From nobody Sun May 5 18:27:46 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=quarantine dis=none) header.from=suse.com ARC-Seal: i=1; a=rsa-sha256; t=1655977599; cv=none; d=zohomail.com; s=zohoarc; b=i5w5eCvy+ypr+/yN/vyTzjPHbRjwRkhjqiFXqfPcZ5iteI+oNQoMZ4TT/K/B82Ab7Hsm2sxbffxkQ+nKskeHJNzLjf3b9cqESS7AVy9qPItMkJx37bF1/e/tGwV/5brUkhGmK99Jc2LPBDvRFnLELnP3DAdKc5b9s4+ZeLALUpo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1655977599; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=qOrZ3a0atU/z4XGkVjCM42/CYfuowe8zJtC3IRIryL4=; b=ILjMhlEVDjw7s7FAncllYoRYZwJIAG8m+TlhrJxe/xfGqDd5DzkmcXdcRzN1Hr4AT+xX+p2yzU28EJmMwtzhhIHgLlogF5v6M2935GDT2Vqxird1jDvgep+ClN59QHKuMsxBlN3lEc3J8lllyj6HQ2oxVf6N+cNgJNfqWie3SRs= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1655977599539851.2789734719726; Thu, 23 Jun 2022 02:46:39 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.354727.581989 (Exim 4.92) (envelope-from ) id 1o4JPj-00009o-MN; Thu, 23 Jun 2022 09:46:15 +0000 Received: by outflank-mailman (output) from mailman id 354727.581989; Thu, 23 Jun 2022 09:46:15 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1o4JPj-00009h-J5; Thu, 23 Jun 2022 09:46:15 +0000 Received: by outflank-mailman (input) for mailman id 354727; Thu, 23 Jun 2022 09:46:14 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1o4JPi-0008LX-2t for xen-devel@lists.xenproject.org; Thu, 23 Jun 2022 09:46:14 +0000 Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.220.28]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id 50575c74-f2d9-11ec-bd2d-47488cf2e6aa; Thu, 23 Jun 2022 11:46:11 +0200 (CEST) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id 6F2CA21CF6; Thu, 23 Jun 2022 09:46:11 +0000 (UTC) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id 1B7CF133A6; Thu, 23 Jun 2022 09:46:11 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id QPVlBWM2tGLmLwAAMHmgww (envelope-from ); Thu, 23 Jun 2022 09:46:11 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 50575c74-f2d9-11ec-bd2d-47488cf2e6aa DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1655977571; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=qOrZ3a0atU/z4XGkVjCM42/CYfuowe8zJtC3IRIryL4=; b=CY+aACXb8FTwdvlK2MD+8Ue/Ep+AuaiXD4J2b/dJwMFgM+Cr8HwRI0sA5M0QA78pAqdvsr 3Wy5n6qTS4x9KZcf/S2ffLR4puT/FnYCgKNVJuftwlxmFmOANRIxWolPgpkpPWtaqQ+hho V/uuve6jQ8m5GFkEDaoknN9kv4J73Vk= From: Juergen Gross To: xen-devel@lists.xenproject.org, x86@kernel.org, linux-kernel@vger.kernel.org Cc: Juergen Gross , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Boris Ostrovsky , Jan Beulich Subject: [PATCH v2 1/3] x86/xen: use clear_bss() for Xen PV guests Date: Thu, 23 Jun 2022 11:46:06 +0200 Message-Id: <20220623094608.7294-2-jgross@suse.com> X-Mailer: git-send-email 2.35.3 In-Reply-To: <20220623094608.7294-1-jgross@suse.com> References: <20220623094608.7294-1-jgross@suse.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @suse.com) X-ZM-MESSAGEID: 1655977601573100005 Content-Type: text/plain; charset="utf-8" Instead of clearing the bss area in assembly code, use the clear_bss() function. This requires to pass the start_info address as parameter to xen_start_kernel() in order to avoid the xen_start_info being zeroed again. Signed-off-by: Juergen Gross Reviewed-by: Jan Beulich Reviewed-by: Boris Ostrovsky --- arch/x86/include/asm/setup.h | 3 +++ arch/x86/kernel/head64.c | 2 +- arch/x86/xen/enlighten_pv.c | 8 ++++++-- arch/x86/xen/xen-head.S | 10 +--------- 4 files changed, 11 insertions(+), 12 deletions(-) diff --git a/arch/x86/include/asm/setup.h b/arch/x86/include/asm/setup.h index f8b9ee97a891..f37cbff7354c 100644 --- a/arch/x86/include/asm/setup.h +++ b/arch/x86/include/asm/setup.h @@ -120,6 +120,9 @@ void *extend_brk(size_t size, size_t align); static char __brk_##name[size] =20 extern void probe_roms(void); + +void clear_bss(void); + #ifdef __i386__ =20 asmlinkage void __init i386_start_kernel(void); diff --git a/arch/x86/kernel/head64.c b/arch/x86/kernel/head64.c