From nobody Mon May 6 01:00:46 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1638266729; cv=none; d=zohomail.com; s=zohoarc; b=L7DRQdbNILIM5chSZRggYyB2kP3vm61v8Yr7eywo/6vfuAgZ2LYNMX2gWnV09ZqhQ4Wqmx/A42Z7oRnUsDN+9sknLqAUqbd4JBdaFUM/Qvm/Zn6vAzuTdGnrH4QIgqqBGxw6ixC1A8bXZ+ZL3d8/8NfO9utf9HL7ZxpcApJhjMw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1638266729; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=J6frxtuzn2aYL2GpM7ge4ahNwbUzf2EvtL0hK3A7v94=; b=UBxFiwnIPRR+CvWv4fQpQMacfkBiGgpIXH1T7lGEZr8F+Dh3jsolUaZ1P8UMeuh0DRBk6axf+gwT+g3IzZYgAB4PTEgepvMbXLuzV30TM3kThz1IUOJKmlIr1L5T1TRZ14GNQLCnvYJVbugooew+zFPTy9konkqM/wv/LC6C7PQ= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 16382667290796.530384552033411; Tue, 30 Nov 2021 02:05:29 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.234951.407671 (Exim 4.92) (envelope-from ) id 1ms00c-0007Tz-44; Tue, 30 Nov 2021 10:05:10 +0000 Received: by outflank-mailman (output) from mailman id 234951.407671; Tue, 30 Nov 2021 10:05:10 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1ms00b-0007Sl-VS; Tue, 30 Nov 2021 10:05:09 +0000 Received: by outflank-mailman (input) for mailman id 234951; Tue, 30 Nov 2021 10:05:08 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1ms00a-0007QZ-G2 for xen-devel@lists.xenproject.org; Tue, 30 Nov 2021 10:05:08 +0000 Received: from esa1.hc3370-68.iphmx.com (esa1.hc3370-68.iphmx.com [216.71.145.142]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id fd497a53-51c4-11ec-976b-d102b41d0961; Tue, 30 Nov 2021 11:05:06 +0100 (CET) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: fd497a53-51c4-11ec-976b-d102b41d0961 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1638266706; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=UmrIciFLECFu2qgzBROqeWeJVWmkLeHOoIn8Mew+k14=; b=WCH6Hn2D03fXLMAJDmYCNMdwWXgjRhAO7mC/HV/7HUoQoiD+ccTJyjCG 2cA60CSOYg9Mc362esy05hXmHeoto3Ik7KvyHqGqM9feuYe/iIHhE48+E ZmWhhiwhvo+sUWMftgLXCqRArOpFoLLVy7yppy+Ao0cgZPxQHxU1ZpBhP 8=; Authentication-Results: esa1.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: DwQIvjSLadEzVLvulfIxfuWOR8aAz4X9R9CxKpVmKwmCP/04mPU32NTOgnzcfe3mGOrgMb9WUd xg6RvQAF1AFnjcWZxuGsWnUNtwm8UCzVQJEB+5CuYSoNLGut7H316dWNmMxKyy6OpMwLPbF0IQ 6Em5oiKGfTKh6xVmMZgbuzfemGyqw6w1trC7uHmF3wTgBlFc9f+8U4KbplyOJwtTy3IuE/x0wT DhVjkmMBLdO1CYASYs4MCs5oqYN9UKUp6GalT/hI3k11f+Aw6qSRg5HP2aAN0uKPcS9+BLy5i7 /tXMuejKmx5daOZj5LNrdYO1 X-SBRS: 5.1 X-MesageID: 59281586 X-Ironport-Server: esa1.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.83 X-Policy: $RELAYED IronPort-Data: A9a23:lZNkkK0T+DRb2KgHKPbD5R52kn2cJEfYwER7XKvMYLTBsI5bpzVVz zQaCmyDaK2KYTD0eI8gaN6z8x8FusWGz9NqGQFkpC1hF35El5HIVI+TRqvS04J+DSFhoGZPt Zh2hgzodZhsJpPkS5PE3oHJ9RGQ74nRLlbHILOCan8ZqTNMEn970Es6wLZh2+aEvPDia++zk YKqyyHgEAfNNw5cagr4PIra9XuDFNyr0N8plgRWicJj5TcypFFMZH4rHomjLmOQf2VhNrXSq 9Avbl2O1jixEx8FUrtJm1tgG6EAaua60QOm0hK6V0U+6/TrS+NbPqsTbZIhhUlrZzqhvf8g6 e5fhYWKEg4mIpDCoLsdVkhzKnQrVUFG0OevzXmXtMWSywvNcmf2wuUoB0YzVWEa0r8pWycUr 6VecW1TKEDY7w616OvTpu1Er8IvNsT0eqgYvWlt12rxBvc6W5HTBa7N4Le02R9t15oeRKuOO aL1bxJAVCucXj0XPGwcUpIdmL6TjEm4eSdX/Qf9Sa0fvDGIkV0ZPKLWGMXRUsyHQ4NShEnwj kDs8nn9AxoaHMeC0jfD+XWp7sffkCW+VI8MGbmQ8v9xnEbV1mEVEAcRV1awvb++kEHWZj5EA xVKoGx09/F0rRH1CImmN/GlnJKaljwzCvtrAd0j0lqExbbp7T7GBm1VZQcUPbTKq/QKbTAt0 1aImfbgCjpurKCZRBqhy1uEkd+hEXNLdDFfPEfoWSNAuoC++99r0nojW/46SPbt5uAZDw0c1 NxjQMIWo7wIxfAG2Kyglbwsq2L9/8OZJuLZC+i+Y45E0u+bTNL1D2BLwQKChRqlEGp/ZgLa1 JTjs5LDhN3i9bnXyESwrBwlRdlFHcqtPjzGmkJIFJI87Tmr8HPLVdkOu2EkfR4yaZheJWWBj KrvVeV5v8Q70JyCN/IfXm5MI55ykfiI+SrNCJg4keaikrAuLVTarUmClGab3nz3kVhErE3ME czzTCpYNl5DUf4P5GPvH481iOZ3rghjlTK7bc2qlHyPjOvBDEN5vJ9YaTNimMhit/jayOgUm v4CX/a3J+J3DLejP3KJqNFLdjjn7xETXPjLliCeTcbbSiIOJY3rI6S5LWoJd9M3kqJLuP3P+ 33hCEZUxECm3S/MKBmQa2AlY7TqBM4toXU+NC0qHFCpx3l8Ptr/sPZBL8M6Les96ehu7f9oV P1ZKc+ONetCF2bc8DMHYJij8IE7LEa3hRiDNjaOaSQke8IyXBTA/9LpJ1O99CQHAietm9E5p rmsilHSTZYZHlwwB8fKcvO/iVi2uCFFyu51WkLJJPhVeVntr9c2e3Cg0KdvLphVexvZxzac2 wKHOjsipLHA890v7d3EpaGYtIP1QeFwKVVXQjvA5rGsOCiEomf6md1cUPyFdCz2XX/v/Pnwf v1cyvzxPaFVnFtOtIYgQb9nwbhnuonqrr5eiA9lAG/KfxKgDbY5eiuK2sxGt6tswL5FuFTpB hLTq4cCYbjZatn4FFMxJRY+arXR3P4ZrTDe8PApLRio/yRw5reGDR1fMhTkZPax91ep3FfJG dschfM= IronPort-HdrOrdr: A9a23:7iwPBKwx6EUp4DXk4xAZKrPw1r1zdoMgy1knxilNoHxuH/BwWf rPoB17726RtN91YhsdcL+7V5VoLUmzyXcX2/h1AV7BZniEhILAFugLgbcKqweKJ8SUzJ8+6U 4PSclD4N2bNykGsS75ijPIb+rJFrO8gd+VbeS19QYScelzAZsQiDuQkmygYzZLrA8tP+teKL OsovBpihCHYnotYsGyFhA+LpL+T42iruOeXfYebSRXkDWzsQ== X-IronPort-AV: E=Sophos;i="5.87,275,1631592000"; d="scan'208";a="59281586" From: Andrew Cooper To: Xen-devel CC: Andrew Cooper , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , Wei Liu Subject: [PATCH 1/8] x86/boot: Drop incorrect mapping at l2_xenmap[0] Date: Tue, 30 Nov 2021 10:04:38 +0000 Message-ID: <20211130100445.31156-2-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20211130100445.31156-1-andrew.cooper3@citrix.com> References: <20211130100445.31156-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @citrix.com) X-ZM-MESSAGEID: 1638266730220100003 It has been 4 years since the default load address changed from 1M to 2M, a= nd _stext ceased residing in l2_xenmap[0]. We should not be inserting an unus= ed mapping. To ensure we don't create mappings accidentally, loop from 0 and obey _PAGE_PRESENT on all entries. Fixes: 7ed93f3a0dff ("x86: change default load address from 1 MiB to 2 MiB") Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- CC: Jan Beulich CC: Roger Pau Monn=C3=A9 CC: Wei Liu Previously posted on its own. --- xen/arch/x86/setup.c | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/xen/arch/x86/setup.c b/xen/arch/x86/setup.c index da47cdea14a1..6f241048425c 100644 --- a/xen/arch/x86/setup.c +++ b/xen/arch/x86/setup.c @@ -1279,16 +1279,12 @@ void __init noreturn __start_xen(unsigned long mbi_= p) =20 /* The only data mappings to be relocated are in the Xen area.= */ pl2e =3D __va(__pa(l2_xenmap)); - /* - * Undo the temporary-hooking of the l1_directmap. __2M_text_= start - * is contained in this PTE. - */ + BUG_ON(using_2M_mapping() && l2_table_offset((unsigned long)_erodata) =3D=3D l2_table_offset((unsigned long)_stext)); - *pl2e++ =3D l2e_from_pfn(xen_phys_start >> PAGE_SHIFT, - PAGE_HYPERVISOR_RX | _PAGE_PSE); - for ( i =3D 1; i < L2_PAGETABLE_ENTRIES; i++, pl2e++ ) + + for ( i =3D 0; i < L2_PAGETABLE_ENTRIES; i++, pl2e++ ) { unsigned int flags; =20 --=20 2.11.0 From nobody Mon May 6 01:00:46 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1638266729; cv=none; d=zohomail.com; s=zohoarc; b=H6O9wk591iI1/5Jh0T6TRvFceO7aj5OnrMihZlGVjBK43FaLEOrovJ1eUcYwnO+sZV2k42Bm+2JC0Zuqr6kRqvRY4e/va5gr/A8WXMXebUdZNSLXtlb0Dy44n8TKPSgok9BDndz5HrL+Nk2jRctPULh4TjVPWiWyjLNre9rbjBI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1638266729; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=q7tTQiFtcqSfX/yllaq8hSnboDR+ztfWAMeVUs5UFuo=; b=N7iMLcjzyCuRkXGhV+PqKfgdTyRP00TVUSyxgigFnChbqTCvZWUzY4B2Y984ZpP/c1/WCbR8tPhn3haFmlIt1iFKAL9CuadS+wZH2VwQQ8WIEOPfxrr3/9KkYNz5JWtqGDPzlsJN1tUQVwbOcj5qcgnntFCcOC2rdq2gYMdx2N0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1638266729437401.25006208845934; Tue, 30 Nov 2021 02:05:29 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.234954.407708 (Exim 4.92) (envelope-from ) id 1ms00e-0008JY-E4; Tue, 30 Nov 2021 10:05:12 +0000 Received: by outflank-mailman (output) from mailman id 234954.407708; Tue, 30 Nov 2021 10:05:12 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1ms00e-0008I1-79; Tue, 30 Nov 2021 10:05:12 +0000 Received: by outflank-mailman (input) for mailman id 234954; Tue, 30 Nov 2021 10:05:10 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1ms00c-0007QY-4T for xen-devel@lists.xenproject.org; Tue, 30 Nov 2021 10:05:10 +0000 Received: from esa2.hc3370-68.iphmx.com (esa2.hc3370-68.iphmx.com [216.71.145.153]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id ff37db96-51c4-11ec-b941-1df2895da90e; Tue, 30 Nov 2021 11:05:08 +0100 (CET) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: ff37db96-51c4-11ec-b941-1df2895da90e DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1638266707; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=k17lutUB0RZWsOBqxvuCYcxmqhsCMjPR6N6SZca7JCE=; b=DnSbr+YXwO3DtjLgfkt39veuXJXUO6vw1m+I6ZNfKJen0rK1PtOisRDx wj0hMocxLgi7p7NbVbPVGBToZ82acRKSoJhVKf7TFjak4RsvpTElXsVcH JCpqbG3QEZ/U5ONQEG2XacajTVD25iZxRX3avxRYSjOJAtPUgENJUUZMK o=; Authentication-Results: esa2.