NULL, *cur =3D NULL; + unsigned int nr_host, nr_max, nr_cur; =20 if ( xc_domain_getinfo(xch, domid, 1, &di) !=3D 1 || di.domid !=3D domid ) @@ -286,99 +311,101 @@ int xc_cpuid_set( } =20 rc =3D -ENOMEM; - if ( (leaves =3D calloc(nr_leaves, sizeof(*leaves))) =3D=3D NULL ) + if ( (host =3D calloc(nr_leaves, sizeof(*host))) =3D=3D NULL || + (max =3D calloc(nr_leaves, sizeof(*max))) =3D=3D NULL || + (cur =3D calloc(nr_leaves, sizeof(*cur))) =3D=3D NULL ) { ERROR("Unable to allocate memory for %u CPUID leaves", nr_leaves); goto fail; } =20 + /* Get the domain's current policy. */ + nr_msrs =3D 0; + nr_cur =3D nr_leaves; + rc =3D xc_get_domain_cpu_policy(xch, domid, &nr_cur, cur, &nr_msrs, NU= LL); + if ( rc ) + { + PERROR("Failed to obtain d%d current policy", domid); + rc =3D -errno; + goto fail; + } + /* Get the domain's max policy. */ nr_msrs =3D 0; - policy_leaves =3D nr_leaves; + nr_max =3D nr_leaves; rc =3D xc_get_system_cpu_policy(xch, di.hvm ? XEN_SYSCTL_cpu_policy_hv= m_max : XEN_SYSCTL_cpu_policy_pv_m= ax, - &policy_leaves, leaves, &nr_msrs, NULL); + &nr_max, max, &nr_msrs, NULL); if ( rc ) { PERROR("Failed to obtain %s max policy", di.hvm ? "hvm" : "pv"); rc =3D -errno; goto fail; } - for ( i =3D 0; i < policy_leaves; ++i ) - if ( leaves[i].leaf =3D=3D xend->leaf && - leaves[i].subleaf =3D=3D xend->subleaf ) - { - polregs[0] =3D leaves[i].a; - polregs[1] =3D leaves[i].b; - polregs[2] =3D leaves[i].c; - polregs[3] =3D leaves[i].d; - break; - } =20 /* Get the host policy. */ nr_msrs =3D 0; - policy_leaves =3D nr_leaves; + nr_host =3D nr_leaves; rc =3D xc_get_system_cpu_policy(xch, XEN_SYSCTL_cpu_policy_host, - &policy_leaves, leaves, &nr_msrs, NULL); + &nr_host, host, &nr_msrs, NULL); if ( rc ) { PERROR("Failed to obtain host policy"); rc =3D -errno; goto fail; } - for ( i =3D 0; i < policy_leaves; ++i ) - if ( leaves[i].leaf =3D=3D xend->leaf && - leaves[i].subleaf =3D=3D xend->subleaf ) - { - regs[0] =3D leaves[i].a; - regs[1] =3D leaves[i].b; - regs[2] =3D leaves[i].c; - regs[3] =3D leaves[i].d; - break; - } =20 - for ( i =3D 0; i < 4; i++ ) + rc =3D -EINVAL; + for ( ; xend->leaf !=3D XEN_CPUID_INPUT_UNUSED; ++xend ) { - if ( xend->policy[i] =3D=3D NULL ) + xen_cpuid_leaf_t *cur_leaf =3D find_leaf(cur, nr_cur, xend); + const xen_cpuid_leaf_t *max_leaf =3D find_leaf(max, nr_max, xend); + const xen_cpuid_leaf_t *host_leaf =3D find_leaf(host, nr_host, xen= d); + + if ( cur_leaf =3D=3D NULL || max_leaf =3D=3D NULL || host_leaf =3D= =3D NULL ) { - regs[i] =3D polregs[i]; - continue; + ERROR("Missing leaf %#x, subleaf %#x", xend->leaf, xend->suble= af); + goto fail; } =20 - /* - * Notes for following this algorithm: - * - * While it will accept any leaf data, it only makes sense to use = on - * feature leaves. regs[] initially contains the host values. Th= is, - * with the fall-through chain, is how the 's' and 'k' options wor= k. - */ - for ( j =3D 0; j < 32; j++ ) + for ( int i =3D 0; i < 4; i++ ) { - unsigned char val =3D !!((regs[i] & (1U << (31 - j)))); - unsigned char polval =3D !!((polregs[i] & (1U << (31 - j)))); - - rc =3D -EINVAL; - if ( !strchr("10xks", xend->policy[i][j]) ) - goto fail; - - if ( xend->policy[i][j] =3D=3D '1' ) - val =3D 1; - else if ( xend->policy[i][j] =3D=3D '0' ) - val =3D 0; - else if ( xend->policy[i][j] =3D=3D 'x' ) - val =3D polval; - - if ( val ) - set_feature(31 - j, regs[i]); - else - clear_feature(31 - j, regs[i]); + uint32_t *cur_reg =3D &cur_leaf->a + i; + const uint32_t *max_reg =3D &max_leaf->a + i; + const uint32_t *host_reg =3D &host_leaf->a + i; + + if ( xend->policy[i] =3D=3D NULL ) + continue; + + for ( int j =3D 0; j < 32; j++ ) + { + bool val; + + if ( xend->policy[i][j] =3D=3D '1' ) + val =3D true; + else if ( xend->policy[i][j] =3D=3D '0' ) + val =3D false; + else if ( xend->policy[i][j] =3D=3D 'x' ) + val =3D test_bit(31 - j, max_reg); + else if ( xend->policy[i][j] =3D=3D 'k' || + xend->policy[i][j] =3D=3D 's' ) + val =3D test_bit(31 - j, host_reg); + else + { + ERROR("Bad character '%c' in policy[%d] string '%s'", + xend->policy[i][j], i, xend->policy[i]); + goto fail; + } + + clear_bit(31 - j, cur_reg); + if ( val ) + set_bit(31 - j, cur_reg); + } } } =20 - /* Feed the transformed leaf back up to Xen. */ - leaves[0] =3D (xen_cpuid_leaf_t){ xend->leaf, xend->subleaf, - regs[0], regs[1], regs[2], regs[3] }; - rc =3D xc_set_domain_cpu_policy(xch, domid, 1, leaves, 0, NULL, + /* Feed the transformed currrent policy back up to Xen. */ + rc =3D xc_set_domain_cpu_policy(xch, domid, nr_cur, cur, 0, NULL, &err_leaf, &err_subleaf, &err_msr); if ( rc ) { @@ -391,7 +418,9 @@ int xc_cpuid_set( /* Success! */ =20 fail: - free(leaves); + free(cur); + free(max); + free(host); =20 return rc; } diff --git a/tools/libxl/libxl_cpuid.c b/tools/libxl/libxl_cpuid.c index e001cbcd4f..6f7cf2054e 100644 --- a/tools/libxl/libxl_cpuid.c +++ b/tools/libxl/libxl_cpuid.c @@ -420,7 +420,6 @@ void libxl__cpuid_legacy(libxl_ctx *ctx, uint32_t domid, libxl_domain_build_info *info) { libxl_cpuid_policy_list cpuid =3D info->cpuid; - int i; bool pae =3D true; =20 /* @@ -441,8 +440,7 @@ void libxl__cpuid_legacy(libxl_ctx *ctx, uint32_t domid, if (!cpuid) return; =20 - for (i =3D 0; cpuid[i].input[0] !