index bd4a34100ed0..e7e233209a8c 100644 --- a/arch/x86/kernel/head64.c +++ b/arch/x86/kernel/head64.c @@ -426,7 +426,7 @@ void __init do_early_exception(struct pt_regs *regs, in= t trapnr) =20 /* Don't add a printk in there. printk relies on the PDA which is not init= ialized=20 yet. */ -static void __init clear_bss(void) +void __init clear_bss(void) { memset(__bss_start, 0, (unsigned long) __bss_stop - (unsigned long) __bss_start); diff --git a/arch/x86/xen/enlighten_pv.c b/arch/x86/xen/enlighten_pv.c index e3297b15701c..70fb2ea85e90 100644 --- a/arch/x86/xen/enlighten_pv.c +++ b/arch/x86/xen/enlighten_pv.c @@ -1183,15 +1183,19 @@ static void __init xen_domu_set_legacy_features(voi= d) extern void early_xen_iret_patch(void); =20 /* First C function to be called on Xen boot */ -asmlinkage __visible void __init xen_start_kernel(void) +asmlinkage __visible void __init xen_start_kernel(struct start_info *si) { struct physdev_set_iopl set_iopl; unsigned long initrd_start =3D 0; int rc; =20 - if (!xen_start_info) + if (!si) return; =20 + clear_bss(); + + xen_start_info =3D si; + __text_gen_insn(&early_xen_iret_patch, JMP32_INSN_OPCODE, &early_xen_iret_patch, &xen_iret, JMP32_INSN_SIZE); diff --git a/arch/x86/xen/xen-head.S b/arch/x86/xen/xen-head.S index 3a2cd93bf059..13af6fe453e3 100644 --- a/arch/x86/xen/xen-head.S +++ b/arch/x86/xen/xen-head.S @@ -48,15 +48,6 @@ SYM_CODE_START(startup_xen) ANNOTATE_NOENDBR cld =20 - /* Clear .bss */ - xor %eax,%eax - mov $__bss_start, %rdi - mov $__bss_stop, %rcx - sub %rdi, %rcx - shr $3, %rcx - rep stosq - - mov %rsi, xen_start_info mov initial_stack(%rip), %rsp =20 /* Set up %gs. @@ -71,6 +62,7 @@ SYM_CODE_START(startup_xen) cdq wrmsr =20 + mov %rsi, %rdi call xen_start_kernel SYM_CODE_END(startup_xen) __FINIT --=20 2.35.3 From nobody Sun May 5 18:27:46 2024 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id DE467C433EF for ; Thu, 23 Jun 2022 09:46:23 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231237AbiFWJqW (ORCPT ); Thu, 23 Jun 2022 05:46:22 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48266 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231151AbiFWJqO (ORCPT ); Thu, 23 Jun 2022 05:46:14 -0400 Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.220.29]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 484B049927 for ; Thu, 23 Jun 2022 02:46:13 -0700 (PDT) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id B6B731FD8B; Thu, 23 Jun 2022 09:46:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1655977571; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=JeJlzEy9S9HO3UBMbEaEgVpv+aw7L6zfG0jvSaFE4ro=; b=XTE+RGVoZDWEOCRBYwyFcbohYpKJ0tpbYKgmRUWXHS0+VkUaHPYT85AzuVlQqwIoTHLAGh tgsvveadD+BFZE0w4NEj2C0G9PIi/KMBvbG23r1w+/0eAt/LTSkuq9N7QERf5nCB7vjHbS 0Tqza47Z5amQO5OYJVc/LVLFHU2SiTw= Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id 7291713AB2; Thu, 23 Jun 2022 09:46:11 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id 4A6NGmM2tGLmLwAAMHmgww (envelope-from ); Thu, 23 Jun 2022 09:46:11 +0000 From: Juergen Gross To: xen-devel@lists.xenproject.org, x86@kernel.org, linux-kernel@vger.kernel.org Cc: Juergen Gross , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" Subject: [PATCH v2 2/3] x86: fix setup of brk area Date: Thu, 23 Jun 2022 11:46:07 +0200 Message-Id: <20220623094608.7294-3-jgross@suse.com> X-Mailer: git-send-email 2.35.3 In-Reply-To: <20220623094608.7294-1-jgross@suse.com> References: <20220623094608.7294-1-jgross@suse.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Commit e32683c6f7d2 ("x86/mm: Fix RESERVE_BRK() for older binutils") put the brk area into the .bss..brk section (placed directly behind .bss), causing it not to be cleared initially. As the brk area is used to allocate early page tables, these might contain garbage in not explicitly written entries. This is especially a problem for Xen PV guests, as the hypervisor will validate page tables (check for writable page tables and hypervisor private bits) before accepting them to be used. There have been reports of early crashes of PV guests due to illegal page table contents. Fix that by letting clear_bss() clear the brk area, too. Fixes: e32683c6f7d2 ("x86/mm: Fix RESERVE_BRK() for older binutils") Signed-off-by: Juergen Gross Reviewed-by: Boris Ostrovsky --- arch/x86/kernel/head64.