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: yAmE1mBS7t9rjRu6RiFSRZc9y3GCgG+BrdZV3WykPbv10DjlesEVpbIWTjsthEDnsSnMS0BPq+ HgsgnTe5GZnGRy6IYrUPryuByTuTYsoU6ZycrUhS10KLV1rhQQNINEtgkh3Jzn8Fh3eySYTwhw J5XsJ8qu/XBIeNOVZR/i9fLP29mLQF6AAx2z8Oc1htRvytP5ZCoWqxswR39107uU9JIYWL99az GMzQz4Jy7RjQnwTpC8nrYrnkoCNuLWKH61OFv17R+vRHe5bapNbHtPdVpRlAOJo+rn/WcljCdX c0P9GP760IJ24eFPP7biY6aj X-SBRS: 5.1 X-MesageID: 58889162 X-Ironport-Server: esa2.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.83 X-Policy: $RELAYED IronPort-Data: A9a23:LUyVaq5QhwnOkO5lJBXThgxRtPXAchMFZxGqfqrLsTDasY5as4F+v jZKDGuOPPuIMTTwfI8ibY+zoRsHuJPQz9NjTFNvrykwHi5G8cbLO4+Ufxz6V8+wwmwvb67FA +E2MISowBUcFyeEzvuV3zyIQUBUjclkfJKlYAL/En03FVAMpBsJ00o5wrdg2dYw2LBVPivW0 T/Mi5yHULOa82Yc3lI8s8pvfzs24ZweEBtB1rAPTagjUG32zhH5P7pGTU2FFFPqQ5E8IwKPb 72rIIdVXI/u10xF5tuNyt4Xe6CRK1LYFVDmZnF+A8BOjvXez8CbP2lS2Pc0MC9qZzu1c99Z4 ZJMsrDtWzUSHKDysukvS0FcOAhYIvgTkFPHCSDXXc27ykTHdz3nwul0DVFwNoodkgp1KTgQr 7pCcmlLN03dwbLtqF64YrAEasALBc/nJo4A/FpnyinUF60OSpHfWaTao9Rf2V/cg+gTTaaON pNHM1KDajz5TANoPEdKUa4zmcGomVzeSAAHtAqK8P9fD2/7k1UqjemF3MDuUsOObdVYmACfv G2u10bTDwweNdef4SGY6X/qjejK9QvrVYRXGLCm+/pChFyI2ndVGBAQTUG8o/Sylgi5Qd03F qAP0nNw9+5orhXtF4SjGU3jyJKZgvICc/MXEuoWtRO/8YjZ3SyUNHBcShVoTsNz4afaWgcW/ lOOmtroAxlmv7uUVW+R+9+okN+iBcQGBTRcPHFZFGPp9/Gm+dhu1UyXEr6PBYbs1oWtcQwc1 Qxmu8TXa187qccQn5u28lnc695HjsiYF1Vljuk7s4/M0++YWGJHT9D4gbQ4xawZRGp8crVnl CNf8yR5xLpTZaxhbATXHI0w8EiBvp5pygH0j191BIUG/D+w4XOldo04yGggfxcza59fImGzP BW7VeZtCHl7ZyDCgUhfOd/ZNijX5fK4SYSNug78MLKinaSdhCfYpXozNCZ8LkjmkVQ2kLFXB HtoWZ3EMJruMow+lGDeb75EidcDn3lirUuOFcGT50n2itK2OS/KIYrpxXPTN4jVGovf+16Lm zueXuPXoyhivBrWPnOKrNVNdA9SdhDWx/ne8qRqSwJKGSI+cElJNhMb6epJl1VNk/sHm+HW0 Gu6X0MEmlPziWeecVeBa2x5aaOpVpF69CppMSspNFeu+n4ifYfws/tPK8ppJeEqpL550Pp5b /gZYMHcUP5BfSvKpmYGZp7noY08KBny3VCSPzCoaSQUdoJ7Q1Cb4cftewbirXFcDie+ucYkj aen0wfXHcgKSwh4VZ6EY/Oz1VKh+3ManbsqDUfPJ9BSfmTq8ZRrdHOt3qNmfZlUJEyalDWA1 guQDRMJnsX3otc4oIvTmKSJj4a1CO8iTEBUKHbWsOStPi7A82v9nYIZCLSUfSrQXX/f8bm5Y bkH1On1NfAKkQoYs4d4FLo3n6sy68G2+u1fxwVgWn7Kc06qGvVrJXzfhZtDsahEx7l4vwqqW x3QpokGaOvRYM61QkQMIAcFb/iY0aBGkzbf2v05PUHm6XIl57GAS0hTY0GBhSE1wGGZ62/5L TPNYPIr1jE= IronPort-HdrOrdr: A9a23:5YdaVqsiPsTp15Rnpfo9zQFu7skDTNV00zEX/kB9WHVpmszxra GTdZMgpGfJYVcqKQgdcL+7Scq9qB/nmqKdpLNhWYtKPzOW3ldATrsSj7cKqgeIc0aVm4JgPO VbAs9D4bXLfCNHZK3BgDVQfexP/DD+ytHMudvj X-IronPort-AV: E=Sophos;i="5.87,275,1631592000"; d="scan'208";a="58889162" From: Andrew Cooper To: Xen-devel CC: Andrew Cooper , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , Wei Liu Subject: [PATCH 2/8] x86/boot: Better describe the pagetable relocation loops Date: Tue, 30 Nov 2021 10:04:39 +0000 Message-ID: <20211130100445.31156-3-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20211130100445.31156-1-andrew.cooper3@citrix.com> References: <20211130100445.31156-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @citrix.com) X-ZM-MESSAGEID: 1638266730146100001 The first loop relocates all reachable non-leaf entries in idle_pg_table[], which includes l2_xenmap[511]'s reference to l1_fixmap_x[]. The second loop relocates only leaf mappings in l2_xenmap[], so update the skip condition to be opposite to the first loop. No functional change. Signed-off-by: Andrew Cooper Acked-by: Jan Beulich --- CC: Jan Beulich CC: Roger Pau Monn=C3=A9 CC: Wei Liu --- xen/arch/x86/setup.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/xen/arch/x86/setup.c b/xen/arch/x86/setup.c index 6f241048425c..495b4b7d51fb 100644 --- a/xen/arch/x86/setup.c +++ b/xen/arch/x86/setup.c @@ -1245,7 +1245,7 @@ void __init noreturn __start_xen(unsigned long mbi_p) barrier(); move_memory(e, XEN_IMG_OFFSET, _end - _start, 1); =20 - /* Walk initial pagetables, relocating page directory entries.= */ + /* Walk idle_pg_table, relocating non-leaf entries. */ pl4e =3D __va(__pa(idle_pg_table)); for ( i =3D 0 ; i < L4_PAGETABLE_ENTRIES; i++, pl4e++ ) { @@ -1277,18 +1277,18 @@ void __init noreturn __start_xen(unsigned long mbi_= p) } } =20 - /* The only data mappings to be relocated are in the Xen area.= */ - pl2e =3D __va(__pa(l2_xenmap)); - BUG_ON(using_2M_mapping() && l2_table_offset((unsigned long)_erodata) =3D=3D l2_table_offset((unsigned long)_stext)); =20 + /* Walk l2_xenmap[], relocating 2M superpage leaves. */ + pl2e =3D __va(__pa(l2_xenmap)); for ( i =3D 0; i < L2_PAGETABLE_ENTRIES; i++, pl2e++ ) { unsigned int flags; =20 if ( !(l2e_get_flags(*pl2e) & _PAGE_PRESENT) || + !(l2e_get_flags(*pl2e) & _PAGE_PSE) || (l2e_get_pfn(*pl2e) >=3D pte_update_limit) ) continue; =20 --=20 2.11.0 From nobody Mon May 6 01:00:46 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1638266730; cv=none; d=zohomail.com; s=zohoarc; b=j59O/zfwNmWqgjA1yRnO4iFPRhWk/Q36B1X2mZ9u714S6auMeBPKMjWphwVSJazCAw0fLIYNPpVCK+R0QZuxN/WeX4O9wzZoM1g6W2UVs9tL2O3nqVHjHTWgr0Y08OMBaTllmS7FtSqoU4F5134C6e4IL31GE29qoDPthAxxQQ0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1638266730; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=0GvnyIO5oMdiYUMztLuh5TBAxZa/Enyv4sMUSRo+QSA=; b=lY28o+E1rIh60ZqWsXoAyWgrDc1kOY2MZ1OYKj6jNkEwpFR6UEKJ4br6LvA4lncK0kxBIaZmTtnxPf2CStOSGyZD0ZLTkERhg+/YngWCeSIPKIWhfb1M3WHG53zzF3hNeJd28rlLpOw2dPo1vIe6qBrWLOLbOKKYzmdm+TiPGkE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1638266730377786.248874966213; Tue, 30 Nov 2021 02:05:30 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.234950.407666 (Exim 4.92) (envelope-from ) id 1ms00b-0007R1-Pe; Tue, 30 Nov 2021 10:05:09 +0000 Received: by outflank-mailman (output) from mailman id 234950.407666; Tue, 30 Nov 2021 10:05:09 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1ms00b-0007Qu-Mh; Tue, 30 Nov 2021 10:05:09 +0000 Received: by outflank-mailman (input) for mailman id 234950; Tue, 30 Nov 2021 10:05:08 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1ms00a-0007QY-Cw for xen-devel@lists.xenproject.org; Tue, 30 Nov 2021 10:05:08 +0000 Received: from esa2.hc3370-68.iphmx.com (esa2.hc3370-68.iphmx.com [216.71.145.153]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id fd5d471c-51c4-11ec-b941-1df2895da90e; Tue, 30 Nov 2021 11:05:06 +0100 (CET) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: fd5d471c-51c4-11ec-b941-1df2895da90e DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1638266706; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=cT97y0C7d9fsmdvUf53cmo5D+BKq2IWrRAFvHOURbtA=; b=hpp+eLLgTal2PTLlXyc7TR7Tnq44xohu9e8vNBjqki/TEibk1+xTJV5q tD2G3e8CGg3b53TTKvzkQOWfKu6lPF5tJBKhLpA8ER5tHzBSx7GV7k61C Tee8gD/tfJd0ls4MEmxuUE/BMzo+eEYiZ5YWONlH6V1js6FPFJi/MmgcF 8=; Authentication-Results: esa2.