=3D XEN_CPUID_INPUT_UNUSED; i++) - xc_cpuid_set(ctx->xch, domid, &cpuid[i]); + xc_cpuid_set(ctx->xch, domid, info->cpuid); } =20 static const char *input_names[2] =3D { "leaf", "subleaf" }; --=20 2.11.0 From nobody Sun Apr 28 22:56:55 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=fail(p=none dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1592230593; cv=none; d=zohomail.com; s=zohoarc; b=jMFA1zm0PljaRjkizKcWdc1JWuj14Nt6yo7keUbp6ZSVMptK6s+pXE4P8v6+PxQUO5hVPFG2Bb+dmcSt+THNqk4tK4OM16uD5yj4FZRJGQ5wewM1ZFvEkuav07D9aoM6jbduONNEGiuRIY+wb/5BCWQJczX3g53l1MTpslgsQm8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592230593; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=6rpseuu90KQ3ErlxASYFQgm8oOwe7f0EwC9Cc+W4WXg=; b=D+TKMXQzC6oCKr/Af+QSJN1P5V37THMksdvavwLTvvgVR1Cgas3DqVMy562IE9TIaWZKVhWcU3S+LT1aRq2oJyM/1AHj7AenTWIUAXOkCx1F0fO2kBPhoarN+8gWXsNDO4Y+4JLgqKCbyVPv1NC8KTbeHO2MzGLG2BoINE51cD0= ARC-Authentication-Results: i=1; mx.zohomail.com; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1592230593124206.36218176112232; Mon, 15 Jun 2020 07:16:33 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jkpuO-00086L-4M; Mon, 15 Jun 2020 14:16:20 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jkpuN-0007qe-69 for xen-devel@lists.xenproject.org; Mon, 15 Jun 2020 14:16:19 +0000 Received: from esa4.hc3370-68.iphmx.com (unknown [216.71.155.144]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id bb625930-af12-11ea-bca7-bc764e2007e4; Mon, 15 Jun 2020 14:15:58 +0000 (UTC) X-Inumbo-ID: bb625930-af12-11ea-bca7-bc764e2007e4 Authentication-Results: esa4.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: Snr8vaAfNSSAS8IA9g4PvhVBkLH0/PnPWvuDbtoqmonYGzjyOxXbL5wmjTDu+yzBJzr05Wh2+w n6WuIWB0krml7vYplkf6Inoh7/0f691r4YyDhewmBa1Jgm0W2qrkPOaWhORhbQfJJXNSY5sRy3 MfIycaEWwjkFZeYR/Vc78H930aT6tvGJWkqC8BrJEFrqd5iVzNjtVxhd3cPgIqvvXGtebQ+Rdr BcPydlb2/A+cDKDPoc+KLFDIlOWNB9ki6tOLMckpvMzGYaWlgh+H/HReULnLs/yUXoaiPHeumZ x18= X-SBRS: 2.7 X-MesageID: 20839539 X-Ironport-Server: esa4.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.73,514,1583211600"; d="scan'208";a="20839539" From: Andrew Cooper To: Xen-devel Subject: [PATCH 4/9] tools/libx[cl]: Merge xc_cpuid_set() into xc_cpuid_apply_policy() Date: Mon, 15 Jun 2020 15:15:27 +0100 Message-ID: <20200615141532.1927-5-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20200615141532.1927-1-andrew.cooper3@citrix.com> References: <20200615141532.1927-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Wei Liu , Paul Durrant , Andrew Cooper , Jan Beulich , Ian Jackson , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" This reduces the number of CPUID handling entry-points to just one. No functional change. Signed-off-by: Andrew Cooper Acked-by: Ian Jackson --- CC: Ian Jackson CC: Wei Liu CC: Jan Beulich CC: Wei Liu CC: Roger Pau Monn=C3=A9 CC: Paul Durrant --- tools/libxc/include/xenctrl.h | 9 ++++----- tools/libxc/xc_cpuid_x86.c | 8 ++++++-- tools/libxl/libxl_cpuid.c | 8 +------- 3 files changed, 11 insertions(+), 14 deletions(-) diff --git a/tools/libxc/include/xenctrl.h b/tools/libxc/include/xenctrl.h index 178144e8e2..5f0978e0e5 100644 --- a/tools/libxc/include/xenctrl.h +++ b/tools/libxc/include/xenctrl.h @@ -1819,20 +1819,19 @@ struct xc_xend_cpuid { char *policy[4]; }; =20 -int xc_cpuid_set(xc_interface *xch, - uint32_t domid, - const struct xc_xend_cpuid *xend); - /* * Make adjustments to the CPUID settings for a domain. * * Either pass a full new @featureset (and @nr_features), or adjust indivi= dual * features (@pae). + * + * Then (optionally) apply legacy XEND overrides (@xend) to the result. */ int xc_cpuid_apply_policy(xc_interface *xch, uint32_t domid, const uint32_t *featureset, - unsigned int nr_features, bool pae); + unsigned int nr_features, bool pae, + const struct xc_xend_cpuid *xend); int xc_mca_op(xc_interface *xch, struct xen_mc *mc); int xc_mca_op_inject_v2(xc_interface *xch, unsigned int flags, xc_cpumap_t cpumap, unsigned int nr_cpus); diff --git a/tools/libxc/xc_cpuid_x86.c b/tools/libxc/xc_cpuid_x86.c index e827c48fd1..26a7b94dcf 100644 --- a/tools/libxc/xc_cpuid_x86.c +++ b/tools/libxc/xc_cpuid_x86.c @@ -280,7 +280,7 @@ static xen_cpuid_leaf_t *find_leaf( return bsearch(&key, leaves, nr_leaves, sizeof(*leaves), compare_leave= s); } =20 -int xc_cpuid_set( +static int xc_cpuid_xend_policy( xc_interface *xch, uint32_t domid, const struct xc_xend_cpuid *xend) { int rc; @@ -427,7 +427,8 @@ int xc_cpuid_set( =20 int xc_cpuid_apply_policy(xc_interface *xch, uint32_t domid, const uint32_t *featureset, unsigned int nr_feat= ures, - bool pae) + bool pae, + const struct xc_xend_cpuid *xend) { int rc; xc_dominfo_t di; @@ -637,6 +638,9 @@ int xc_cpuid_apply_policy(xc_interface *xch, uint32_t d= omid, goto out; } =20 + if ( xend && (rc =3D xc_cpuid_xend_policy(xch, domid, xend)) ) + goto out; + rc =3D 0; =20 out: diff --git a/tools/libxl/libxl_cpuid.c b/tools/libxl/libxl_cpuid.c index 6f7cf2054e..edfcf315ca 100644 --- a/tools/libxl/libxl_cpuid.c +++ b/tools/libxl/libxl_cpuid.c @@ -419,7 +419,6 @@ int libxl_cpuid_parse_config_xend(libxl_cpuid_policy_li= st *cpuid, void libxl__cpuid_legacy(libxl_ctx *ctx, uint32_t domid, libxl_domain_build_info *info) { - libxl_cpuid_policy_list cpuid =3D