From nobody Mon Feb 9 00:13:14 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1657297242; cv=none; d=zohomail.com; s=zohoarc; b=LfCtDLm0hAlALGZd6t/ASIUF4ojaogclEmFa/LGmkOFAUztHNParLFRNJhtW4tw3ghsSp0UsDVr3SvnP+1GuscqewYnvjQ7PJLjkzNJ0HziU+h14vGfnE0W2M9I/4s3h1NBqzZUpc1edqgqUMKKbtB0syYYJm3MCa06LWQExR0o= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1657297242; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=OKB7uIUW5N+kwp2tJhCHwoD9t4Yama3/f16LKbKNd3Y=; b=Dmp2YMIaXqKfM/qx93BsLgr5D0tW2MEkmafzrR88ZQxv6ZXPrhrYfB7aDfjxypaDB8Tik2BQbEbp60EwvGuz8GuZrxEJFV0rwm7WpLYgyDx5wImZBdUjcLVuyU8RjUAAl3Zzzg6TIxshIG2n0rj/JZ8dacHhSOLAReGpAQMQ9Wg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1657297242986219.45429524103395; Fri, 8 Jul 2022 09:20:42 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.363581.594195 (Exim 4.92) (envelope-from ) id 1o9qiG-0005MC-7A; Fri, 08 Jul 2022 16:20:16 +0000 Received: by outflank-mailman (output) from mailman id 363581.594195; Fri, 08 Jul 2022 16:20:16 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1o9qiG-0005M1-43; Fri, 08 Jul 2022 16:20:16 +0000 Received: by outflank-mailman (input) for mailman id 363581; Fri, 08 Jul 2022 16:20:14 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1o9qiE-00054g-GD for xen-devel@lists.xenproject.org; Fri, 08 Jul 2022 16:20:14 +0000 Received: from esa5.hc3370-68.iphmx.com (esa5.hc3370-68.iphmx.com [216.71.155.168]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id d7366dd3-fed9-11ec-bd2d-47488cf2e6aa; Fri, 08 Jul 2022 18:20:13 +0200 (CEST) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: d7366dd3-fed9-11ec-bd2d-47488cf2e6aa DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1657297213; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=4G0pHe7Zlw0C/WopgFCHRK8VLGhJr1p2bjgFoVEoa40=; b=SSDrmT+vqsBKIRlCrzsNRMS4FBRyni5YVHA5l5aDttgcXdTEnI85jPrY mol1XNGvHrsJ5hD8TRFWOr1cQPy6zSm85ne4R1lExpYy2aJL/O/w+jXnn H2hyy+/P62UabJAe0qoAGJdDvT6vfTkPvmugxYKQyLg1UN2Kkuleng6cz 4=; Authentication-Results: esa5.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none X-SBRS: 5.1 X-MesageID: 74700440 X-Ironport-Server: esa5.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.83 X-Policy: $RELAYED IronPort-Data: A9a23:WHrFha09UyLL48Fr2PbD5bZxkn2cJEfYwER7XKvMYLTBsI5bpz0Om GsaXmrUPfnYNjHyKI1zbYS28E8H7Z/Rm4BmG1dqpC1hF35El5HIVI+TRqvS04J+DSFhoGZPt Zh2hgzodZhsJpPkjk7xdOCn9xGQ7InQLlbGILes1htZGEk1Ek/NtTo5w7Rj2tEw0YDia++wk YiaT/P3aQfNNwFcagr424rbwP+4lK2v0N+wlgVWicFj5DcypVFMZH4sDfjZw0/DaptVBoaHq 9Prl9lVyI97EyAFUbtJmp6jGqEDryW70QKm0hK6UID66vROS7BbPg/W+5PwZG8O4whlkeydx /1NsraIFCB5HZeTkd0aXTNDKCRdA4JZreqvzXiX6aR/zmXDenrohf5vEFs3LcsT/eMf7WNmr KJCbmpXN1ba2rzwkOnTpupE36zPKOHCOo8Ft24m5jbeFfs8GrjIQrnQ5M8e1zA17ixLNamCO JJBNWY3BPjGS00QHgY0V7w7pfqTpSntSwx3hQLJoYNitgA/yyQuieOwYbI5YOeiWsF9jkue4 