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: 1ugllMO8PACqbb9Lma/II4lkYp/RsDyYscBFOmcML4AU9ZeFkCV0AV5YfdJByw1zWBlMy17lSZ lbRxY2zera0Z1MCkuNdxJeJMxXbKa4OL3TyPHq5sg/rrrsvjHl1Yl7IJ6A9ymXoHiofA1cGbFO IfYURyrmSLNDd5+pGCJfc9KkVBAcDaTdcS9kp2DRbw/8OWTweyHgKpKUVfHO/nuQZTSIygT4Zd ebiJJd2JkkrxQerWNEHr9CKICXQnwoI+gRVR5vpj7kTzQcwkod38dSwlCSsS8RjpR85uGhMaxD Fr0+vqdI74r2UuzTFEC1xFlB X-SBRS: 5.1 X-MesageID: 58889161 X-Ironport-Server: esa2.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.83 X-Policy: $RELAYED IronPort-Data: A9a23:FBNkiqDhRAqCJBVW/+Tkw5YqxClBgxIJ4kV8jS/XYbTApD4i0DUBz 2IeW27TO6mOYGCkeN92aoTip05X6JTRmIA2QQY4rX1jcSlH+JHPbTi7wuYcHM8wwunrFh8PA xA2M4GYRCwMo/u1Si6FatANl1ElvU2zbue6WLGs1hxZH1c+EX540ko7wobVv6Yz6TSHK1LV0 T/Ni5W31G+Ng1aY5UpNtspvADs21BjDkGtwUm4WPJinj3eH/5UhN7oNJLnZEpfNatI88thW5 Qr05OrREmvxp3/BAz4++1rxWhVirrX6ZWBihpfKMkQLb9crSiEai84G2PQghUh/tDySstZX8 It364W1aDt1PO7Ip8NCTEwNe81+FfUuFL7vJHG+tYqYzlHccmuqyPJrZK00FdRGoKAtWzgIr KFGbmBWBvyAr7veLLaTY+9gnMk8auLsO5sSoCpIxjDFF/c2B5vERs0m4PcFjGdg15kQRJ4yY eI2Vytkbh7PTiQeHQ4pMrZnley3iF7GJmgwRFW9+vNsvjm7IBZK+KfpGMrYfJqNX8o9tmSyq 3/C/m/5KgoHL9HZwj2Amlq8i+mKkS7lVYY6ELyj6uUskFCV3nYUChAdSR28u/bRt6Klc4sBc QpOoHNo9PVsshzwJjXgY/GmiEGNpTMafeIOKbMj7SCxlqiX5zm+WXdRG1atd+canMMxQDUr0 HqAkNXoGSFjvdWpdJ6NyluHhWjsYHZIdAfucQdBFFJYuIe7/OnfmzqWFo47eJNZmOEZDt0ZL 9qiiCElz4segscQv0lQ1QCW2mn8znQlo+Nc2+k2Yo5Hxl8pDGJGT9bxgbQ+0RqmBN3CJrVml CJZ8/VyFMhUUfmweNWlGY3h5o2B6fefKyH7ilVyBZQn/DnF0yf9JtAKuWglfxkzbpxsldrVj Kn74lg5CHh7ZibCUEOKS9jpV5RCIVbIS7wJqcw4nvIRO8MsJWdrDQllZFKK3nCFraTfufpXB HtvSu71VSxyIf0+lFKeHr5BuZd2lnFW7T6CHvjTkkX4uYdykVbIEN/pxnPVNbtnhE5FyS2Im +ti2zyil08CDbagO3aPqub+7zkidBAGOHw/kOQPHsbrH+asMDtJ5yb5zexzdop7sb5Sk+uUr HixVlUBkAj0hGHdKBXMYXdmMeu9UZF6pHM9HCotIVf3hCRzPdfxtP8SJ8ktYL0q1O1/1vooH fMLTNqNX6ZUQTPd9jVDMZSk9N5+dA6mjB6lNja+ZGRtZIZpQgHEo4e2fgbm+CQUIDCwsM8y/ ++p2g/BGMJRTAV+FsfGLvmoygrp73QanetzWWrOI8VSJxqwoNQ7dXSpg6Zucc8WKBjFyj+L7 CqsAE8V9bvXvos40NjVnqTY/Y2nJPRzQxhBFG7B4LfoaSSDpji/wZVNWfqjdCzGUD+m472rY OhYwq2uMPADm1oW4YNwH6wykPA77trr4bRb0h5lDDPAaFHyUuFsJXyP3M9usKxRx+AG5VvqC xzXotQKa6+UPM7FEUIKIFt3Z+uO4vgYhz3O4KlnO079/iJ2oOKKXEg608NgU8CBwG+Z6L8Y/ No= IronPort-HdrOrdr: A9a23:W9aCnKMKfG708sBcTvmjsMiBIKoaSvp037Eqv3oedfUzSL3gqy nOpoV86faaslYssR0b9exofZPwJE80lqQFhrX5X43SPzUO0VHAROoJgLcKgQeQfxEWntQtrZ uIGJIeNDSfNzdHZL7BkWuFL+o= X-IronPort-AV: E=Sophos;i="5.87,275,1631592000"; d="scan'208";a="58889161" From: Andrew Cooper To: Xen-devel CC: Andrew Cooper , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , Wei Liu Subject: [PATCH 3/8] x86/boot: Fix data placement around __high_start() Date: Tue, 30 Nov 2021 10:04:40 +0000 Message-ID: <20211130100445.31156-4-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20211130100445.31156-1-andrew.cooper3@citrix.com> References: <20211130100445.31156-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @citrix.com) X-ZM-MESSAGEID: 1638266732427100011 multiboot_ptr should be in __initdata - it is only used on the BSP path. Furthermore, the .align 8 then .long means that stack_start is misaligned. Move both into setup.c, which lets the compiler handle the details correctl= y, as well as providling proper debug information for them. Declare stack_start in setup.h and avoid extern-ing it locally in smpboot.c. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- CC: Jan Beulich CC: Roger Pau Monn=C3=A9 CC: Wei Liu --- xen/arch/x86/boot/x86_64.S | 8 -------- xen/arch/x86/setup.c | 6 ++++++ xen/arch/x86/smpboot.c | 3 +-- xen/include/asm-x86/setup.h | 2 ++ 4 files changed, 9 insertions(+), 10 deletions(-) diff --git a/xen/arch/x86/boot/x86_64.S b/xen/arch/x86/boot/x86_64.S index d61048c583b3..27f52e7a7708 100644 --- a/xen/arch/x86/boot/x86_64.S +++ b/xen/arch/x86/boot/x86_64.S @@ -67,14 +67,6 @@ ENTRY(__high_start) call __start_xen BUG /* __start_xen() shouldn't return. */ =20 - .data - .align 8 -multiboot_ptr: - .long 0 - -GLOBAL(stack_start) - .quad cpu0_stack + STACK_SIZE - CPUINFO_sizeof - .section .data.page_aligned, "aw", @progbits .align PAGE_SIZE, 0 /* diff --git a/xen/arch/x86/setup.c b/xen/arch/x86/setup.c index 495b4b7d51fb..6613e56a2184 100644 --- a/xen/arch/x86/setup.c +++ b/xen/arch/x86/setup.c @@ -141,6 +141,12 @@ unsigned long __read_mostly xen_virt_end; char __section(".bss.stack_aligned") __aligned(STACK_SIZE) cpu0_stack[STACK_SIZE]; =20 +/* Used by the BSP/AP paths to find the higher half stack mapping to use. = */ +void *stack_start =3D cpu0_stack + STACK_SIZE - sizeof(struct cpu_info); + +/* Used by the boot asm to stash the relocated multiboot info pointer. */ +unsigned int __initdata multiboot_ptr; + struct cpuinfo_x86 __read_mostly boot_cpu_data =3D { 0, 0, 0, 0, -1 }; =20 unsigned long __read_mostly mmu_cr4_features =3D XEN_MINIMAL_CR4; diff --git a/xen/arch/x86/smpboot.c b/xen/arch/x86/smpboot.c index 329cfdb6c9f6..08c0f2d9df04 100644 --- a/xen/arch/x86/smpboot.c +++ b/xen/arch/x86/smpboot.c @@ -42,6 +42,7 @@ #include #include #include +#include #include #include #include @@ -419,8 +420,6 @@ void start_secondary(void *unused) startup_cpu_idle_loop(); } =20 -extern void *stack_start; - static int wakeup_secondary_cpu(int phys_apicid, unsigned long start_eip) { unsigned long send_status =3D 0, accept_status =3D 0; diff --git a/xen/include/asm-x86/setup.h b/xen/include/asm-x86/setup.h index 24be46115df2..eb9d7b433c13 100644 --- a/xen/include/asm-x86/setup.h +++ b/xen/include/asm-x86/setup.h @@ -12,6 +12,8 @@ extern char __2M_rwdata_start[], __2M_rwdata_end[]; extern unsigned long xenheap_initial_phys_start; extern uint64_t boot_tsc_stamp; =20 +extern void *stack_start; + void early_cpu_init(void); void early_time_init(void); =20 --=20 2.11.0 From nobody Mon May 6 01:00:46 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1638266847; cv=none; d=zohomail.com; s=zohoarc; b=nF3qiYreqsxCWBr9iDWrupgcnNHXbFv2DkwksGC8JDBqL+oJ5t5VBXv9nDkpP6b8p1q0Ql0IrY3A5E1NT9C+VuBHVBGrAbNHEs3/pNIBPXGKs6EC1B8Twdus8CQyT2nOnX4kpScsQRVfSxzmjKtkbqjsZJkzyZ/91w1bBgTA7lc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1638266847; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=R3JT51AM70AmW4uPScycFlmNbqeUl9275F5FcwD9Hso=; b=ajf+wakoxb2z/DL7OcG8Z3xrqtRatoUL07RY+7bnXq3uQdGB4c+5gc/P0LrtM03qDVTrNIDOUevOJmztFsuxCKVuYwjqsShh49e198B2PuId70yZNk6Ll6DjK7fyKZsDP9ztqtrKXlMqi6Dk2UkCReQmAHSBtE+blTO2JULVfTY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1638266847986744.8966427596279; Tue, 30 Nov 2021 02:07:27 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.234986.407755 (Exim 4.92) (envelope-from ) id 1ms02b-0003VT-Ld; Tue, 30 Nov 2021 10:07:13 +0000 Received: by outflank-mailman (output) from mailman id 234986.407755; Tue, 30 Nov 2021 10:07:13 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1ms02b-0003VM-HH; Tue, 30 Nov 2021 10:07:13 +0000 Received: by outflank-mailman (input) for mailman id 234986; Tue, 30 Nov 2021 10:07:11 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1ms00y-0007QZ-WD for xen-devel@lists.xenproject.org; Tue, 30 Nov 2021 10:05:33 +0000 Received: from esa4.hc3370-68.iphmx.com (esa4.hc3370-68.iphmx.com [216.71.155.144]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id 0c6b8da7-51c5-11ec-976b-d102b41d0961; Tue, 30 Nov 2021 11:05:31 +0100 (CET) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 0c6b8da7-51c5-11ec-976b-d102b41d0961 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1638266731; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=4EShEwNY9aWo7yke4YUUnldLOjOyr7C+VW8CJKESj9k=; b=a8QyVjwrRNMgo7NT8+G5MMIpAWnAt2WgCuyGJkvGHmTugSV/oQclsR6Y 2Ddvv0N4hjiarOTlbBABfVJ7PWChf0QJ+ODVkKVP4nKCYfwbSy/mzzmOq ARPLSz/zOcCg4tc1FRotrnILuFFT1ZbM7qqSUMaUmvkGQaNMrvvuHt6x8 4=; Authentication-Results: esa4.