info->cpuid; bool pae =3D true; =20 /* @@ -435,12 +434,7 @@ void libxl__cpuid_legacy(libxl_ctx *ctx, uint32_t domi= d, if (info->type =3D=3D LIBXL_DOMAIN_TYPE_HVM) pae =3D libxl_defbool_val(info->u.hvm.pae); =20 - xc_cpuid_apply_policy(ctx->xch, domid, NULL, 0, pae); - - if (!cpuid) - return; - - xc_cpuid_set(ctx->xch, domid, info->cpuid); + xc_cpuid_apply_policy(ctx->xch, domid, NULL, 0, pae, info->cpuid); } =20 static const char *input_names[2] =3D { "leaf", "subleaf" }; --=20 2.11.0 From nobody Sun Apr 28 22:56:55 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=fail(p=none dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1592230595; cv=none; d=zohomail.com; s=zohoarc; b=m8/M5eL/MKiV0F2qCFrRO6TECTibkEvfW4UExKJfomD9WEvm2+KlauGmmQC5BC4x7WHr3hBwqK15qqXuiKmNwYZhAXRUmuuhJ2el2Lp3rE6oJcDuTyjZ9Yr2u/Y3LZ1leRsXpgz5vd0WXDDl01Nk5EgiLtUBrCGkAUgXLEhi1PY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592230595; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=E5QWkkcaiQnDrM9YkJ9AXcQRHy+OsRFqAxrjIx8EiaY=; b=A7cuUj1t10rmy+9hPpMOUStS0gqhkdfkFJ0Wh7eCcn2Xux50WG4ijthhwb+EaUQ6fXR7EK68gOVk+nyfrtNvgi1zyX9z7bGc0dbxk0zDpJdrlXGxN4vganNeoo9fM/DAJnNJ0+aCjT3KuYIlC9V1neAUYnCnZLR47XB7gnMgTc0= ARC-Authentication-Results: i=1; mx.zohomail.com; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1592230595228851.433589717831; Mon, 15 Jun 2020 07:16:35 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jkpuE-0007yW-GW; Mon, 15 Jun 2020 14:16:10 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jkpuD-0007qe-5j for xen-devel@lists.xenproject.org; Mon, 15 Jun 2020 14:16:09 +0000 Received: from esa3.hc3370-68.iphmx.com (unknown [216.71.145.155]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id b9b798b6-af12-11ea-bca7-bc764e2007e4; Mon, 15 Jun 2020 14:15:54 +0000 (UTC) X-Inumbo-ID: b9b798b6-af12-11ea-bca7-bc764e2007e4 Authentication-Results: esa3.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: 2lfisGOrd28c2GHAkOxBetBR4iUWm8SYG26l+LvzWyEiWbJePzyrFu8YSqnIWQt7VhZpV3f5Qp 6cjLb0bru0DW2nnuPoOXWqO51adVrVcHkWN+V7Xlhe+IKMP/fG4iqhytYUN2pHXdJZWxupvQz2 z5nialtJnULBif0S2RTGHZ371kp4MjU9O2tYVeL10Y5wL+ThjK0qtlG4iOi7djdwfUhg5bjPJs mOyd4IKjyS2zx5bwiugaVrKwZziG+BbpkxDscjSl7739tiSqCVnLTg+bin7TgXutUSZAqJrQmQ mF4= X-SBRS: 2.7 X-MesageID: 20064839 X-Ironport-Server: esa3.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.73,514,1583211600"; d="scan'208";a="20064839" From: Andrew Cooper To: Xen-devel Subject: [PATCH 5/9] tools/libx[cl]: Plumb bool restore down into xc_cpuid_apply_policy() Date: Mon, 15 Jun 2020 15:15:28 +0100 Message-ID: <20200615141532.1927-6-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20200615141532.1927-1-andrew.cooper3@citrix.com> References: <20200615141532.1927-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Wei Liu , Paul Durrant , Andrew Cooper , Jan Beulich , Ian Jackson , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" In order to safely disable some features by default, without breaking migration from 4.13 or older, the CPUID logic needs to distinguish the two cases. Plumb a restore boolean down from the two callers of libxl__cpuid_legacy() = all the way down into xc_cpuid_apply_policy(). No functional change. Signed-off-by: Andrew Cooper Acked-by: Ian Jackson --- CC: Ian Jackson CC: Wei Liu CC: Jan Beulich CC: Wei Liu CC: Roger Pau Monn=C3=A9 CC: Paul Durrant Ideally, I'd have started the brand new CPUID/MSR interface for the boot pa= th before cleaning up the legacy path, but that's far too much work to squeeze into 4.14 at this point. The restore boolean will do for now, and will disappear eventually. --- tools/libxc/include/xenctrl.h | 7 ++++++- tools/libxc/xc_cpuid_x86.c | 2 +- tools/libxl/libxl_cpuid.c | 4 ++-- tools/libxl/libxl_create.c | 2 +- tools/libxl/libxl_dom.c | 2 +- tools/libxl/libxl_internal.h | 2 +- tools/libxl/libxl_nocpuid.c | 2 +- 7 files changed, 13 insertions(+), 8 deletions(-) diff --git a/tools/libxc/include/xenctrl.h b/tools/libxc/include/xenctrl.h index 5f0978e0e5..634be88ac1 100644 --- a/tools/libxc/include/xenctrl.h +++ b/tools/libxc/include/xenctrl.h @@ -1822,13 +1822,18 @@ struct xc_xend_cpuid { /* * Make adjustments to the CPUID settings for a domain. * + * This path is used in two cases. First, for fresh boots of the domain, = and + * secondly for migrate-in/restore of pre-4.14 guests (where CPUID data was + * missing from the stream). The @restore parameter distinguishes these + * cases, and the generated policy must be compatible with a 4.13. + * * Either pass a full new @featureset (and @nr_features), or adjust indivi= dual * features (@pae). * * Then (optionally) apply legacy XEND overrides (@xend) to the result. */ int xc_cpuid_apply_policy(xc_interface *xch, - uint32_t domid, + uint32_t domid, bool restore, const uint32_t *featureset, unsigned int nr_features, bool pae, const struct xc_xend_cpuid *xend); diff --git a/tools/libxc/xc_cpuid_x86.c b/tools/libxc/xc_cpuid_x86.c index 26a7b94dcf..e017abffce 100644 --- a/tools/libxc/xc_cpuid_x86.c +++ b/tools/libxc/xc_cpuid_x86.c @@ -425,7 +425,7 @@ static int xc_cpuid_xend_policy( return rc; } =20 -int xc_cpuid_apply_policy(xc_interface *xch, uint32_t domid, +int xc_cpuid_apply_policy(xc_interface *xch, uint32_t domid, bool