GXc8AzRIDsXKdiewjqt6W+3i6nEmiaTcJIfEvi0++BnhHWXx3cPE1sGWF2ju/67h0WiHdVFJ CQpFjEG9PZoshbxF5+kAkP+8CXsUgMgt8R4E+oQ0FyqmonuvA+gAWYuVQVES+IJq5pjLdA17 WNlj+8FFBQ27uDKEyvBqefIxd+hEXNLdDFfPEfoWSNAuoC++99r03ojW/45SMaIYsvJ9SYcK txghAw3nP0tgMECzM1XFniX0mv39vAlouPYjzg7v15JDSsjPeZJn6TytTDmAQ9ode51tGWps nkegNS55+sTF5yLnyHlaLxTQe7zvqbaYGeC2w4H83wdG9KFoi/LkWd4uWgWGauUGpxcJW+Bj LH742u9G6O/zFP1NPQqMupd+uwhzLT6FMSNa804muFmO8ArHCfepXkGTRfJgwjFzRh9+Ylia MzzWZv9Uh4n5VFPkWPeqxE1iuRwmEjTBAr7GPjG8vhQ+eDEOiHJFelVYAvmgyJQxPrsnTg5O u13b6OioyizmsWkCsUL2eb/9Ww3EEU= IronPort-HdrOrdr: A9a23:Olm7BK/T0npAyZW6p6tuk+DgI+orL9Y04lQ7vn2YSXRuHPBw8P re5cjztCWE7gr5N0tBpTntAsW9qDbnhPtICOoqTNCftWvdyQiVxehZhOOIqVDd8m/Fh4pgPM 9bAtBD4bbLbGSS4/yU3ODBKadD/OW6 X-IronPort-AV: E=Sophos;i="5.92,256,1650945600"; d="scan'208";a="74700440" From: Andrew Cooper To: Xen-devel CC: Andrew Cooper , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , Wei Liu Subject: [PATCH 1/3] x86/spec-ctrl: Honour spec-ctrl=0 for unpriv-mmio sub-option Date: Fri, 8 Jul 2022 17:19:32 +0100 Message-ID: <20220708161934.10095-2-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20220708161934.10095-1-andrew.cooper3@citrix.com> References: <20220708161934.10095-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @citrix.com) X-ZM-MESSAGEID: 1657297244299100003 This was an oversight from when unpriv-mmio was introduced. Fixes: 8c24b70fedcb ("x86/spec-ctrl: Add spec-ctrl=3Dunpriv-mmio") Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- CC: Jan Beulich CC: Roger Pau Monn=C3=A9 CC: Wei Liu --- xen/arch/x86/spec_ctrl.c | 1 + 1 file changed, 1 insertion(+) diff --git a/xen/arch/x86/spec_ctrl.c b/xen/arch/x86/spec_ctrl.c index 7a4550db8318..ba64a09048be 100644 --- a/xen/arch/x86/spec_ctrl.c +++ b/xen/arch/x86/spec_ctrl.c @@ -122,6 +122,7 @@ static int __init cf_check parse_spec_ctrl(const char *= s) opt_l1d_flush =3D 0; opt_branch_harden =3D false; opt_srb_lock =3D 0; + opt_unpriv_mmio =3D false; } else if ( val > 0 ) rc =3D -EINVAL; --=20 2.11.0 From nobody Mon Feb 9 00:13:14 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1657297240; cv=none; d=zohomail.com; s=zohoarc; b=LE/uG9mzaRpcb5R095E0qrwiQMYdml0Y54jiNy35xg5zkeJoE314+3V2WEIxUwW0Tyf0S+zyTGcSIaYnsEdbfMlEph3dN1E8vhLI1W15MpoebVjd4GtNJqGRbVKyOwMtCmxRrxPTFTzy4LY5oqk/VHtFo7SjOZ2WOaBscgxzYlY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1657297240; h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=2QxSEWxOTC85Zi3cRwthRgJC3mJfV3Mn4gbcgZjvdtQ=; b=XOSnsbMTOfnLeZKeVwmXX0x+UtxJfxHxaqScbcjIRCz5d4f/oLwf4Yemxqc50DxbUO5cGXORu4UVVh/XK7ady8/jp7r8haaeyaTe0h7Q/nXMbg/RhwZEwawobdounsb/FoGL79i9Vev2UYoOn2isT/PcH2m5ss1oiq8+v3kHOlY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1657297240789825.8513318727047; Fri, 8 Jul 2022 09:20:40 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.363582.594199 (Exim 4.92) (envelope-from ) id 1o9qiG-0005Ow-GN; Fri, 08 Jul 2022 16:20:16 +0000 Received: by outflank-mailman (output) from mailman id 363582.594199; Fri, 08 Jul 2022 16:20:16 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1o9qiG-0005O5-Ba; Fri, 08 Jul 2022 16:20:16 +0000 Received: by outflank-mailman (input) for mailman id 363582; Fri, 08 Jul 2022 16:20:15 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1o9qiF-00054g-LD for xen-devel@lists.xenproject.org; Fri, 08 Jul 2022 16:20:15 +0000 Received: from esa5.hc3370-68.iphmx.com (esa5.hc3370-68.iphmx.com [216.71.155.168]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id d8f26d42-fed9-11ec-bd2d-47488cf2e6aa; Fri, 08 Jul 2022 18:20:14 +0200 (CEST) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: d8f26d42-fed9-11ec-bd2d-47488cf2e6aa DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1657297214; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version; bh=OPOL1lal7rsNW/hGS9xlZBwEc0R8DY+uuDGsN9y09zc=; b=Z8ftb2+CVvHOuZSmjAI88GMqsBBg2ZFj5wXeE2Sg0oQSt9bsYKv9jblb D4OQwXNVW0+JLd0kLYOzPbtFb5xsemx+pjNxwCk1ZkpOesGtLI3SoRAmq 97PrCedNbxyq3tgyqMUaBLzGpGcHHQLYyOLqU8eifRw6BcgWZra6fjuLO Q=; Authentication-Results: esa5.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none X-SBRS: 5.1 X-MesageID: 74700441 X-Ironport-Server: esa5.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.83 X-Policy: $RELAYED IronPort-Data: A9a23:VWtQ06LMl24ztx6hFE+RzZUlxSXFcZb7ZxGr2PjKsXjdYENS1zVVn DEeDWiFOK2IZmv9Ldp/ao2x9x8HsJHWndI3TQZlqX01Q3x08seUXt7xwmUcns+xwm8vaGo9s q3yv/GZdJhcokf0/0vrav67xZVF/fngqoDUUYYoAQgsA14+IMsdoUg7wbRh3dY42YPR7z6l4 rseneWOYDdJ5BYsWo4kw/rrRMRH5amaVJsw5zTSVNgT1LPsvyB94KE3fMldG0DQUIhMdtNWc s6YpF2PEsE1yD92Yj+tuu6TnkTn2dc+NyDW4pZdc/DKbhSvOkXee0v0XRYRQR4/ttmHozx+4 NVKn6TtblcKBPLFoeMTeQJjFgJAErITrdcrIVDn2SCS50jPcn+qyPRyFkAme4Yf/46bA0kXq 6ZecmpUKEne2aTmm9pXScE17ignBODtMJkSpTdLyjbBAOx9aZvCX7/L9ZlT2zJYasVmQqqBP 5JFNWMHgBLoPj1AawY0I6oFjsSDv3b/fAN4lFSonP9ii4TU5FMoi+W8WDbPQfSIWMFUk0Cwt m/AuWPjDXkyFvaS1D6E+XKEnfLUkGXwX4d6PL+37Plxm3WI23ceThYRUDOTsfS/z0KzRd9bA 0gV4TY167g/8lSxSdvwVAH+p2SL1jYHQMZZGeA+7ACLy4LX7hyfC2xCSSROAPQ5sOcmSDps0 UWG9+4FHhQ27ufTEyjEsO7J83XiYkD5MFPuewcESiE9vv6zg7tshyvIQPx4K6uWsPLqTGSYL y+xkMQuu1kCpZdVivrhpAyY027ESovhFVBsuFiONo6xxkYgPdP+OdT1gbTOxawYRLt1WGVtq 5TtdyK2yOkVRa+AmyWWKAnmNOH4vq3VWNEwbLMGInXAy9hO0yT6FWyoyGsiTHqFy+5dEdMTX GfduBlK+LhYN2awYKl8buqZUpp3kvK5RYu1DK6OPrKih6SdkiferUmCgmbJhgjQfLUEy/lja f93j+72ZZrlNUiX5GXvHLpMuVPa7is/2XnSVfjG8vhT6pLHPCT9Ye5caDOmN7llhIvZ8FS92 4sObKOilkQAONASlwGKqOb/23hRdiNlbX03wuQKHtO+zv1OQjt/VKONn+NxK+SIXc19z4/1w 510YWcAoHKXuJENAVzihqxLAF83YatCkA== IronPort-HdrOrdr: A9a23:I+wugKxPXK4b/no+Q5r5KrPwKL1zdoMgy1knxilNoRw8SK2lfq GV7YwmPHDP+VUssR0b9uxofZPwJU80lqQFmLX5X43SPjUO0VHAROoJgOffKn/bakrDH4ZmpM FdmsNFaOEYY2IVsS+D2njcL+od