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: QSHdRY3RDTIphduj1x+qVnVb1NJwPpU3BWe0BT/Kgh1XORIY/arrR51Gfe0Y+6BWemUND5635Q dXIa1g8ZJ/K7PwNfr5njrKxyAuqfIoGHAAjYMWPDNTNVCAvuW+C4yRQ0UJAPf/4Ru6dgvZsNb7 gvA12UE66HS9BLpiT4DFCVuUK4EjwmQFu3TlNnnSlmSm3U542yOsH48NXSWAvnYc0SkQ1p7K0q vLzi4CSu4hTfX8YhKY1lEYxJeaUF1fQ0D8A9CN1gECB4mt32JqAznt1ZkbRxE7Y20V9gdKaGKs FsW+5+2HyrEE75v48fEDLAUp X-SBRS: 5.1 X-MesageID: 60914846 X-Ironport-Server: esa4.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.83 X-Policy: $RELAYED IronPort-Data: A9a23:GXFjfakHIMPp5qT7OxOd+YXo5gxMIURdPkR7XQ2eYbSJt1+Wr1Gzt xJMXmyDPf/bY2P1L9h0bou/p0sCu5OBzIVrGQZkry02RSMWpZLJC+rCIxarNUt+DCFioGGLT Sk6QoOdRCzhZiaE/n9BClVlxJVF/fngqoDUUYYoAQgsA187IMsdoUg7wbdg29Uw2YHR7z6l4 rseneWOYDdJ5BYsWo4kw/rrRMRH5amaVJsw5zTSVNgT1LPsvyB94KE3fMldG0DQUIhMdtNWc s6YpF2PEsE1yD92Yj+tuu6TnkTn2dc+NyDW4pZdc/DKbhSvOkXee0v0XRYRQR4/ttmHozx+4 O9BuJ2abxkHBKHJtuE3cSNaLHBQA5QTrdcrIVDn2SCS50jPcn+qyPRyFkAme4Yf/46bA0kXq 6ZecmpUKEne2aTmm9pXScE17ignBODtMJkSpTdLyjbBAOx9aZvCX7/L9ZlT2zJYasVmQ66PP pZJNWQHgBLoQwJ3PVcIE40FpqShqWmlYidZiUyJqv9ii4TU5FMoi+W8WDbPQfSVQe1Fk0Deo XjJl0zbKBwHMN2UyRKe72mhwOTImEvTSI8UUbG16PNuqFmS3XAITg0bU0Ohpvu0gVL4XMhQQ 3H44QJ38/J0rhbyCICgAVvo+xZooyLwRfJqH+A7wieT5JDY5iicLEo+TAEQRuIf4ZpeqSMR6 neFmNbgBDpKubKTSG6A+rr8kQ5eKRT5PkdZO3ZaEFJtD83L5dhq00mRFooL/Lud14WtQVnNL ya2QD/Sbln5peoCzO2F8F/OmFpATbCZH1dutm07so9Ihz6VhbJJhaT0uTA3Dt4ade51q2VtW lBfwKByC8hUUPmweNSlGrllIV1Qz6/t3MfgqVBuBYI90D+m5mSue4tdiBknehw5aJ9dImS3O hOJ0e+02HO1FCDxBUOQS9jsY/nGMIC6TYi1PhwqRoQmjmdNmP+vo3g1OB/4M5HFm0kwi6AvU ap3gu73ZUv2/Z9PlWLsL89EiOdD7nlnmQv7GMCqpzz6gOH2TCPEFt843K6mM7lRAFWs+16Or b6y9qKiln1ibQEJSnWNrNNIcwlVdSNT6FKfg5U/S9Nv6zFOQAkJY8I9C5t4E2C8t6gKxOrO4 F+nXUpUlAj2iXHdcF3YYXF/crL/G514qCtjbyArOF+p3VklYJqus/hDJ8dmI+F/+bwx1+NwQ tkEZ96EXqZFRAPY9mlPdpL6toFjKkim3FrcIyq/bTEjVJd8XAiVqMT8dw7i+XBWXCq6vMczu ZO60QbfTcZRTghuFp+OOvmu00mwrT4Wn+crBxnEJdxaeUPN9ol2KnOu0q9rcp9UcRian2mUz QebBxsctNLhmY5t/Ymbn72AoqeoD/B6QhhQEV7E4OvkLiLd5Gein9NNCb7aYTDHWWro06y+f uEJnerkOfgKkVsW4YpxF7FnkfA369f1/uIIyw1lGDPAbkixC6MmKX6DhJEduqpIz75fmA23R kPQpYUKZeTXYJvoQAwLOQ4oTuWfzvVFyDDd4MM8LFj++CIqrqGMVl9fPkXUhSFQRFev3FjJH Qv1VBYq1jGC IronPort-HdrOrdr: A9a23:3smwwKO2cvDQY8BcTvmjsMiBIKoaSvp037Eqv3oedfUzSL3gqy nOpoV86faaslYssR0b9exofZPwJE80lqQFhrX5X43SPzUO0VHAROoJgLcKgQeQfxEWntQtrZ uIGJIeNDSfNzdHZL7BkWuFL+o= X-IronPort-AV: E=Sophos;i="5.87,275,1631592000"; d="scan'208";a="60914846" From: Andrew Cooper To: Xen-devel CC: Andrew Cooper , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , Wei Liu Subject: [PATCH 4/8] x86/mm: Drop bogus cacheability logic in update_xen_mappings() Date: Tue, 30 Nov 2021 10:04:41 +0000 Message-ID: <20211130100445.31156-5-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20211130100445.31156-1-andrew.cooper3@citrix.com> References: <20211130100445.31156-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @citrix.com) X-ZM-MESSAGEID: 1638266850294100001 There is no circumstance under which any part of the Xen image in memory wa= nts to have any cacheability other than Write Back. Furthermore, unmapping random pieces of Xen like that comes with a non-triv= ial risk of a Triple Fault, or other fatal condition. Even if it appears to wo= rk, an NMI or interrupt as a far wider reach into Xen mappings than calling map_pages_to_xen() thrice. Simplfy the safety checking to a BUG_ON(). It is substantially more correct and robust than following either of the unlikely(alias) paths. Signed-off-by: Andrew Cooper --- CC: Jan Beulich CC: Roger Pau Monn=C3=A9 CC: Wei Liu I'm half tempted to drop the check entirely, but in that case it would be better to inline the result into the two callers. --- xen/arch/x86/mm.c | 21 +++++++++------------ 1 file changed, 9 insertions(+), 12 deletions(-) diff --git a/xen/arch/x86/mm.c b/xen/arch/x86/mm.c index 4d799032dc82..9bd4e5cc1d2f 100644 --- a/xen/arch/x86/mm.c +++ b/xen/arch/x86/mm.c @@ -785,24 +785,21 @@ bool is_iomem_page(mfn_t mfn) =20 static int update_xen_mappings(unsigned long mfn, unsigned int cacheattr) { - int err =3D 0; bool alias =3D mfn >=3D PFN_DOWN(xen_phys_start) && mfn < PFN_UP(xen_phys_start + xen_virt_end - XEN_VIRT_START); - unsigned long xen_va =3D - XEN_VIRT_START + ((mfn - PFN_DOWN(xen_phys_start)) << PAGE_SHIFT); + + /* + * Something is catastrophically broken if someone is trying to change= the + * cacheability of Xen in memory... + */ + BUG_ON(alias); =20 if ( boot_cpu_has(X86_FEATURE_XEN_SELFSNOOP) ) return 0; =20 - if ( unlikely(alias) && cacheattr ) - err =3D map_pages_to_xen(xen_va, _mfn(mfn), 1, 0); - if ( !err ) - err =3D map_pages_to_xen((unsigned long)mfn_to_virt(mfn), _mfn(mfn= ), 1, - PAGE_HYPERVISOR | cacheattr_to_pte_flags(cacheattr)); - if ( unlikely(alias) && !cacheattr && !err ) - err =3D map_pages_to_xen(xen_va, _mfn(mfn), 1, PAGE_HYPERVISOR); - - return err; + return map_pages_to_xen( + (unsigned long)mfn_to_virt(mfn), _mfn(mfn), 1, + PAGE_HYPERVISOR | cacheattr_to_pte_flags(cacheattr)); } =20 #ifndef NDEBUG --=20 2.11.0 From nobody Mon May 6 01:00:46 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1638266729; cv=none; d=zohomail.com; s=zohoarc; b=FzFdPtrTduQJGt2yrwRmBlB0y0kHp50ZoW2IpcUyFq4gzmpLf0WQDnkk00izRTdEbfPDko01aAayUcGzkWpVDd3/hth73eVubYggfR7beqIjqh1EPYZhrlBpd8RTZ4sAh2XieiGLV3K4ZSh3lrNPV7EFcqz+CHIRGDEm0WAOY+A= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1638266729; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=deqLz3moFMA5PGXDFLQc7veNzD0ZbFWLso8zPRGhbk8=; b=O5Xjn7LhWFByyOthQhbUfjQs83XAF7x3nAZOBVQGsGrSmmPBNTAUQvfzJPD5lf5xtoR3PKqcTa4hHOsV6kgmgxQqyE04bdEhBaguQwo0Sov4cQDZxgGS6a6RfB+OxzVrYNHaOJNSktdmxsGu0stq+LsmGf9dV+kCRnmchAtr+9Y= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1638266729538250.12989907905217; Tue, 30 Nov 2021 02:05:29 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.234956.407724 (Exim 4.92) (envelope-from ) id 1ms00f-0000Eh-Qa; Tue, 30 Nov 2021 10:05:13 +0000 Received: by outflank-mailman (output) from mailman id 234956.407724; Tue, 30 Nov 2021 10:05:13 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1ms00f-00006I-Cc; Tue, 30 Nov 2021 10:05:13 +0000 Received: by outflank-mailman (input) for mailman id 234956; Tue, 30 Nov 2021 10:05:11 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1ms00d-0007QY-4k for xen-devel@lists.xenproject.org; Tue, 30 Nov 2021 10:05:11 +0000 Received: from esa5.hc3370-68.iphmx.com (esa5.hc3370-68.iphmx.com [216.71.155.168]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id ff574a4e-51c4-11ec-b941-1df2895da90e; Tue, 30 Nov 2021 11:05:08 +0100 (CET) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: ff574a4e-51c4-11ec-b941-1df2895da90e DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1638266708; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=5YA8FSFJ+Ido7sPF/P6KhMxMTP806Xj8+bqrXWoCKI4=; b=DjSmmfZbOWAu5hVXi41U8OPipsYG+vFjaE2ceAjCm2q6aZ1eq51BSqFH qQ78hfCg/zp/UNMjZq4xcjAY4aj8vpGM3Y2zgP6sMBAr5Sny8JgXDMyiq 41tKPEhrlsUTajj0jeqEDcl4RggVMG10zmEmjL9Ap3aHnYZ4ia0f+o5Tt E=; Authentication-Results: esa5.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: bIHWVeQHUXz6r0nX5evBqeKl860UzVSAtORugFtAuD+4PLq48heLcB0V0uUAJMeqnVVDT2y1ad 2Ba/HXs9KvulHtTLbnADi4SIZqTkW2HIFrwRi+tvkul9mff3uvmmAj2nRqUTyBzlFP8MwK5Ohg ArfF+iSNjCz+m8fV4YqjnjJ5RpZxmdvHFeRDkUg7vKjAhxDclB016CjO2KCu6Tjxsm5c2qCv/j LrJO0UHNGzxABd1qIsKEG/7Zdb4Z9Y6SHoUY+oE6qqx1m1qZ3Y+C4EKpst16zWhBpka9kclLEk /VZHCW37IvnFn7sWwAZAALK1 X-SBRS: 5.1 X-MesageID: 58406783 X-Ironport-Server: esa5.