From nobody Sun May 5 05:21:58 2024 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 12F92C43334 for ; Thu, 30 Jun 2022 07:14:54 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232213AbiF3HOu (ORCPT ); Thu, 30 Jun 2022 03:14:50 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43098 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231861AbiF3HOq (ORCPT ); Thu, 30 Jun 2022 03:14:46 -0400 Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.220.28]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D7A561A06B for ; Thu, 30 Jun 2022 00:14:45 -0700 (PDT) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id 8F8B821C17; Thu, 30 Jun 2022 07:14:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1656573284; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=38TnYLyTGlkUm6ORupS6PivJsuoTeOfCzm7BgT7zdQQ=; b=fyg68Z2J2j/iqSbIIg7jvar8VY2mi3IdtR6AgHni//Ufu8+ErfvlFGZo2Eq/0tnuD+zeyT FqU6rt5f7JUdr6NOd6EOq6RqPNAQu1WUQqEZVZQSbx0adbJEQmuk1UNvLZ7DWUe715qXoj 7dvpO8HOTIXQHHGaIWs3x963H4sf+f8= Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id 3CAD313A5C; Thu, 30 Jun 2022 07:14:44 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id sFx8DWRNvWKvKgAAMHmgww (envelope-from ); Thu, 30 Jun 2022 07:14:44 +0000 From: Juergen Gross To: xen-devel@lists.xenproject.org, x86@kernel.org, linux-kernel@vger.kernel.org Cc: jpoimboe@kernel.org, Juergen Gross , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Boris Ostrovsky , Jan Beulich Subject: [PATCH v3 1/3] x86/xen: use clear_bss() for Xen PV guests Date: Thu, 30 Jun 2022 09:14:39 +0200 Message-Id: <20220630071441.28576-2-jgross@suse.com> X-Mailer: git-send-email 2.35.3 In-Reply-To: <20220630071441.28576-1-jgross@suse.com> References: <20220630071441.28576-1-jgross@suse.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Instead of clearing the bss area in assembly code, use the clear_bss() function. This requires to pass the start_info address as parameter to xen_start_kernel() in order to avoid the xen_start_info being zeroed again. Signed-off-by: Juergen Gross Reviewed-by: Jan Beulich Reviewed-by: Boris Ostrovsky --- arch/x86/include/asm/setup.h | 3 +++ arch/x86/kernel/head64.c | 2 +- arch/x86/xen/enlighten_pv.c | 8 ++++++-- arch/x86/xen/xen-head.S | 10 +--------- 4 files changed, 11 insertions(+), 12 deletions(-) diff --git a/arch/x86/include/asm/setup.h b/arch/x86/include/asm/setup.h index f8b9ee97a891..f37cbff7354c 100644 --- a/arch/x86/include/asm/setup.h +++ b/arch/x86/include/asm/setup.h @@ -120,6 +120,9 @@ void *extend_brk(size_t size, size_t align); static char __brk_##name[size] =20 extern void probe_roms(void); + +void clear_bss(void); + #ifdef __i386__ =20 asmlinkage void __init i386_start_kernel(void); diff --git a/arch/x86/kernel/head64.c b/arch/x86/kernel/head64.c index bd4a34100ed0..e7e233209a8c 100644 --- a/arch/x86/kernel/head64.c +++ b/arch/x86/kernel/head64.c @@ -426,7 +426,7 @@ void __init do_early_exception(struct pt_regs *regs, in= t trapnr) =20 /* Don't add a printk in there. printk relies on the PDA which is not init= ialized=20 yet. */ -static void __init clear_bss(void) +void __init clear_bss(void) { memset(__bss_start, 0, (unsigned long) __bss_stop - (unsigned long) __bss_start); diff --git a/arch/x86/xen/enlighten_pv.c b/arch/x86/xen/enlighten_pv.c index e3297b15701c..70fb2ea85e90 100644 --- a/arch/x86/xen/enlighten_pv.c +++ b/arch/x86/xen/enlighten_pv.c @@ -1183,15 +1183,19 @@ static void __init xen_domu_set_legacy_features(voi= d) extern