restore, const uint32_t *featureset, unsigned int nr_feat= ures, bool pae, const struct xc_xend_cpuid *xend) diff --git a/tools/libxl/libxl_cpuid.c b/tools/libxl/libxl_cpuid.c index edfcf315ca..db2f12d115 100644 --- a/tools/libxl/libxl_cpuid.c +++ b/tools/libxl/libxl_cpuid.c @@ -416,7 +416,7 @@ int libxl_cpuid_parse_config_xend(libxl_cpuid_policy_li= st *cpuid, return 0; } =20 -void libxl__cpuid_legacy(libxl_ctx *ctx, uint32_t domid, +void libxl__cpuid_legacy(libxl_ctx *ctx, uint32_t domid, bool restore, libxl_domain_build_info *info) { bool pae =3D true; @@ -434,7 +434,7 @@ void libxl__cpuid_legacy(libxl_ctx *ctx, uint32_t domid, if (info->type =3D=3D LIBXL_DOMAIN_TYPE_HVM) pae =3D libxl_defbool_val(info->u.hvm.pae); =20 - xc_cpuid_apply_policy(ctx->xch, domid, NULL, 0, pae, info->cpuid); + xc_cpuid_apply_policy(ctx->xch, domid, restore, NULL, 0, pae, info->cp= uid); } =20 static const char *input_names[2] =3D { "leaf", "subleaf" }; diff --git a/tools/libxl/libxl_create.c b/tools/libxl/libxl_create.c index 75862dc6ed..2814818e34 100644 --- a/tools/libxl/libxl_create.c +++ b/tools/libxl/libxl_create.c @@ -1447,7 +1447,7 @@ int libxl__srm_callout_callback_static_data_done(unsi= gned int missing, * stream doesn't contain any CPUID data. */ if (missing & XGR_SDD_MISSING_CPUID) - libxl__cpuid_legacy(ctx, dcs->guest_domid, info); + libxl__cpuid_legacy(ctx, dcs->guest_domid, true, info); =20 return 0; } diff --git a/tools/libxl/libxl_dom.c b/tools/libxl/libxl_dom.c index dd1aff89a3..f8661e90d4 100644 --- a/tools/libxl/libxl_dom.c +++ b/tools/libxl/libxl_dom.c @@ -391,7 +391,7 @@ int libxl__build_pre(libxl__gc *gc, uint32_t domid, * being migrated-in/restored have CPUID handled during the * static_data_done() callback. */ if (!state->restore) - libxl__cpuid_legacy(ctx, domid, info); + libxl__cpuid_legacy(ctx, domid, false, info); =20 return rc; } diff --git a/tools/libxl/libxl_internal.h b/tools/libxl/libxl_internal.h index 79c2bf5f5e..94a23179d3 100644 --- a/tools/libxl/libxl_internal.h +++ b/tools/libxl/libxl_internal.h @@ -2056,7 +2056,7 @@ typedef yajl_gen_status (*libxl__gen_json_callback)(y= ajl_gen hand, void *); _hidden char *libxl__object_to_json(libxl_ctx *ctx, const char *type, libxl__gen_json_callback gen, void *p); =20 -_hidden void libxl__cpuid_legacy(libxl_ctx *ctx, uint32_t domid, +_hidden void libxl__cpuid_legacy(libxl_ctx *ctx, uint32_t domid, bool reto= re, libxl_domain_build_info *info); =20 /* Calls poll() again - useful to check whether a signaled condition diff --git a/tools/libxl/libxl_nocpuid.c b/tools/libxl/libxl_nocpuid.c index 3f30e148be..f47336565b 100644 --- a/tools/libxl/libxl_nocpuid.c +++ b/tools/libxl/libxl_nocpuid.c @@ -34,7 +34,7 @@ int libxl_cpuid_parse_config_xend(libxl_cpuid_policy_list= *cpuid, return 0; } =20 -void libxl__cpuid_legacy(libxl_ctx *ctx, uint32_t domid, +void libxl__cpuid_legacy(libxl_ctx *ctx, uint32_t domid, bool restore, libxl_domain_build_info *info) { } --=20 2.11.0 From nobody Sun Apr 28 22:56:55 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=fail(p=none dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1592230575; cv=none; d=zohomail.com; s=zohoarc; b=RPvsLQuNku1QFydlHoGN1f6n3wJi++bHh1IbfFffVQpBbbHGLZkf1MoJaLBXn51XUK5vZjtRAUm0wLETDd3T4Cq667eR/M3klVOVTazLqBTgJrbuELwQ7GJM0JJdujNxUGvSqEuJr7sJ2mdiecQ+Wk8C3YEYknc4tbU6Xd8WQxs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592230575; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=ej4/Ar7yPFBIYFoqwhKBPkWUVtb5N+n8/enUc7Lo5YE=; b=Qpp/80TffjHMhw1uJsXK35g5EaLz56l/4doUYiwe5PJZYgum5aZLdSNy5pQEChB7mOIzi5jf+kOO3sIk1o1a/eUfcniaYSZVZafJ9lBmK4bm+vBIdliZauciFYoQku8CCHIA69CvYrI2db3dE3ShVgLgCVcqU852dgqkVtH391w= ARC-Authentication-Results: i=1; mx.zohomail.com; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1592230575796547.4518531839359; Mon, 15 Jun 2020 07:16:15 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jkptz-0007qj-L6; Mon, 15 Jun 2020 14:15:55 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jkpty-0007qe-9F for xen-devel@lists.xenproject.org; Mon, 15 Jun 2020 14:15:54 +0000 Received: from esa3.hc3370-68.iphmx.com (unknown [216.71.145.155]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id b8871778-af12-11ea-bca7-bc764e2007e4; Mon, 15 Jun 2020 14:15:53 +0000 (UTC) X-Inumbo-ID: b8871778-af12-11ea-bca7-bc764e2007e4 Authentication-Results: esa3.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: VXRaQHLY4k7JjwaoxKNDHqKX0pr/aBzrF1Bbk363BgZ0pD1EnDAEaIUav89syhYzpOix2wEk6T fbU6En0io1tAXmylQSQ1n1Z/dSlK5n3ib3bJC1WrvAXEk5HMhUXXPrQnqrOQjEHLfcZ1JceZf3 ivBl5mCl4VuS5CVq+yoJ6j/iurALy7wXY9Yg13AqRvJPkDO+7A6Q15dkywCGG52h96VIhJXoWd r8I/n+eQT9C380AaKmhNNHTKMBa/TU5+FSxvGuADahUtSZoovtv4aEwA/kFkqo1lu1sNkL4WRM YAg= X-SBRS: 2.7 X-MesageID: 20064836 X-Ironport-Server: esa3.