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.83 X-Policy: $RELAYED IronPort-Data: A9a23:p61006rlp9t786N76YX40JrEMR9eBmLUYhIvgKrLsJaIsI4StFCzt garIBmCP63bMDSmLd9zYdm0pENVsJTcmtBgSgBtqSEzHnkR85uZCYyVIHmrMnLJJKUvbq7GA +byyDXkBJppJpMJjk71atANlZT4vE2xbuKU5NTsY0idfic5Dnd+4f5fs7Rh2Ncx2IPhW1rlV e7a+KUzBnf0g1aYDUpMg06zgEsHUCPa4W5wUvQWPJinjXeG/5UnJMt3yZKZdhMUdrJ8DO+iL 9sv+Znilo/vE7XBPfv++lrzWhVirrc/pmFigFIOM0SpqkAqSiDfTs/XnRfTAKtao2zhojx/9 DlCnaKKWy42EPzgotkQdideCX9UEPB+oIaSdBBTseTLp6HHW37lwvEoB0AqJ4wIvO1wBAmi9 9RBdmpLNErawbvrnvTrEYGAhex6RCXvFKoZtmtt0nfyCvE+TIqYa67L+cVZzHE7gcUm8fP2O ppFMWQwPE+ojxtnZ2kzJJ8Ao+WRj1reLn4Ah3mkhLAv/D2GpOB2+Oe0a4eEEjCQfu1Kmm6Iq 2SA+H72ajk4HtGCzTuO8lq3m/TC2yj8Xeo6BLC+s/JnnlCX7mgSEwENE0u2p+GjjUyzUM4ZL FYbkhfCtoBrqhbtFIOkGUTl/jjU5XbwRua8DcUE0hOk1YSFzzykC006SCQfQvF7jJcPEGlCO kCyo/vlAjlmsbuwQH2b96uJoT7aBRX5PVPudgdfE1JbvoCLTJUby0uWE409SPLdYsjdQGmom 1i3QD4Ca6L/ZCLh/4Gy5hj5jj2lvfAlpSZlt1yMDgpJAu6UDbNJhrBEC3CHvZ6sz67DFzFtW UTofeDFt4ji6rnXyUSwrB0lRu3B2hp8GGS0baRTN5cg7S+x3HWoYJpd5jpzTG8wbJ1UI2awO xSN418LjHO2AJdMRfQsC25WI553pZUM6Py/DqyEBjawSsYZmPC7ENFGOhfLgjGFfLkEmqAjI 5aLGftA/l5BYZmLOAGeHr9HuZdyn3hW7TqKGfjTkkT2uZLDNSX9YepUbzOzghURsfrsTPP9q I0EaaNnCnx3DYXDX8Ug2dJJcA1RcyFkXcueRg4+XrfrHzeK0VoJU5f5qY7NsaQ8w8y5T8/Eo SOwXFF20l36iSGVIAmGcCk7OrjuQYx+vTQwOil1ZQSk3H0qYICO6qYDdsRoIel7pbI7lfMkH eMYf8igA+hUTmiV8ToqcpSg/pdpcw6mhFzSMnP9MiQ/ZZNpWyfA5sTgIln07CALAyfu7Zk+r rSs2xn1W50GQwg+Xs/aZOj2lwG6vGQHmfI0VEzNe4EBdELp+YlsCirwkv5ofJ1cdUSdnmOXj l/EDw0ZqO/Bp54O3OPI3a3U/Z20F+ZeH1ZBGzWJ57iBKiSHrHGoxpVNUbjUcGmFBn/04qire c5c0+r4bK8chF9PvodxT+RrwKY564e9rrNW1F05TnDCblDtAbJ8OHiWm8JIs/QVlLNevAK3X GOJ+8VbZurVaJ+0TgZJKVp3dPmH2NEVhiLWvKY8L0jN7SNq+KaKDBdJNB6WhS0BdLZ4PevJG wv6VBL6P+BnticXDw== IronPort-HdrOrdr: A9a23:5+a6Vahb7SmeiIsQBBZfEEUNrHBQXuAji2hC6mlwRA09TySZ// rOoB19726NtN9xYgBYpTnuAtjifZqxz/FICMwqTNOftWrdyQ2VxeNZnOnfKlTbckWUnIMw6U 4jSdkYNDSZNykAsS+Q2mmF+rgbruVviJrY4Nvj8w== X-IronPort-AV: E=Sophos;i="5.87,275,1631592000"; d="scan'208";a="58406783" From: Andrew Cooper To: Xen-devel CC: Andrew Cooper , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , Wei Liu Subject: [PATCH 5/8] x86/boot: Drop xen_virt_end Date: Tue, 30 Nov 2021 10:04:42 +0000 Message-ID: <20211130100445.31156-6-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20211130100445.31156-1-andrew.cooper3@citrix.com> References: <20211130100445.31156-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @citrix.com) X-ZM-MESSAGEID: 1638266730227100004 The calculation in __start_xen() for xen_virt_end is an opencoding of ROUNDUP(_end, 2M). This is __2M_rwdata_end as provided by the linker scrip= t. This corrects the bound calculations in arch_livepatch_init() and update_xen_mappings() to not enforce 2M alignment when Xen is not compiled with CONFIG_XEN_ALIGN_2M Furthermore, since 52975142d154 ("x86/boot: Create the l2_xenmap[] mappings dynamically"), there have not been extraneous mappings to delete, meaning t= hat the call to destroy_xen_mappings() has been a no-op. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- CC: Jan Beulich CC: Roger Pau Monn=C3=A9 CC: Wei Liu This effectively reverts d0ae97d4136e ("x86-64: properly handle alias mappi= ngs beyond _end"), because the preconditions for the change are no longer valid. --- xen/arch/x86/livepatch.c | 3 ++- xen/arch/x86/mm.c | 3 ++- xen/arch/x86/setup.c | 6 ------ xen/include/asm-x86/x86_64/page.h | 2 -- 4 files changed, 4 insertions(+), 10 deletions(-) diff --git a/xen/arch/x86/livepatch.c b/xen/arch/x86/livepatch.c index 49f0d902e5bb..d056b1ed8b41 100644 --- a/xen/arch/x86/livepatch.c +++ b/xen/arch/x86/livepatch.c @@ -17,6 +17,7 @@ #include #include #include +#include =20 static bool has_active_waitqueue(const struct vm_event_domain *ved) { @@ -343,7 +344,7 @@ void __init arch_livepatch_init(void) { void *start, *end; =20 - start =3D (void *)xen_virt_end; + start =3D (void *)__2M_rwdata_end; end =3D (void *)(XEN_VIRT_END - FIXADDR_X_SIZE - NR_CPUS * PAGE_SIZE); =20 BUG_ON(end <=3D start); diff --git a/xen/arch/x86/mm.c b/xen/arch/x86/mm.c index 9bd4e5cc1d2f..fdc548a9cb4a 100644 --- a/xen/arch/x86/mm.c +++ b/xen/arch/x86/mm.c @@ -786,7 +786,8 @@ bool is_iomem_page(mfn_t mfn) static int update_xen_mappings(unsigned long mfn, unsigned int cacheattr) { bool alias =3D mfn >=3D PFN_DOWN(xen_phys_start) && - mfn < PFN_UP(xen_phys_start + xen_virt_end - XEN_VIRT_START); + mfn < PFN_UP(xen_phys_start + (unsigned long)__2M_rwdata_end - + XEN_VIRT_START); =20 /* * Something is catastrophically broken if someone is trying to change= the diff --git a/xen/arch/x86/setup.c b/xen/arch/x86/setup.c index 6613e56a2184..0e0e706404a3 100644 --- a/xen/arch/x86/setup.c +++ b/xen/arch/x86/setup.c @@ -136,8 +136,6 @@ cpumask_t __read_mostly cpu_present_map; =20 unsigned long __read_mostly xen_phys_start; =20 -unsigned long __read_mostly xen_virt_end; - char __section(".bss.stack_aligned") __aligned(STACK_SIZE) cpu0_stack[STACK_SIZE]; =20 @@ -1573,10 +1571,6 @@ void __init noreturn __start_xen(unsigned long mbi_p) } #endif =20 - xen_virt_end =3D ((unsigned long)_end + (1UL << L2_PAGETABLE_SHIFT) - = 1) & - ~((1UL << L2_PAGETABLE_SHIFT) - 1); - destroy_xen_mappings(xen_virt_end, XEN_VIRT_START + BOOTSTRAP_MAP_BASE= ); - /* * If not using 2M mappings to gain suitable pagetable permissions * directly from the relocation above, remap the code/data diff --git a/xen/include/asm-x86/x86_64/page.h b/xen/include/asm-x86/x86_64= /page.h index f9faf7f38348..cb1db107c424 100644 --- a/xen/include/asm-x86/x86_64/page.h +++ b/xen/include/asm-x86/x86_64/page.h @@ -23,8 +23,6 @@ static inline unsigned long canonicalise_addr(unsigned lo= ng addr) =20 #include =20 -extern unsigned long xen_virt_end; - /* * Note: These are solely for the use by page_{get,set}_owner(), and * therefore don't need to handle the XEN_VIRT_{START,END} range. --=20 2.11.0 From nobody Mon May 6 01:00:46 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1638266848; cv=none; d=zohomail.com; s=zohoarc; b=Z+4uZwzhpJwhTO8D/lB212SzbmzAg0uqaopvt+eZv/bf3VBUwzXsNqTej/sBMFWxbaad2bYd218Hz23iGsZHO/IB5mp5fiPqvTBQTAHAfh1RDhpeXb8n7UcM/+8jjDoNWuLplM4zb8QuaXB2/N4/WW+2QIaM2QVS7VJ/aUFQVSY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1638266848; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=CNv+OTRT/ddYrOMy4E8BC/O7em6gWJOheY7LKynLyoY=; b=diAzOihGESJa7weyHF5/tDkpG7S+jc4aL7Te4NqZXnaXan7BHfPDmAemOv5fzdh4fJTP+MuP269rGaDgYg/AjtK/Wx5kXF4dam7X8F+fnNLN30jNY24art5jOIWvju+QCRwwIjDIkps4/r86L+tkKAiPOQt8G8l2RgFhgT7/Idc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1638266848041128.3930138320917; Tue, 30 Nov 2021 02:07:28 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.234984.407744 (Exim 4.92) (envelope-from ) id 1ms02a-0003E8-DS; Tue, 30 Nov 2021 10:07:12 +0000 Received: by outflank-mailman (output) from mailman id 234984.407744; Tue, 30 Nov 2021 10:07:12 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1ms02a-0003Dv-9f; Tue, 30 Nov 2021 10:07:12 +0000 Received: by outflank-mailman (input) for mailman id 234984; Tue, 30 Nov 2021 10:07:11 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1ms010-0007QZ-0D for xen-devel@lists.xenproject.org; Tue, 30 Nov 2021 10:05:34 +0000 Received: from esa3.hc3370-68.iphmx.com (esa3.hc3370-68.iphmx.com [216.71.145.155]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id 0cf75c0e-51c5-11ec-976b-d102b41d0961; Tue, 30 Nov 2021 11:05:32 +0100 (CET) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 0cf75c0e-51c5-11ec-976b-d102b41d0961 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1638266732; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=GLNFdCsQo1lgG4rFh7qYYZT9z5k1wotugxCu0CDIj2s=; b=au9ftoYXWPShCl21mh2jFu9YImyBLso6I3S2cwg3PbAbiYbKOJFWxkgV n2KTfqL2lJ9sWDc+Lmc0eNdt955lz3Gi8+7lI9YJJPJQQ2MGGMLFv4Xl8 pMjxwb9/Qjssk6/NtRz0YkVH6WNn22ohOjzF26DDCGexuzmdcwQEsbWRJ c=; Authentication-Results: esa3.