void early_xen_iret_patch(void); =20 /* First C function to be called on Xen boot */ -asmlinkage __visible void __init xen_start_kernel(void) +asmlinkage __visible void __init xen_start_kernel(struct start_info *si) { struct physdev_set_iopl set_iopl; unsigned long initrd_start =3D 0; int rc; =20 - if (!xen_start_info) + if (!si) return; =20 + clear_bss(); + + xen_start_info =3D si; + __text_gen_insn(&early_xen_iret_patch, JMP32_INSN_OPCODE, &early_xen_iret_patch, &xen_iret, JMP32_INSN_SIZE); diff --git a/arch/x86/xen/xen-head.S b/arch/x86/xen/xen-head.S index 3a2cd93bf059..13af6fe453e3 100644 --- a/arch/x86/xen/xen-head.S +++ b/arch/x86/xen/xen-head.S @@ -48,15 +48,6 @@ SYM_CODE_START(startup_xen) ANNOTATE_NOENDBR cld =20 - /* Clear .bss */ - xor %eax,%eax - mov $__bss_start, %rdi - mov $__bss_stop, %rcx - sub %rdi, %rcx - shr $3, %rcx - rep stosq - - mov %rsi, xen_start_info mov initial_stack(%rip), %rsp =20 /* Set up %gs. @@ -71,6 +62,7 @@ SYM_CODE_START(startup_xen) cdq wrmsr =20 + mov %rsi, %rdi call xen_start_kernel SYM_CODE_END(startup_xen) __FINIT --=20 2.35.3 From nobody Sun May 5 05:21:58 2024 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4E10BC43334 for ; Thu, 30 Jun 2022 07:15:00 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232636AbiF3HO6 (ORCPT ); Thu, 30 Jun 2022 03:14:58 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43106 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230334AbiF3HOq (ORCPT ); Thu, 30 Jun 2022 03:14:46 -0400 Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.220.29]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 35ABB1A07A for ; Thu, 30 Jun 2022 00:14:46 -0700 (PDT) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id E19551F92C; Thu, 30 Jun 2022 07:14:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1656573284; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=VcbWEwweM6uAYrYgVJNLQYhtOesCwLF7IPn5AMOMTe4=; b=poOAGXG5HMP5JL8mmIzmAsRosA8/pUtqIF93iUlTdXo4zyLPaI9yGkWJpDn5zOobZq5yir pZhLC+TwmME1b+6nuKw+Oi8n+V80EsJhCCqPzYP1W3WpbjEbVlIYIITcJ3/u8M4o0oM0VJ BN1I9NQpuGSXsF+OWK/QvRFvPhtR/hM= Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id 9846913A5C; Thu, 30 Jun 2022 07:14:44 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id iOHWI2RNvWKvKgAAMHmgww (envelope-from ); Thu, 30 Jun 2022 07:14:44 +0000 From: Juergen Gross To: xen-devel@lists.xenproject.org, x86@kernel.org, linux-kernel@vger.kernel.org Cc: jpoimboe@kernel.org, Juergen Gross , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" Subject: [PATCH v3 2/3] x86: clear .brk area at early boot Date: Thu, 30 Jun 2022 09:14:40 +0200 Message-Id: <20220630071441.28576-3-jgross@suse.com> X-Mailer: git-send-email 2.35.3 In-Reply-To: <20220630071441.28576-1-jgross@suse.com> References: <20220630071441.28576-1-jgross@suse.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" The .brk section has the same properties as .bss: it is an alloc-only section and should be cleared before being used. Not doing so is especially a problem for Xen PV guests, as the hypervisor will validate page tables (check for writable page tables and hypervisor private bits) before accepting them to be used. Make sure .brk is initially zero by letting clear_bss() clear the brk area, too. Signed-off-by: Juergen Gross --- arch/x86/kernel/head64.