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.73,514,1583211600"; d="scan'208";a="20064836" From: Andrew Cooper To: Xen-devel Subject: [PATCH 6/9] x86/gen-cpuid: Distinguish default vs max in feature annotations Date: Mon, 15 Jun 2020 15:15:29 +0100 Message-ID: <20200615141532.1927-7-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20200615141532.1927-1-andrew.cooper3@citrix.com> References: <20200615141532.1927-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Wei Liu , Paul Durrant , Andrew Cooper , Jan Beulich , Ian Jackson , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" The toolstack logic can now correctly distinguish a clean boot from a migrate/restore. Allow lowercase a/s/h to be used to annotate a non-default feature. Due to the emulator work prepared earlier in 4.14, this now allows VMs to explicity opt in to the TSXLDTRK, MOVDIR{I,64B} and SERIALIZE instructions = via their xl.cfg file, rather than getting them as a matter of default. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- CC: Jan Beulich CC: Wei Liu CC: Roger Pau Monn=C3=A9 CC: Ian Jackson CC: Wei Liu CC: Paul Durrant --- xen/tools/gen-cpuid.py | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/xen/tools/gen-cpuid.py b/xen/tools/gen-cpuid.py index 037954cfb8..ffd9529fdf 100755 --- a/xen/tools/gen-cpuid.py +++ b/xen/tools/gen-cpuid.py @@ -130,17 +130,13 @@ def crunch_numbers(state): MTRR, PGE, MCA, CMOV, PAT, PSE36, MMX, FXSR) state.common_1d =3D common_1d =20 - state.pv_def =3D state.raw['A'] - state.hvm_shadow_def =3D state.pv_def | state.raw['S'] - state.hvm_hap_def =3D state.hvm_shadow_def | state.raw['H'] - - # TODO: Ignore def/max split until the toolstack migration logic is fi= xed - state.pv_max =3D state.pv_def - state.hvm_shadow_max =3D state.hvm_shadow_def - state.hvm_hap_max =3D state.hvm_hap_def - # state.pv_max =3D state.raw['A'] | sta= te.raw['a'] - # state.hvm_shadow_max =3D state.pv_max | state.raw['S'] | sta= te.raw['s'] - # state.hvm_hap_max =3D state.hvm_shadow_max | state.raw['H'] | sta= te.raw['h'] + state.pv_def =3D state.raw['A'] + state.hvm_shadow_def =3D state.pv_def | state.raw['S'] + state.hvm_hap_def =3D state.hvm_shadow_def | state.raw['H'] + + state.pv_max =3D state.raw['A'] | state= .raw['a'] + state.hvm_shadow_max =3D state.pv_max | state.raw['S'] | state= .raw['s'] + state.hvm_hap_max =3D state.hvm_shadow_max | state.raw['H'] | state= .raw['h'] =20 # # Feature dependency information. --=20 2.11.0 From nobody Sun Apr 28 22:56:55 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=fail(p=none dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1592230581; cv=none; d=zohomail.com; s=zohoarc; b=LpWntH/2I9o9KxFLFmGOY0PbqhU7RbouHq9H5+Ikv44pLTGkrbXnzACXGc8hE3L51MD5k01q2hcoLbQCAsK0joXHrjW0TFccMKF1C+qbZZpi7Qs133x8idc0JRXhmU5nmG8lcdm4pwjLjSD7U2Q+slp0cOoOMb2FuNEX3+6BSbc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592230581; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=weGuxP7UL8V+WIn3UnBNJ4U21xvfdzAEueLFF9I202s=; b=Y1Uvv0+rXq5ClXtDiYKr3WUSndseqKVhFa50bzSkB7TlqceInJXua2hrnucFOnePqhJ/BBIcuQYTiLLXCykZkVfMNffcZH3b5n2GM2JXGZZWMR9T/8mJTPADgj63jeUB1upr9b7bX0jngBDtB/bAmZDGfLTHrE5SWziiIQkg9Uc= ARC-Authentication-Results: i=1; mx.zohomail.com; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1592230581796124.80367921947015; Mon, 15 Jun 2020 07:16:21 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jkpuC-0007wm-7I; Mon, 15 Jun 2020 14:16:08 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jkpuA-0007r6-G3 for xen-devel@lists.xenproject.org; Mon, 15 Jun 2020 14:16:06 +0000 Received: from esa4.hc3370-68.iphmx.com (unknown [216.71.155.144]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id bc0677b8-af12-11ea-b801-12813bfff9fa; Mon, 15 Jun 2020 14:15:59 +0000 (UTC) X-Inumbo-ID: bc0677b8-af12-11ea-b801-12813bfff9fa Authentication-Results: esa4.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: JU1Vs650gkYDzYMdXAJXYudu/aOm7faToFpWENF6iSlqlaSh8VZFf4te83IyZXexORmiMShiPJ aXpgt4sBt9nWBSKXmOy5LIPTkCMAVU+KhnNzjKYccOZ0HrUp0rWIzyEfTN+lZpib3Qc6IH8UDL AgSSykyH7Ss7D9bv7f2FOUwwF0ZpVBoyFB6IKG8yzUJRkMu51dJHZ3mOlhTKsNRoxHuZuutaMu b7GCXgG6IzI88ps90tsI7KCxx50mnOLoPSFVJJqYO1Jq+6L+FalNPtI22VS6d6Y3qSMt4OwQ/b PR0= X-SBRS: 2.7 X-MesageID: 20839545 X-Ironport-Server: esa4.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.73,514,1583211600"; d="scan'208";a="20839545" From: Andrew Cooper To: Xen-devel Subject: [PATCH 7/9] x86/hvm: Disable MPX by default Date: Mon, 15 Jun 2020 15:15:30 +0100 Message-ID: <20200615141532.1927-8-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20200615141532.1927-1-andrew.cooper3@citrix.com> References: <20200615141532.1927-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Wei Liu , Paul Durrant , Andrew Cooper , Jan Beulich , Ian Jackson , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Memory Protection eXtension support has been dropped from GCC and Linux, and will be dropped from future Intel CPUs. With all other default/max pieces in place, move MPX from default to max. This means that VMs won't be offered it by default, but can explicitly opt into using it via cpuid=3D"host,mpx=3D1" in their vm.cfg file. The difference as visible to the guest is: diff --git a/default b/mpx index 0e91765d6b..c8c33cd584 100644 --- a/default +++ b/mpx @@ -13,15 +13,17 @@ Native cpuid: 00000004:00000004 -> 00000000:00000000:00000000:00000000 00000005:ffffffff -> 00000000:00000000:00000000:00000000 00000006:ffffffff -> 00000000:00000000:00000000:00000000 - 00000007:00000000 -> 00000000:009c2fbb:00000000:9c000400 + 00000007:00000000 -> 00000000:009c6fbb:00000000:9c000400 00000008:ffffffff -> 00000000:00000000:00000000:00000000 