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: WGrmbQzjO3MmuKrT0AMqwfj83nx9+CdYXBIbqgbe5G9McsoLsuhJ+vYTDxsQ7U0x1dB53n6jBy RT+44sToPcTG+G9KwABZSsa2SojLVPVZN55ele5RX6EyiLqg6T8l3apV44dBfbTVHiLtMdbucN Viz25uBp8d5mz0dKkOzZagx8E45pvJuuNKKVHfIl1nClWAT2FvzCz22qnjbFL9+1EGYL/mM0YF EXH43GwPGLLHp03h6WTnpfJRF5q9lNlyVdAIuZSHHEFRXprttJnqp6u0zfIkXapLXmDwNrnNWb f3cUgc6H37p7vf3+z58ZJ8SZ X-SBRS: 5.1 X-MesageID: 58910850 X-Ironport-Server: esa3.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.83 X-Policy: $RELAYED IronPort-Data: A9a23:hm929aCI0l5plBVW/+Tkw5YqxClBgxIJ4kV8jS/XYbTApD5w1z1Wy WEZCmjVOquPMGL3eYxxPdixo0IPsJXXx9E1QQY4rX1jcSlH+JHPbTi7wuYcHM8wwunrFh8PA xA2M4GYRCwMo/u1Si6FatANl1ElvU2zbue6WLGs1hxZH1c+EX540ko7wobVv6Yz6TSHK1LV0 T/Ni5W31G+Ng1aY5UpNtspvADs21BjDkGtwUm4WPJinj3eH/5UhN7oNJLnZEpfNatI88thW5 Qr05OrREmvxp3/BAz4++1rxWhVirrX6ZWBihpfKMkQLb9crSiEai84G2PQghUh/px6Zlo5oi +93q8aMGBcWG+7+oaNMekwNe81+FfUuFL7vJHG+tYqYzlHccmuqyPJrZK00FdRGoKAtWzgIr KFGbmBWBvyAr7veLLaTY+9gnMk8auLsO5sSoCpIxjDFF/c2B5vERs0m4PcFjGZp3pATRZ4yY eImQ2d0Uw7dRyFVGWsxGLw7p9/3nCjGJmgwRFW9+vNsvjm7IBZK+KfpGMrYfJqNX8o9tmSyq 3/C/m/5KgoHL9HZwj2Amlq8i+mKkS7lVYY6ELyj6uUskFCV3nYUChAdSR28u/bRt6Klc4sBc QpOoHNo9PVsshzwJjXgY/GmiFKvrhdCQplqKfNg1FCd9Y+X0T/eV0FRG1atd+canMMxQDUr0 HqAkNXoGSFjvdWpdJ6NyluHhWjsYHZIdAfucQdBFFJYuIe7/OnfmzqWFo47eJNZmOEZDt0ZL 9qiiCElz4segscQv0lQ1QCW2mn8znQlo+Nc2+k2Yo5Hxl8pDGJGT9bxgbQ+0RqmBN3CJrVml CJZ8/VyFMhUUfmweNWlGY3h5o2B6fefKyH7ilVyBZQn/DnF0yf9JtAKuWglfxkzbpxsldrVj Kn74lg5CHh7ZibCUEOKS9jpV5RCIVbIS7wJqcw4nvIRO8MsJWdrDQllZFKK3nCFraTfufpXB HtvSu71VSxyIf0+lFKeHr5BuZd2lnFW7T6CHvjTkkX4uYdykVbIEN/pxnPVNbtnhE5FyS2Im +ti2zyil08CDbagO3aPqub+7zkidBAGOHw/kOQPHsbrH+asMDpJ5yb5zexzdop7sb5Sk+uUr HixVlUBkAj0hGHdKBXMYXdmMeu9UZF6pHM9HCotIVf3hCRzPdfxtP8SJ8ktYL0q1O1/1vooH fMLTNqNX6ZUQTPd9jVDMZSk9N5+dA6mjB6lNja+ZGRtZIZpQgHEo4e2fgbm+CQUIDCwsM8y/ ++p2g/BGMJRTAV+FsfGLvmoygrp73QanetzWWrOI8VSJxqwoNQ7dXSpg6Zucc8WKBjFyj+L7 CqsAE8V9bvXvos40NjVnqTY/Y2nJPRzQxhBFG7B4LfoaSSDpji/wZVNWfqjdCzGUD+m472rY OhYwq2uMPADm1oW4YNwH6wykPA77trr4bRb0h5lDDPAaFHyUuFsJXyP3M9usKxRx+AG5VvqC xzXotQKa6+UPM7FEUIKIFt3Z+uO4vgYhz3O4KlnO079/iJ2oOKKXEg608NgU8CBwG+Z6L8Y/ No= IronPort-HdrOrdr: A9a23:nkvmQatjFWvrgaJba5S4Sd9s7skDTNV00zEX/kB9WHVpmszxra GTdZMgpGfJYVcqKQgdcL+7Scq9qB/nmqKdpLNhWYtKPzOW3ldATrsSj7cKqgeIc0aVm4JgPO VbAs9D4bXLfCNHZK3BgDVQfexP/DD+ytHMudvj X-IronPort-AV: E=Sophos;i="5.87,275,1631592000"; d="scan'208";a="58910850" From: Andrew Cooper To: Xen-devel CC: Andrew Cooper , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , Wei Liu Subject: [PATCH 6/8] x86/boot: Adjust .text/.rodata/etc permissions in one place Date: Tue, 30 Nov 2021 10:04:43 +0000 Message-ID: <20211130100445.31156-7-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20211130100445.31156-1-andrew.cooper3@citrix.com> References: <20211130100445.31156-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @citrix.com) X-ZM-MESSAGEID: 1638266850303100002 At the moment, we have two locations selecting restricted permissions, not very far apart on boot, dependent on opposite answers from using_2M_mapping= (). The later location however can shatter superpages if needed, while the form= er cannot. Collect together all the permission adjustments at the slightly later point= in boot, as we're may need to shatter a superpage to support __ro_after_init. No functional change. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- CC: Jan Beulich CC: Roger Pau Monn=C3=A9 CC: Wei Liu --- xen/arch/x86/setup.c | 74 ++++++++++++------------------------------------= ---- 1 file changed, 16 insertions(+), 58 deletions(-) diff --git a/xen/arch/x86/setup.c b/xen/arch/x86/setup.c index 0e0e706404a3..8329263430ed 100644 --- a/xen/arch/x86/setup.c +++ b/xen/arch/x86/setup.c @@ -1281,55 +1281,16 @@ void __init noreturn __start_xen(unsigned long mbi_= p) } } =20 - BUG_ON(using_2M_mapping() && - l2_table_offset((unsigned long)_erodata) =3D=3D - l2_table_offset((unsigned long)_stext)); - /* Walk l2_xenmap[], relocating 2M superpage leaves. */ pl2e =3D __va(__pa(l2_xenmap)); for ( i =3D 0; i < L2_PAGETABLE_ENTRIES; i++, pl2e++ ) { - unsigned int flags; - if ( !(l2e_get_flags(*pl2e) & _PAGE_PRESENT) || !(l2e_get_flags(*pl2e) & _PAGE_PSE) || (l2e_get_pfn(*pl2e) >=3D pte_update_limit) ) continue; =20 - if ( !using_2M_mapping() ) - { - *pl2e =3D l2e_from_intpte(l2e_get_intpte(*pl2e) + - xen_phys_start); - continue; - } - - if ( i < l2_table_offset((unsigned long)&__2M_text_end) ) - { - flags =3D PAGE_HYPERVISOR_RX | _PAGE_PSE; - } - else if ( i >=3D l2_table_offset((unsigned long)&__2M_roda= ta_start) && - i < l2_table_offset((unsigned long)&__2M_rodata= _end) ) - { - flags =3D PAGE_HYPERVISOR_RO | _PAGE_PSE; - } - else if ( i >=3D l2_table_offset((unsigned long)&__2M_init= _start) && - i < l2_table_offset((unsigned long)&__2M_init_e= nd) ) - { - flags =3D PAGE_HYPERVISOR_RWX | _PAGE_PSE; - } - else if ( (i >=3D l2_table_offset((unsigned long)&__2M_rwd= ata_start) && - i < l2_table_offset((unsigned long)&__2M_rwdat= a_end)) ) - { - flags =3D PAGE_HYPERVISOR_RW | _PAGE_PSE; - } - else - { - *pl2e =3D l2e_empty(); - continue; - } - - *pl2e =3D l2e_from_paddr( - l2e_get_paddr(*pl2e) + xen_phys_start, flags); + *pl2e =3D l2e_from_intpte(l2e_get_intpte(*pl2e) + xen_phys= _start); } =20 /* Re-sync the stack and then switch to relocated pagetables. = */ @@ -1572,31 +1533,28 @@ void __init noreturn __start_xen(unsigned long mbi_= p) #endif =20 /* - * If not using 2M mappings to gain suitable pagetable permissions - * directly from the relocation above, remap the code/data - * sections with decreased permissions. + * Restrict permissions on the Xen code/data. + * + * Mark .text as RX. */ - if ( !using_2M_mapping() ) - { - /* Mark .text as RX (avoiding the first 2M superpage). */ - modify_xen_mappings(XEN_VIRT_START + MB(2), - (unsigned long)&__2M_text_end, - PAGE_HYPERVISOR_RX); + modify_xen_mappings((unsigned long)&_start, + (unsigned long)&__2M_text_end, + PAGE_HYPERVISOR_RX); =20 - /* Mark .rodata as RO. */ - modify_xen_mappings((unsigned long)&__2M_rodata_start, - (unsigned long)&__2M_rodata_end, - PAGE_HYPERVISOR_RO); + /* Mark .rodata as RO. */ + modify_xen_mappings((unsigned long)&__2M_rodata_start, + (unsigned long)&__2M_rodata_end, + PAGE_HYPERVISOR_RO); =20 - /* Mark .data and .bss as RW. */ - modify_xen_mappings((unsigned long)&__2M_rwdata_start, - (unsigned long)&__2M_rwdata_end, - PAGE_HYPERVISOR_RW); + /* Mark .data and .bss as RW. */ + modify_xen_mappings((unsigned long)&__2M_rwdata_start, + (unsigned long)&__2M_rwdata_end, + PAGE_HYPERVISOR_RW); =20 + if ( !IS_ALIGNED((unsigned long)&__2M_rwdata_end, MB(2)) ) /* Drop the remaining mappings in the shattered superpage. */ destroy_xen_mappings((unsigned long)&__2M_rwdata_end, ROUNDUP((unsigned long)&__2M_rwdata_end, MB(2= ))); - } =20 nr_pages =3D 0; for ( i =3D 0; i < e820.nr_map; i++ ) --=20 2.11.0 From nobody Mon May 6 01:00:46 