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arch/x86/kernel/head64.c b/arch/x86/kernel/head64.c index e7e233209a8c..6a3cfaf6b72a 100644 --- a/arch/x86/kernel/head64.c +++ b/arch/x86/kernel/head64.c @@ -430,6 +430,8 @@ void __init clear_bss(void) { memset(__bss_start, 0, (unsigned long) __bss_stop - (unsigned long) __bss_start); + memset(__brk_base, 0, + (unsigned long) __brk_limit - (unsigned long) __brk_base); } =20 static unsigned long get_cmd_line_ptr(void) --=20 2.35.3 From nobody Sun May 5 18:27:46 2024 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 96995CCA47C for ; Thu, 23 Jun 2022 09:46:29 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231253AbiFWJq2 (ORCPT ); Thu, 23 Jun 2022 05:46:28 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48268 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231154AbiFWJqO (ORCPT ); Thu, 23 Jun 2022 05:46:14 -0400 Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.220.28]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4EF1C4992A for ; Thu, 23 Jun 2022 02:46:13 -0700 (PDT) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id 0B5AB21D14; Thu, 23 Jun 2022 09:46:12 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1655977572; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=bYI7V/dmnXpWZM2zlRb/pc+ci8hD5Th5E8mJSClVr9Q=; b=ibWYLSIpJW3cxc8VSyWjDZrMrjlU3h6E5ttl0nic13fOU+GJYulTpVShiW7JRjZs1Cdb/g 3Sm4LdhKI2YpIuuRVieTgokm3PWXoIahWFwWWt60PzWC0PDY9EPCX1U7ReIJOg3y7Oi81V XzYONG1YZZnLXEbgbiBqj/5espOq4aw= Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id BE492133A6; Thu, 23 Jun 2022 09:46:11 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id EFUOLWM2tGLmLwAAMHmgww (envelope-from ); Thu, 23 Jun 2022 09:46:11 +0000 From: Juergen Gross To: xen-devel@lists.xenproject.org, x86@kernel.org, linux-kernel@vger.kernel.org Cc: Juergen Gross , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" Subject: [PATCH v2 3/3] x86: fix .brk attribute in linker script Date: Thu, 23 Jun 2022 11:46:08 +0200 Message-Id: <20220623094608.7294-4-jgross@suse.com> X-Mailer: git-send-email 2.35.3 In-Reply-To: <20220623094608.7294-1-jgross@suse.com> References: <20220623094608.7294-1-jgross@suse.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Commit e32683c6f7d2 ("x86/mm: Fix RESERVE_BRK() for older binutils") added the "NOLOAD" attribute to the .brk section as a "failsafe" measure. Unfortunately this leads to the linker no longer covering the .brk section in a program header, resulting in the kernel loader not knowing that the memory for the .brk section must be reserved. This has led to crashes when loading the kernel as PV dom0 under Xen, but other scenarios could be hit by the same problem (e.g. in case an uncompressed kernel is used and the initrd is placed directly behind it). So drop the "NOLOAD" attribute. This has been verified to correctly cover the .brk section by a program header of the resulting ELF file. Fixes: e32683c6f7d2 ("x86/mm: Fix RESERVE_BRK() for older binutils") Signed-off-by: Juergen Gross Reviewed-by: Boris Ostrovsky Reviewed-by: Josh Poimboeuf --- V2: - new patch --- arch/x86/kernel/vmlinux.lds.S | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S index 81aba718ecd5..9487ce8c13ee 100644 --- a/arch/x86/kernel/vmlinux.lds.S +++ b/arch/x86/kernel/vmlinux.lds.S @@ -385,7 +385,7 @@ SECTIONS __end_of_kernel_reserve =3D .; =20 . =3D ALIGN(PAGE_SIZE); - .brk (NOLOAD) : AT(ADDR(.brk) - LOAD_OFFSET) { + .brk : AT(ADDR(.brk) - LOAD_OFFSET) { __brk_base =3D .; . +=3D 64 * 1024; /* 64k alignment slop space */ *(.bss..brk) /* areas brk users have reserved */ --=20 2.35.3