00000009:ffffffff -> 00000000:00000000:00000000:00000000 0000000a:ffffffff -> 00000000:00000000:00000000:00000000 0000000b:ffffffff -> 00000000:00000000:00000000:00000000 0000000c:ffffffff -> 00000000:00000000:00000000:00000000 - 0000000d:00000000 -> 00000007:00000240:00000340:00000000 + 0000000d:00000000 -> 0000001f:00000240:00000440:00000000 0000000d:00000001 -> 0000000f:00000240:00000000:00000000 0000000d:00000002 -> 00000100:00000240:00000000:00000000 + 0000000d:00000003 -> 00000040:000003c0:00000000:00000000 + 0000000d:00000004 -> 00000040:00000400:00000000:00000000 40000000:ffffffff -> 40000005:566e6558:65584d4d:4d4d566e 40000001:ffffffff -> 0004000e:00000000:00000000:00000000 40000002:ffffffff -> 00000001:40000000:00000000:00000000 Adjust the legacy restore path in libxc to cope safely with pre-4.14 VMs. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- CC: Jan Beulich CC: Wei Liu CC: Roger Pau Monn=C3=A9 CC: Ian Jackson CC: Wei Liu CC: Paul Durrant Dropped Jan's R-by from previous posting, as the patch has gained new toolstack logic to avoid breaking migrate. --- tools/libxc/xc_cpuid_x86.c | 48 ++++++++++++++++++-------= ---- xen/include/public/arch-x86/cpufeatureset.h | 2 +- 2 files changed, 31 insertions(+), 19 deletions(-) diff --git a/tools/libxc/xc_cpuid_x86.c b/tools/libxc/xc_cpuid_x86.c index e017abffce..5649913e69 100644 --- a/tools/libxc/xc_cpuid_x86.c +++ b/tools/libxc/xc_cpuid_x86.c @@ -436,6 +436,8 @@ int xc_cpuid_apply_policy(xc_interface *xch, uint32_t d= omid, bool restore, xen_cpuid_leaf_t *leaves =3D NULL; struct cpuid_policy *p =3D NULL; uint32_t err_leaf =3D -1, err_subleaf =3D -1, err_msr =3D -1; + uint32_t host_featureset[FEATURESET_NR_ENTRIES] =3D {}; + uint32_t len =3D ARRAY_SIZE(host_featureset); =20 if ( xc_domain_getinfo(xch, domid, 1, &di) !=3D 1 || di.domid !=3D domid ) @@ -458,6 +460,22 @@ int xc_cpuid_apply_policy(xc_interface *xch, uint32_t = domid, bool restore, (p =3D calloc(1, sizeof(*p))) =3D=3D NULL ) goto out; =20 + /* Get the host policy. */ + rc =3D xc_get_cpu_featureset(xch, XEN_SYSCTL_cpu_featureset_host, + &len, host_featureset); + if ( rc ) + { + /* Tolerate "buffer too small", as we've got the bits we need. */ + if ( errno =3D=3D ENOBUFS ) + rc =3D 0; + else + { + PERROR("Failed to obtain host featureset"); + rc =3D -errno; + goto out; + } + } + /* Get the domain's default policy. */ nr_msrs =3D 0; rc =3D xc_get_system_cpu_policy(xch, di.hvm ? XEN_SYSCTL_cpu_policy_hv= m_default @@ -479,6 +497,18 @@ int xc_cpuid_apply_policy(xc_interface *xch, uint32_t = domid, bool restore, goto out; } =20 + /* + * Account for feature which have been disabled by default since Xen 4= .13, + * so migrated-in VM's don't risk seeing features disappearing. + */ + if ( restore ) + { + if ( di.hvm ) + { + p->feat.mpx =3D test_bit(X86_FEATURE_MPX, host_featureset); + } + } + if ( featureset ) { uint32_t disabled_features[FEATURESET_NR_ENTRIES], @@ -530,24 +560,6 @@ int xc_cpuid_apply_policy(xc_interface *xch, uint32_t = domid, bool restore, =20 if ( !di.hvm ) { - uint32_t host_featureset[FEATURESET_NR_ENTRIES] =3D {}; - uint32_t len =3D ARRAY_SIZE(host_featureset); - - rc =3D xc_get_cpu_featureset(xch, XEN_SYSCTL_cpu_featureset_host, - &len, host_featureset); - if ( rc ) - { - /* Tolerate "buffer too small", as we've got the bits we need.= */ - if ( errno =3D=3D ENOBUFS ) - rc =3D 0; - else - { - PERROR("Failed to obtain host featureset"); - rc =3D -errno; - goto out; - } - } - /* * On hardware without CPUID Faulting, PV guests see real topology. * As a consequence, they also need to see the host htt/cmp fields. diff --git a/xen/include/public/arch-x86/cpufeatureset.h b/xen/include/publ= ic/arch-x86/cpufeatureset.h index 5ca35d9d97..af1b8a96a6 100644 --- a/xen/include/public/arch-x86/cpufeatureset.h +++ b/xen/include/public/arch-x86/cpufeatureset.h @@ -207,7 +207,7 @@ XEN_CPUFEATURE(INVPCID, 5*32+10) /*H Invalidate = Process Context ID */ XEN_CPUFEATURE(RTM, 5*32+11) /*A Restricted Transactional Memor= y */ XEN_CPUFEATURE(PQM, 5*32+12) /* Platform QoS Monitoring */ XEN_CPUFEATURE(NO_FPU_SEL, 5*32+13) /*! FPU CS/DS stored as zero */ -XEN_CPUFEATURE(MPX, 5*32+14) /*S Memory Protection Extensions */ +XEN_CPUFEATURE(MPX, 5*32+14) /*s Memory Protection Extensions */ XEN_CPUFEATURE(PQE, 5*32+15) /* Platform QoS Enforcement */ XEN_CPUFEATURE(AVX512F, 5*32+16) /*A AVX-512 Foundation Instruction= s */ XEN_CPUFEATURE(AVX512DQ, 5*32+17) /*A AVX-512 Doubleword & Quadword = Instrs */ --=20 2.11.0 From nobody Sun Apr 28 22:56:55 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=fail(p=none dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1592230598; cv=none; d=zohomail.com; s=zohoarc; b=gDuB6te6Vf3nQoFsLChj42QpiuMlNlpNtqTml655ppl6RFEYRUUiMaIX5SGoOmAnCOAishEqZD9+vcyjKxPL9bh8xvS8bfQAn2BOU5+rndaqx2yDca7cDm3V5u0D3jVSBGAy+Lzfi1MaOdWecKFLOpplzaIqfJOa/DCLZWmerjQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592230598; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=rKoXcG764kovvA7m9OjXAVjWBBNM2uod8BhzpAOQO2I=; b=fnKzg2Fi4YJx8QxynDHLezFOl1PibhY7wIXwNKmsBL2fuR+4BzDAMAsH3dOmE2bqlUeYMQz23zlVx7gSLMnYidsXNd+tzAoreTgJxIY3Kmqlc2FTyUxWi+W8Rx8IkQmfJCT7A1pYo4Es2o//o68eACMHnpyexxbKY8U7PLmrzEs= ARC-Authentication-Results: i=1; mx.zohomail.com; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1592230598692212.48755662363988; Mon, 15 Jun 2020 07:16:38 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jkpuT-0008BB-J7; Mon, 15 Jun 2020 14:16:25 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jkpuS-0007qe-6W for xen-devel@lists.xenproject.org; Mon, 15 Jun 2020 14:16:24 +0000 Received: from esa4.hc3370-68.iphmx.com (unknown [216.71.155.144]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id bbfd69de-af12-11ea-bca7-bc764e2007e4; Mon, 15 Jun 2020 14:15:58 +0000 (UTC) X-Inumbo-ID: bbfd69de-af12-11ea-bca7-bc764e2007e4 Authentication-Results: esa4.