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arch/x86/kernel/head64.c b/arch/x86/kernel/head64.c index e7e233209a8c..6a3cfaf6b72a 100644 --- a/arch/x86/kernel/head64.c +++ b/arch/x86/kernel/head64.c @@ -430,6 +430,8 @@ void __init clear_bss(void) { memset(__bss_start, 0, (unsigned long) __bss_stop - (unsigned long) __bss_start); + memset(__brk_base, 0, + (unsigned long) __brk_limit - (unsigned long) __brk_base); } =20 static unsigned long get_cmd_line_ptr(void) --=20 2.35.3 From nobody Sun May 5 05:21:58 2024 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 859C0C433EF for ; Thu, 30 Jun 2022 07:15:02 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232144AbiF3HPB (ORCPT ); Thu, 30 Jun 2022 03:15:01 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43114 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232006AbiF3HOr (ORCPT ); Thu, 30 Jun 2022 03:14:47 -0400 Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.220.28]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9F85219C38 for ; Thu, 30 Jun 2022 00:14:46 -0700 (PDT) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id 3F32A21C36; Thu, 30 Jun 2022 07:14:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1656573285; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=dCgMupKWsFTgcQQygfN0SR5QkcimXyNIOsA3rDiUr5Q=; b=kiJN9aVoEGPb5m8eSiQoOTlZK2EQTATiQvG06ICc4EspsoI4rKTMRoaB0xF5U1ryWN9IfU ZD942x/ZcThxVp3QaBx//I6RK0725O4ZA+6HIOiu6s0DmxhCkTOEB4nobwmczq6EHrrKLe clRlM9l3SfiOE9GBBHsJFfuJf/7b1oE= Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id EA13713A5C; Thu, 30 Jun 2022 07:14:44 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id 8Id4N2RNvWKvKgAAMHmgww (envelope-from ); Thu, 30 Jun 2022 07:14:44 +0000 From: Juergen Gross To: xen-devel@lists.xenproject.org, x86@kernel.org, linux-kernel@vger.kernel.org Cc: jpoimboe@kernel.org, Juergen Gross , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" Subject: [PATCH v3 3/3] x86: fix .brk attribute in linker script Date: Thu, 30 Jun 2022 09:14:41 +0200 Message-Id: <20220630071441.28576-4-jgross@suse.com> X-Mailer: git-send-email 2.35.3 In-Reply-To: <20220630071441.28576-1-jgross@suse.com> References: <20220630071441.28576-1-jgross@suse.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Commit e32683c6f7d2 ("x86/mm: Fix RESERVE_BRK() for older binutils") added the "NOLOAD" attribute to the .brk section as a "failsafe" measure. Unfortunately this leads to the linker no longer covering the .brk section in a program header, resulting in the kernel loader not knowing that the memory for the .brk section must be reserved. This has led to crashes when loading the kernel as PV dom0 under Xen, but other scenarios could be hit by the same problem (e.g. in case an uncompressed kernel is used and the initrd is placed directly behind it). So drop the "NOLOAD" attribute. This has been verified to correctly cover the .brk section by a program header of the resulting ELF file. Fixes: e32683c6f7d2 ("x86/mm: Fix RESERVE_BRK() for older binutils") Signed-off-by: Juergen Gross Reviewed-by: Josh Poimboeuf --- V2: - new patch --- arch/x86/kernel/vmlinux.lds.S | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S index 81aba718ecd5..9487ce8c13ee 100644 --- a/arch/x86/kernel/vmlinux.lds.S +++ b/arch/x86/kernel/vmlinux.lds.S @@ -385,7 +385,7 @@ SECTIONS __end_of_kernel_reserve =3D .; =20 . =3D ALIGN(PAGE_SIZE); - .brk (NOLOAD) : AT(ADDR(.brk) - LOAD_OFFSET) { + .brk : AT(ADDR(.brk) - LOAD_OFFSET) { __brk_base =3D .; . +=3D 64 * 1024; /* 64k alignment slop space */ *(.bss..brk) /* areas brk users have reserved */ --=20 2.35.3