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1638266729; cv=none; d=zohomail.com; s=zohoarc; b=K0FPNxE0XxKxPyVr+gD2H/g6BPoJ+cwKX7F538xSgkoprOdENbvIUabbpNuG/WEGfNdAI9mxjdy1px18Yf/7frzIqssaun1SugYEhlDct5iWIFpnLwCt967DKbZ1uCekrVwT1/cX/5ujsWxx7j16YkMOND8wArOq0SQ5Z+5Zyn8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1638266729; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=6tFaKQbxeUIWqMoP0IMdk44NjnNmPSEKmZgkK7X5KMY=; b=KNAckHfSAjAzX3r28/bDS66qi91knEGwLE13OEwPCGi5AblbtFUkYkTyzkf6Z+TUD+T9L/eHjQ/4MtKX/G1qt8QbaStRBuOaOiDzfhZYGa2M2NQWD1NuSofK8xe1kMbTvWCFJmMYnR5r+LdEIHwu3f1lr0ZRMB45vCG71hupk3g= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1638266729815416.351353223497; Tue, 30 Nov 2021 02:05:29 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.234955.407716 (Exim 4.92) (envelope-from ) id 1ms00f-0008TP-4B; Tue, 30 Nov 2021 10:05:13 +0000 Received: by outflank-mailman (output) from mailman id 234955.407716; Tue, 30 Nov 2021 10:05:13 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1ms00e-0008SE-PR; Tue, 30 Nov 2021 10:05:12 +0000 Received: by outflank-mailman (input) for mailman id 234955; Tue, 30 Nov 2021 10:05:10 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1ms00c-0007QZ-GH for xen-devel@lists.xenproject.org; Tue, 30 Nov 2021 10:05:10 +0000 Received: from esa1.hc3370-68.iphmx.com (esa1.hc3370-68.iphmx.com [216.71.145.142]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id ffefa7a9-51c4-11ec-976b-d102b41d0961; Tue, 30 Nov 2021 11:05:09 +0100 (CET) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: ffefa7a9-51c4-11ec-976b-d102b41d0961 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1638266709; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=tDRmWPYoenWIe1ospZDKOXn6f22HabGgSyG7x1uHVLQ=; b=HOTjMiJzZM2RqgBtEvSzKyR2tFY4xmRvrrfc21+QAhJXp9UFthDlnbGX dKgBWdfpPm9qB3c2qS6I4S/yjNujs5XNAMKNBJA6wr3SgKvDRPK9nZ/2y lerCQo/xPvkBb+yyuiclP/CLszC3QgVTXWZ8SmmoYUQQhl9Qejp/fexhe g=; Authentication-Results: esa1.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: pNoiC8DWjaVXj+ZVau4jBv68Xw8eyiwlnTRDO0KtZp8bMCBworqDPGk0Wr93geebcBw3ElyX0H Gh3u06hhYtvos8oDj+SMYFN94rPbRV+JVbscZ4JrHZl787aUG0VGcwDgmOaZQ3LucKcw24GrET UDf/I97/w7P999fYaBsltS+7rnqwBy7m5lyBxjZp0S85a7d315mInvHCJfCKl4xDwjoYEy6Nh1 5SPZMDUrLhA5NWsRucJ9SOXgYnkWNTLjO8pcJ1cG/knlHDjpY73lxCkFwlODePBZ753sMp07x5 aFqDmo9QxGSIF5cTqqeVAUjT X-SBRS: 5.1 X-MesageID: 59281588 X-Ironport-Server: esa1.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.83 X-Policy: $RELAYED IronPort-Data: A9a23:qtG/UK+IEdbO4Ug3R/vqDrUDTXmTJUtcMsCJ2f8bNWPcYEJGY0x3n TEfCj3QOveKZmSnKdt3b4qy/U9T75eAytQ1TgRvqCA8E34SpcT7XtnIdU2Y0wF+jyHgoOCLy +1EN7Es+ehtFie0Si9AttENlFEkvU2ybuOU5NXsZ2YhGmeIdA970Ug6wrdi2tYx6TSEK1jlV e3a8pW31GCNg1aYAkpMg05UgEoy1BhakGpwUm0WPZinjneH/5UmJMt3yZWKB2n5WuFp8tuSH I4v+l0bElTxpH/BAvv9+lryn9ZjrrT6ZWBigVIOM0Sub4QrSoXfHc/XOdJFAXq7hQllkPgum c5zp62KRj0tN72LkcE/VTcBPXBXaPguFL/veRBTsOSWxkzCNXDt3+9vHAc9OohwFuRfWD8Us 6ZCcXZUM07F17neLLGTE4GAguwKKsXxMZxZkXZn1TzDVt4tQIzZQrWM7thdtNs1rp0fR6aHO ppJAdZpRDPxRF5WYUg3MpgZkvikgymjUgRfml3A8MLb5ECMlVcsgdABKuH9ZdiiVchT2EGCq Qru3U70HxUbP9y30iee/zSngeqntTP2XsceGaO18tZugUaP3SoDBRsOT1y5rPKlzEmkVLpix 1c8o3R06/JorQryE4e7D0bQTGO4UgA0BItLLf8L0g63zqPEpA+8JG4qFxAQQYlz3CMpfgAC2 liMltLvIDVgtryJVH6QnoupQSOO1Ts9djFbO3JdJecRy5y6+dxo0EqTJjp2OPft1oWdJN3m/ 9ydQMHSbZ03hNVD6ai09Euvb9mE9smQFV5dCuk6swuYAuJFiGyNO9zABbvzt68owGOlor+p5 yNsdy+2tr1mMH11vHbRKNjh5Znwjxp/DBXSgER0A74q/Cm39niocOh4uW8ldB0wa51fJ2W1O ic/XD+9ArcIZxNGioctPuqM5zkCl/C8RbwJqNiKBjaxXnSBXFDep3w/DaJh92vsjFItgckC1 WSzKq6R4YIhIf0/llKeHr5FuZdyn3xW7T6DFPjTkkX8uZLDNSH9dFvwGAbXBgzPxPjf+1u9H hc2H5bi9iizp8WiOHSKqtBKcghRRZX5bLivw/Fqmie4ClIOMAkc5zX5m9vNoqRpwPZYkPnm5 Ha4VhMKwVbznySfew6LdmpiePXkWpMm9SA3OiklPFCJ3Xk/YNnwsPdDJsVvJbR3pvZ+yfNUT uUef5nSCPp4VTmaqS8WaoPwrdI+eU3z1x6OJSesfBM2Y4VkG17S4tbhcwa2rHsOAyO7uNEQu bql0g+HE5MPSx47VJTdae61zkP3tn8YwbogU0zNK9hVWUPt7Ik1dHCh0q5pe5kBcEyRyCGb2 gCaBQYjidPM+4JlosPUga2krpuyF7csFERtAGSGv629MjPX/zT/zNYYAvqIZz3USEj95L6mO bdO1/j5PfAKwARKvo57H+o5xK4y/YKy9bpTzwAiF3TXdVW7TLhnJyDej8VIs6RMwJ5fuBe3B R3TqoULZ+3RNZO3CkMVKSokcv+HhKMdlTTl5PgoJFn3uX1s972dXEQOZxSBhUSx9leu3F/JF Qv5hPMr1g== IronPort-HdrOrdr: A9a23:bE+UWKy+d6y3eswqWlWYKrPw1r1zdoMgy1knxilNoHxuH/BwWf rPoB17726RtN91YhsdcL+7V5VoLUmzyXcX2/h1AV7BZniEhILAFugLgbcKqweKJ8SUzJ8+6U 4PSclD4N2bNykGsS75ijPIb+rJFrO8gd+VbeS19QYScelzAZsQiDuQkmygYzZLrA8tP+teKL OsovBpihCHYnotYsGyFhA+LpL+T42iruOeXfYebSRXkDWzsQ== X-IronPort-AV: E=Sophos;i="5.87,275,1631592000"; d="scan'208";a="59281588" From: Andrew Cooper To: Xen-devel CC: Andrew Cooper , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , Wei Liu Subject: [PATCH 7/8] x86/boot: Support __ro_after_init Date: Tue, 30 Nov 2021 10:04:44 +0000 Message-ID: <20211130100445.31156-8-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20211130100445.31156-1-andrew.cooper3@citrix.com> References: <20211130100445.31156-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @citrix.com) X-ZM-MESSAGEID: 1638266730188100002 For security hardening reasons, it advantageous to make setup-once data immutable after boot. Borrow __ro_after_init from Linux. On x86, place .data.ro_after_init at the start of .rodata, excluding it from the early permission restrictions. Re-apply RO restrictions to the whole of .rodata in init_done(), attempting to reform the superpage if possible. For architectures which don't implement __ro_after_init explicitly, variabl= es merges into .data. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- CC: Jan Beulich CC: Roger Pau Monn=C3=A9 CC: Wei Liu --- xen/arch/x86/setup.c | 12 +++++++++++- xen/arch/x86/xen.lds.S | 6 ++++++ xen/include/asm-x86/setup.h | 1 + xen/include/xen/cache.h | 2 ++ 4 files changed, 20 insertions(+), 1 deletion(-) diff --git a/xen/arch/x86/setup.c b/xen/arch/x86/setup.c index 8329263430ed..3bbc46f244b9 100644 --- a/xen/arch/x86/setup.c +++ b/xen/arch/x86/setup.c @@ -663,6 +663,11 @@ static void noreturn init_done(void) init_xenheap_pages(__pa(start), __pa(end)); printk("Freed %lukB init memory\n", (end - start) >> 10); =20 + /* Mark .rodata/ro_after_init as RO. Maybe reform the superpage. */ + modify_xen_mappings((unsigned long)&__2M_rodata_start, + (unsigned long)&__2M_rodata_end, + PAGE_HYPERVISOR_RO); + startup_cpu_idle_loop(); } =20 @@ -1541,8 +1546,13 @@ void __init noreturn __start_xen(unsigned long mbi_p) (unsigned long)&__2M_text_end, PAGE_HYPERVISOR_RX); =20 + /* Mark .data.ro_after_init as RW. Maybe shatters the .rodata superpa= ge. */ + modify_xen_mappings((unsigned long)&__ro_after_init_start, + (unsigned long)&__ro_after_init_end, + PAGE_HYPERVISOR_RW); + /* Mark .rodata as RO. */ - modify_xen_mappings((unsigned long)&__2M_rodata_start, + modify_xen_mappings((unsigned long)&__ro_after_init_end, (unsigned long)&__2M_rodata_end, PAGE_HYPERVISOR_RO); =20 diff --git a/xen/arch/x86/xen.lds.S b/xen/arch/x86/xen.lds.S index 87e344d4dd97..4db5b404e073 100644 --- a/xen/arch/x86/xen.lds.S +++ b/xen/arch/x86/xen.lds.S @@ -97,6 +97,12 @@ SECTIONS __2M_rodata_start =3D .; /* Start of 2M superpages, mapped RO. */ DECL_SECTION(.rodata) { _srodata =3D .; + + __ro_after_init_start =3D .; + *(.data.ro_after_init) + . =3D ALIGN(PAGE_SIZE); + __ro_after_init_end =3D .; + /* Bug frames table */ __start_bug_frames =3D .; *(.bug_frames.0) diff --git a/xen/include/asm-x86/setup.h b/xen/include/asm-x86/setup.h index eb9d7b433c13..34edea405f85 100644 --- a/xen/include/asm-x86/setup.h +++ b/xen/include/asm-x86/setup.h @@ -6,6 +6,7 @@ =20 extern const char __2M_text_start[], __2M_text_end[]; extern