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: EtXH1WdzMpHjyZOQeIdyhi9iU7Fe/sa9euWbx33WnPg4hcWHVky1sgjOroslZVaqfQ/xNZMRDY wCDok0bvE3/4bQb9XvjO9RBr4rr44GuBU7kGy7fMeo93lz35pxarJ8TSK/JSaoi1eXw3Y/RGOB SO9QEuzvHnwrp4CVJhJsXZHjdD7CgbrCkVTwDeQeXj7eJmLHVXjsebC318CTWrDJLH4RLRj1vm 3/rljIVBSMTr7IdZ8Hw3iuegwReeXb3LZN6uXv/v7ZOScXbxnjkRC2W0OTQPvR8debHpR2Po7o BKU= X-SBRS: 2.7 X-MesageID: 20839542 X-Ironport-Server: esa4.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.73,514,1583211600"; d="scan'208";a="20839542" From: Andrew Cooper To: Xen-devel Subject: [PATCH 8/9] x86/cpuid: Introduce missing feature adjustment in calculate_pv_def_policy() Date: Mon, 15 Jun 2020 15:15:31 +0100 Message-ID: <20200615141532.1927-9-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20200615141532.1927-1-andrew.cooper3@citrix.com> References: <20200615141532.1927-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Andrew Cooper , Paul Durrant , Wei Liu , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" This was an accidental asymmetry with the HVM side. No change in behaviour at this point. Fixes: 83b387382 ("x86/cpuid: Introduce and use default CPUID policies") Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- CC: Jan Beulich CC: Wei Liu CC: Roger Pau Monn=C3=A9 CC: Paul Durrant --- xen/arch/x86/cpuid.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/xen/arch/x86/cpuid.c b/xen/arch/x86/cpuid.c index ee11087626..f2fc0aa895 100644 --- a/xen/arch/x86/cpuid.c +++ b/xen/arch/x86/cpuid.c @@ -402,6 +402,8 @@ static void __init calculate_pv_def_policy(void) for ( i =3D 0; i < ARRAY_SIZE(pv_featureset); ++i ) pv_featureset[i] &=3D pv_def_featuremask[i]; =20 + guest_common_feature_adjustments(pv_featureset); + sanitise_featureset(pv_featureset); cpuid_featureset_to_policy(pv_featureset, p); recalculate_xstate(p); --=20 2.11.0 From nobody Sun Apr 28 22:56:55 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=fail(p=none dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1592230578; cv=none; d=zohomail.com; s=zohoarc; b=kwaav8rqIF+Btled84T2R9pP8iFipynSxhSoNP3oGhKdQmYsqlznLZIhtq1uYiVAZdSOkg8Pn8zpa53SdMSsHsNPCVKWqypT4pojB8m6acNPqKf1exsI+2VN1fWIyzCDFj8H48J8YR5cBqe1YJOKLhCED5DtkGb0aMpdgb5IgtM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592230578; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=E1s1xutzv/icQe62crr0K07DtLzBBUN/9L7XrC/J/P8=; b=eZ6JEJfLdHZh7dmtCaijtiqgmfBAhSuPa19uHELpaDd9NQACXtaAbAprMgUx0J6d/Z+QJ4GV4lP+tZ0DtBDAUO78TF3u4UDpGTRMuU5z+z+9ykKw+QVzZmZfOo6Szlfi+Egx13O0QQ30IYV4OH8RvbaS6C8phwWUHwLVTOMpkrE= ARC-Authentication-Results: i=1; mx.zohomail.com; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1592230578056548.4306191156735; Mon, 15 Jun 2020 07:16:18 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jkpu8-0007uK-Qi; Mon, 15 Jun 2020 14:16:04 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jkpu8-0007qe-5t for xen-devel@lists.xenproject.org; Mon, 15 Jun 2020 14:16:04 +0000 Received: from esa3.hc3370-68.iphmx.com (unknown [216.71.145.155]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id b92196c2-af12-11ea-bb8b-bc764e2007e4; Mon, 15 Jun 2020 14:15:54 +0000 (UTC) X-Inumbo-ID: b92196c2-af12-11ea-bb8b-bc764e2007e4 Authentication-Results: esa3.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: mIjdbp5dwfK4SNh/gtIzQUviUFY1+aoEexNg9HA4wjQnxRIKigFWSgQALaJLKqpjAvgXbq0T9X zOmMSjph7GeFokY7BEcVNQDr+sC8YDCXZ5Dc/yO+h0c1ql9vgHwMwU9CjD/Z1u62LisAAIt7TS E5PVQLCSyuqiE0xGXtCIjWpjf10/vGP5jdltHz0YM42JO5+4PHRZ3/L8tLkFosOYZyjp4cRMUo Dj/jt+/3GDPsJELVvtcuBPV3Vs1Tk5U9a4ICmtra0D/r33ukOBV8Ose34QxYYqJWg9LV4N7xPx AAM= X-SBRS: 2.7 X-MesageID: 20064838 X-Ironport-Server: esa3.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.73,514,1583211600"; d="scan'208";a="20064838" From: Andrew Cooper To: Xen-devel Subject: [PATCH 9/9] x86/spec-ctrl: Hide RDRAND by default on IvyBridge Date: Mon, 15 Jun 2020 15:15:32 +0100 Message-ID: <20200615141532.1927-10-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20200615141532.1927-1-andrew.cooper3@citrix.com> References: <20200615141532.1927-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Wei Liu , Paul Durrant , Andrew Cooper , Jan Beulich , Ian Jackson , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" To combat the absence of mitigating microcode, arrange to hide RDRAND by default on IvyBridge hardware. Adjust the default feature derivation to hide RDRAND on IvyBridge client parts, unless `cpuid=3Drdrand` is explicitly provided. Adjust the restore path in xc_cpuid_apply_policy() to not hide RDRAND from = VMs which migrated from pre-4.14. In all cases, individual guests can continue using RDRAND if explicitly enabled in their config files. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- CC: Ian Jackson CC: Wei Liu CC: Jan Beulich CC: Wei Liu CC: Roger Pau Monn=C3=A9 CC: Paul Durrant --- docs/misc/xen-command-line.pandoc | 20 +++++++++++++++----- tools/libxc/xc_cpuid_x86.c | 3 +++ xen/arch/x86/cpuid.c | 21 +++++++++++++++++++++ xen/include/public/arch-x86/cpufeatureset.h | 2 +- 4 files changed, 40 insertions(+), 6 deletions(-) diff --git a/docs/misc/xen-command-line.pandoc b/docs/misc/xen-command-line= .pandoc index fde749c669..c8ebfaf813 100644 --- a/docs/misc/xen-command-line.pandoc +++ b/docs/misc/xen-command-line.pandoc @@ -512,11 +512,21 @@ The Speculation Control hardware features `srbds-ctrl= `, `md-clear`, `ibrsb`, `stibp`, `ibpb`, `l1d-flush` and `ssbd` are used by default if available a= nd applicable. They can all be ignored. =20 -`rdrand` and `rdseed` can be ignored, as a mitigation to XSA-320 / -CVE-2020-0543. The RDRAND feature is disabled by default on certain AMD -systems, due to possible malfunctions after ACPI S3 suspend/resume. `rdra= nd` -may be used in its positive form to override Xen's default behaviour on th= ese -systems, and make the feature fully usable. +`rdrand` and `rdseed` have multiple interactions. + +* For Special Register Buffer Data Sampling (SRBDS, XSA-320, CVE-2020-05= 43), + RDRAND and RDSEED can be ignored. + + Due to the absence microcode to address SRBDS on IvyBridge hardware, t= he + RDRAND feature is hidden by default for guests, unless `rdrand` is use= d in + its positive form. Irrespective of the default setting here, VMs can = use + RDRAND if explicitly enabled in guest config file, and VMs already usi= ng + RDRAND can migrate in. + +* The RDRAND feature is disabled by default on AMD Fam15/16 systems, due= to + possible malfunctions after ACPI S3 suspend/resume. `rdrand` may be u= sed + in its positive form to override Xen's default behaviour on these syst= ems, + and make the feature fully usable. =20 ### cpuid_mask_cpu > `=3D fam_0f_rev_[cdefg] | fam_10_rev_[bc] | fam_11_rev_b` diff --git a/tools/libxc/xc_cpuid_x86.c b/tools/libxc/xc_cpuid_x86.c index 5649913e69..877a5601f3 100644 --- a/tools/libxc/xc_cpuid_x86.c +++ b/tools/libxc/xc_cpuid_x86.c @@ -503,6 +503,9 @@ int xc_cpuid_apply_policy(xc_interface *xch, uint32_t d= omid, bool restore, */ if ( restore ) { + if ( test_bit(X86_FEATURE_RDRAND, host_featureset) && !p->basic.rd= rand ) + p->basic.rdrand =3D true; + if ( di.hvm ) { p->feat.mpx =3D test_bit(X86_FEATURE_MPX, host_featureset); diff --git a/xen/arch/x86/cpuid.c b/xen/arch/x86/cpuid.c index f2fc0aa895..6a4a787b68 100644 --- a/xen/arch/x86/cpuid.c +++ b/xen/arch/x86/cpuid.c @@ -340,6 +340,25 @@ static void __init calculate_host_policy(void) } } =20 +static void __init guest_common_default_feature_adjustments(uint32_t *fs) +{ + /* + * IvyBridge client parts suffer from leakage of RDRAND data due to SR= BDS + * (XSA-320 / CVE-2020-0543), and won't be receiving microcode to + * compensate. + * + * Mitigate by hiding RDRAND from guests by default, unless explicitly + * overridden on the Xen command line (cpuid=3Drdrand). Irrespective = of the + * default setting, guests can use RDRAND if explicitly enabled + * (cpuid=3D"host,rdrand=3D1") in the VM's config file, and VMs which = were + * previously using RDRAND can migrate in. + */ + if ( boot_cpu_data.x86_vendor =3D=3D X86_VENDOR_INTEL && + boot_cpu_data.x86 =3D=3D 6 && boot_cpu_data.x86_model =3D=3D 0x3a= && + cpu_has_rdrand && !is_forced_cpu_cap(X86_FEATURE_RDRAND) ) + __clear_bit(X86_FEATURE_RDRAND, fs); +} + static void __init guest_common_feature_adjustments(uint32_t *fs) { /* Unconditionally claim to be able to set the hypervisor bit. */ @@ -403,6 +422,7 @@ static void __init calculate_pv_def_policy(void) pv_featureset[i] &=3D pv_def_featuremask[i]; =20 guest_common_feature_adjustments(pv_featureset); + guest_common_default_feature_adjustments(pv_featureset); =20 sanitise_featureset(pv_featureset); cpuid_featureset_to_policy(pv_featureset, p); @@ -485,6 +505,7 @@ static void __init calculate_hvm_def_policy(void) hvm_featureset[i] &=3D hvm_featuremask[i]; =20 guest_common_feature_adjustments(hvm_featureset); + guest_common_default_feature_adjustments(hvm_featureset); =20 sanitise_featureset(hvm_featureset); cpuid_featureset_to_policy(hvm_featureset, p); diff --git a/xen/include/public/arch-x86/cpufeatureset.h b/xen/include/publ= ic/arch-x86/cpufeatureset.h index af1b8a96a6..fe7492a225 100644 --- a/xen/include/public/arch-x86/cpufeatureset.h +++ b/xen/include/public/arch-x86/cpufeatureset.h @@ -149,7 +149,7 @@ XEN_CPUFEATURE(XSAVE, 1*32+26) /*A XSAVE/XRSTO= R/XSETBV/XGETBV */ XEN_CPUFEATURE(OSXSAVE, 1*32+27) /*! OSXSAVE */ XEN_CPUFEATURE(AVX, 1*32+28) /*A Advanced Vector Extensions */ XEN_CPUFEATURE(F16C, 1*32+29) /*A Half-precision convert instruc= tion */ -XEN_CPUFEATURE(RDRAND, 1*32+30) /*A Digital Random Number Generato= r */ +XEN_CPUFEATURE(RDRAND, 1*32+30) /*!A Digital Random Number Generato= r */ XEN_CPUFEATURE(HYPERVISOR, 1*32+31) /*!A Running under some hypervisor = */ =20 /* AMD-defined CPU features, CPUID level 0x80000001.edx, word 2 */ --=20 2.11.0