const char __2M_rodata_start[], __2M_rodata_end[]; +extern const char __ro_after_init_start[], __ro_after_init_end[]; extern char __2M_init_start[], __2M_init_end[]; extern char __2M_rwdata_start[], __2M_rwdata_end[]; =20 diff --git a/xen/include/xen/cache.h b/xen/include/xen/cache.h index 6ee174efa439..f52a0aedf768 100644 --- a/xen/include/xen/cache.h +++ b/xen/include/xen/cache.h @@ -15,4 +15,6 @@ #define __cacheline_aligned __attribute__((__aligned__(SMP_CACHE_BYTES))) #endif =20 +#define __ro_after_init __section(".data.ro_after_init") + #endif /* __LINUX_CACHE_H */ --=20 2.11.0 From nobody Mon May 6 01:00:46 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1638266729; cv=none; d=zohomail.com; s=zohoarc; b=NAU9n31zZ8k2stnqUlyuc4XmD09Bx0/cnFBUZpT7vu8Gz0x6SJe43Jly5Jbk1Eg6quzk8w8uyRjByD1ZSX+ij6f90k82kAVSri1ZjNC6zyYwzX2mCZrkiPOzktmfC3uToArgCTvEg+J/QGj9LU9FTvUfUtqGI7ocBnT9Uwo3YxY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1638266729; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=ZBCzav1F6NXTSYxJ7gvyFCAkhtOQfvuN9ffKW1pPV9Q=; b=FEmBnx8bFdYQxI0ZAPlOJ6klrEv/wdUbmu7vJ9HNjF3l1n/sJcF+4OFPGsF209i+o+7Z/+2Kp2FtLthANEgADcLJzqBVBcAKkx/UOip+Zm5IGq+F6vfoRoRLHusJkmH6/ceFVwoAaQwdNRlCimuFL3D+DzTvuk+TiB7KdQESSx4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 163826672995633.43614465665746; Tue, 30 Nov 2021 02:05:29 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.234953.407684 (Exim 4.92) (envelope-from ) id 1ms00c-0007j8-TY; Tue, 30 Nov 2021 10:05:10 +0000 Received: by outflank-mailman (output) from mailman id 234953.407684; Tue, 30 Nov 2021 10:05:10 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1ms00c-0007h6-Lv; Tue, 30 Nov 2021 10:05:10 +0000 Received: by outflank-mailman (input) for mailman id 234953; Tue, 30 Nov 2021 10:05:09 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1ms00b-0007QZ-AU for xen-devel@lists.xenproject.org; Tue, 30 Nov 2021 10:05:09 +0000 Received: from esa1.hc3370-68.iphmx.com (esa1.hc3370-68.iphmx.com [216.71.145.142]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id ff3a9e16-51c4-11ec-976b-d102b41d0961; Tue, 30 Nov 2021 11:05:08 +0100 (CET) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: ff3a9e16-51c4-11ec-976b-d102b41d0961 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1638266708; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Pi8aH3JRK86CaSMRjaSHXycx0FZbeTLBq9iyeIqfZcI=; b=J5H/XgscneGkd0Lds4oA4aJwqg0pmnODLmWjvZ54hgw7AGgdqCOiJIKr kJkzny5t4M+qFAHPoHNIZNuoFlaQkvjElGldvhU6qYqpDOQGLvDR1y2lx DyhKLBRPb2DNUBuLzvbqXe+1x9PYnQqOcGoP39b5o3C1EUV27Xhee/MZD 4=; Authentication-Results: esa1.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: edmLOWAtT1zvkYvZldukRnXMN/RlH+LzAUacSEoBEelEMOiVii1IfN9/2Eq7DmFlJAetKTqucU n35l4hOMtuNPzCJqC0MAVI+/9kuZmAZgvut7HoDZHABpps0rpLqm08KsYoUpLDbueT4F90MCRV 3/QkQojmPMtYdM7FZ3hVWXSE9L2FRpJ1AyaatVw8dPpCRLRSvcD27/f7oqDzBK5ebHG4Wz4rQG BUc2+DvGXRuARY9X+Wb4cihaaJkI4db4XPsAeiObteSTJoKbqoP851HH07Hn8EAmALEZjBOxIb SgEDxaGAAv39JRfiFk2Wqp8B X-SBRS: 5.1 X-MesageID: 59281587 X-Ironport-Server: esa1.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.83 X-Policy: $RELAYED IronPort-Data: A9a23:Q4ny9KPMw8sZCjbvrR1okMFynXyQoLVcMsEvi/4bfWQNrUon1DNVm GMZUWjSPPvYMGD2LYt2aY6yoR9Q7ZXTndA1GQto+SlhQUwRpJueD7x1DKtR0wB+jCHnZBg6h ynLQoCYdKjYdpJYz/uUGuCJQUNUjMlkfZKhTr6bUsxNbVU8En540Ek7w7dRbrNA2rBVPSvc4 bsenOWHULOV82Yc3rU8sv/rRLtH5ZweiRtA1rAMTakjUGz2zhH5OKk3N6CpR0YUd6EPdgKMq 0Qv+5nilo/R109F5tpICd8XeGVSKlLZFVDmZna7x8FOK/WNz8A/+v9TCRYSVatYo2rYhO5j+ e9Cj5i5WUAgG4/Ktr0zAjANRkmSPYUekFPGCX22sMjVxEzaaXr8hf5pCSnaP6VBpLwxWzsXs 6VFdnZdNXhvhMrvqF6/YsBqit4uM4/AO4QHt2s75TrYEewnUdbIRKCiCdpwgWZq1pkTTam2i 8wxQ2ZmVT3cQBJ1H1oXWNExsuWC2GTBbGgNwL6SjfVuuDWCpOBr65DyNPLFd9rMQt9a9m66j G/b+2XyAjkBKceSjzGC9xqEluLJ2C/2Ro8WPLm57eJxxk2ewHQJDx8bXkf9puO24nNSQPoGd RZSoHB36/Fvqgr7FbERQiFUvlbb7wUiSetqHNc+4RHKw4/25SjAKDktG2sphMMdiOc6Qjkj1 1msltzvBCByvLD9dU9x5ot4vhvpZ3FLcDZqiTssCFJcvoK9+N1bYgfnF447SMaIYsvJ9SYcK txghAw3nP0tgMECzM1XFniX0mv39vAlouPYjzg7v15JDCslNOZJhKTysDA3CMqsyq7CFTFtW 1BexqCjABgmV83lqcB0aLxl8EuVz/iEKibAplVkAoMs8T+gk1b6I9sAumgnfxw3aJpeEdMMX KM1kVgKjHO0FCH3BZKbnqrrU5h6pUQePYqNug/ogipmPcEqKV7vENBGbk+MxWH9+HXAYolkU ap3hf2EVC5AYYw+lWLeb75EjdcDm3BvrUuOFMuT50n2jtKjiIu9FO5t3K2mNbtisstpYWz9r r5iCid940kFDbClPHCIqdV7wJJjBSFTOK0aYvd/LoarSjeK0kl7YxMI6b9+KYFjgYpPkeLEo iO0VkNCkQKtjnzbMwSaLHtkbeq3D5p4qHs6Ow0qPEqphCd/Mdr+sv9HestlZ6Qj+cxi0eVwE 6sPdfKfD6kdUT/A4TkcM8Xw9dQwaBSxiAuSFCO5ezxjLYV4TgnE94a8LAvi/SUDFAStss46r +Hy3w/XW8NbFQ9jENzXeLSkyFbo5SoRn+d7Xk3pJNhPeRqzrNg2enKp1vJuepMCMxTOwDeex j26OxZAqLmfuZIx/fnImbuA89WjHdxhExcIBGLc97u3a3XXpzLx3Y9aXe+UVjnBT2eoqr66b OBYwvygYv0KmFFG79h1H7pxlP9s4tLuo/lRzxh+HWWNZFOuU+syLn6D1MhJl6tM2r4G5lfmB hPRooFXaeeTJcfoMF8NPw50PO2M2MYdliTW8flocl7x4zV6/ebfXEhfV/VWZPex8Feh3FsZ/ Noc IronPort-HdrOrdr: A9a23:u6lbbaigHaAv71ZdvVWq0vnDS3BQXiAji2hC6mlwRA09TyX5ra 2TdTogtSMc6QxhPE3I/OrrBEDuexzhHPJOj7X5Xo3SOTUO2lHYT72KhLGKq1Hd8kXFndK1vp 0QEZSWZueQMbB75/yKnTVREbwbsaW6GHbDv5ag859vJzsaFZ2J921Ce2Gm+tUdfng8OXI+fq DsgPZvln6bVlk8SN+0PXUBV/irnaywqHq3CSR2fiLO8WO1/EuV1II= X-IronPort-AV: E=Sophos;i="5.87,275,1631592000"; d="scan'208";a="59281587" From: Andrew Cooper To: Xen-devel CC: Andrew Cooper , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , Wei Liu Subject: [PATCH RFC 8/8] x86/boot: Check that permission restrictions have taken effect Date: Tue, 30 Nov 2021 10:04:45 +0000 Message-ID: <20211130100445.31156-9-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20211130100445.31156-1-andrew.cooper3@citrix.com> References: <20211130100445.31156-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @citrix.com) X-ZM-MESSAGEID: 1638266732141100009 Signed-off-by: Andrew Cooper --- CC: Jan Beulich CC: Roger Pau Monn=C3=A9 CC: Wei Liu RFC. I don't know if this is something we'd want to keep or not. Getting extable handling working for test_nx_data is proving tricky, and wh= ile I can't spot anything that should stop the extable from working with NX faults, from a security hardening perspective, there really ought to be. (Spurious faults aside), there are no circumstances where an NX fault is legitimate, and restricting extable's ability to interfere with the fatality of an NX fault provides a better security posture. --- xen/arch/x86/setup.c | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/xen/arch/x86/setup.c b/xen/arch/x86/setup.c index 3bbc46f244b9..7cb530a7528f 100644 --- a/xen/arch/x86/setup.c +++ b/xen/arch/x86/setup.c @@ -668,6 +668,45 @@ static void noreturn init_done(void) (unsigned long)&__2M_rodata_end, PAGE_HYPERVISOR_RO); =20 + if ( IS_ENABLED(CONFIG_DEBUG) ) + { + static const char test_rodata =3D 1; + static char __ro_after_init test_ro_after_init =3D 1; + +#define PROBE(insn, c, p) \ + ({ \ + bool fault =3D 0; \ + asm ( "1:" insn "[ptr]\n\t" \ + "2:\n\t" \ + ".section .fixup,\"ax\"\n\t" \ + "3: movb $1, %[fault]\n\t" \ + "jmp 2b\n\t" \ + ".previous" \ + _ASM_EXTABLE(1b, 3b) \ + : [fault] "+r" (fault) \ + : [ptr] c (p) \ + ); \ + fault; \ + }) + + if ( !PROBE("notb %", "m", test_rodata) ) + panic("No fault from test_rodata\n"); + + if ( !PROBE("notb %", "m", test_ro_after_init) ) + panic("No fault from test_ro_after_init\n"); + + if ( !PROBE("notb %", "m", init_done) ) + panic("No fault from modifying init_done\n"); + + if ( 0 /* RFC */ && cpu_has_nx ) + { + static char test_nx_data[1] =3D { 0xc3 }; + + if ( !PROBE("call %c", "i", test_nx_data) ) + panic("No fault from test_nx_data\n"); + } + } + startup_cpu_idle_loop(); } =20 --=20 2.11.0