X-IronPort-AV: E=Sophos;i="5.92,256,1650945600"; d="scan'208";a="74700441" From: Andrew Cooper To: Xen-devel CC: Andrew Cooper , George Dunlap , Jan Beulich , "Stefano Stabellini" , Wei Liu , Julien Grall , Juergen Gross Subject: [PATCH 2/3] xen/cmdline: Extend parse_boolean() to signal a name match Date: Fri, 8 Jul 2022 17:19:33 +0100 Message-ID: <20220708161934.10095-3-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20220708161934.10095-1-andrew.cooper3@citrix.com> References: <20220708161934.10095-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 X-ZohoMail-DKIM: pass (identity @citrix.com) X-ZM-MESSAGEID: 1657297242871100001 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" This will help parsing a sub-option which has boolean and non-boolean optio= ns available. First, rework 'int val' into 'bool has_neg_prefix'. This inverts it's valu= e, but the resulting logic is far easier to follow. Second, reject anything of the form 'no-$FOO=3D' which excludes ambiguous constructs such as 'no-$foo=3Dyes' which have never been valid. This just leaves the case where everything is otherwise fine, but parse_boo= l() can't interpret the provided string. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich Reviewed-by: Juergen Gross --- CC: George Dunlap CC: Jan Beulich CC: Stefano Stabellini CC: Wei Liu CC: Julien Grall CC: Juergen Gross --- xen/common/kernel.c | 20 ++++++++++++++++---- xen/include/xen/lib.h | 3 ++- 2 files changed, 18 insertions(+), 5 deletions(-) diff --git a/xen/common/kernel.c b/xen/common/kernel.c index adff2d2c77f3..74dbaf31ea70 100644 --- a/xen/common/kernel.c +++ b/xen/common/kernel.c @@ -272,9 +272,9 @@ int parse_bool(const char *s, const char *e) int parse_boolean(const char *name, const char *s, const char *e) { size_t slen, nlen; - int val =3D !!strncmp(s, "no-", 3); + bool has_neg_prefix =3D !strncmp(s, "no-", 3); =20 - if ( !val ) + if ( has_neg_prefix ) s +=3D 3; =20 slen =3D e ? ({ ASSERT(e >=3D s); e - s; }) : strlen(s); @@ -286,11 +286,23 @@ int parse_boolean(const char *name, const char *s, co= nst char *e) =20 /* Exact, unadorned name? Result depends on the 'no-' prefix. */ if ( slen =3D=3D nlen ) - return val; + return !has_neg_prefix; + + /* Inexact match with a 'no-' prefix? Not valid. */ + if ( has_neg_prefix ) + return -1; =20 /* =3D$SOMETHING? Defer to the regular boolean parsing. */ if ( s[nlen] =3D=3D '=3D' ) - return parse_bool(&s[nlen + 1], e); + { + int b =3D parse_bool(&s[nlen + 1], e); + + if ( b >=3D 0 ) + return b; + + /* Not a boolean, but the name matched. Signal specially. */ + return -2; + } =20 /* Unrecognised. Give up. */ return -1; diff --git a/xen/include/xen/lib.h b/xen/include/xen/lib.h index aab1fc7c4a69..05ee1e18af6b 100644 --- a/xen/include/xen/lib.h +++ b/xen/include/xen/lib.h @@ -89,7 +89,8 @@ int parse_bool(const char *s, const char *e); /** * Given a specific name, parses a string of the form: * [no-]$NAME[=3D...] - * returning 0 or 1 for a recognised boolean, or -1 for an error. + * returning 0 or 1 for a recognised boolean. Returns -1 for general erro= rs, + * and -2 for "not a boolean, but $NAME=3D matches". */ int parse_boolean(const char *name, const char *s, const char *e); =20 --=20 2.11.0 From nobody Mon Feb 9 00:13:14 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1657297243; cv=none; d=zohomail.com; s=zohoarc; b=g7DAkmT1fohO3K8pMN176Gr0jzDksX0V7xMc1S0HkCdu26cXS6EpodFp5YZOkBezTLcs4wxbu3Fp7sQdJCUzqq7iGOJ46rsaTtkMqLr1IUnjhTSLcUKLh9p6b37M1fRCD14uJuQO35SXeBFrMJ5etOqZL8t0sHM084KwXLxBedc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1657297243; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=SIBaN2WwqOA/bHSoMjO4E4BfKumku8ckkpG3/6XHkK4=; b=MwZ9qC0t34PpmvvtHcLKd2XY+8lVLSaGmrfPT2D8JfIuM55Bpz+F7HG13GH2k4Vt9JHTePpDZ1V5sVZ44lanIZ/1oG2+ZsFicTVH0h1MAepcM/X3r5iginm1y6X3msXyrDlP5vd6ZUQsWCRkHOc3KCKYtavHUjquZKsJPm4N6ZM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1657297243534231.94220697396395; Fri, 8 Jul 2022 09:20:43 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.363580.594184 (Exim 4.92) (envelope-from ) id 1o9qiA-00054t-SF; Fri, 08 Jul 2022 16:20:10 +0000 Received: by outflank-mailman (output) from mailman id 363580.594184; Fri, 08 Jul 2022 16:20:10 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1o9qiA-00054m-PN; Fri, 08 Jul 2022 16:20:10 +0000 Received: by outflank-mailman (input) for mailman id 363580; Fri, 08 Jul 2022 16:20:09 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1o9qi9-00054g-8G for xen-devel@lists.xenproject.org; Fri, 08 Jul 2022 16:20:09 +0000 Received: from esa1.hc3370-68.iphmx.com (esa1.hc3370-68.iphmx.com [216.71.145.142]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id d3865ac0-fed9-11ec-bd2d-47488cf2e6aa; Fri, 08 Jul 2022 18:20:07 +0200 (CEST) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: d3865ac0-fed9-11ec-bd2d-47488cf2e6aa DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1657297206; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Y7mZFxS2RWldNtqgu6etUWYDAXOJTO/Jp6WEGB9hmEo=; b=bJ3eI7g30OBSmoeUAMHccUQUrTyCITL/a6+vAPJx2VehqOdUvcj8YFjm 4oAPKYf1OhIiv6yiO+/XZHbDWCfv+5ovdjJdXLVk7bfd/0guTijFabTg0 BZaO7LLyHVoT1l8qnFUSuPYc5jDJWwuPTeTpzNn8WANFPkS9KIOo3NkF2 w=; Authentication-Results: esa1.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none X-SBRS: 5.1 X-MesageID: 75816900 X-Ironport-Server: esa1.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.83 X-Policy: $RELAYED IronPort-Data: A9a23:wCPpcaj9TiUZUcn0wHrrmBq4X161BRAKZh0ujC45NGQN5FlHY01je htvXDjSafyPZGD3LohyPojj80JVu5XSztcyHApprikwEigb9cadCdqndUqhZCn6wu8v7a5EA 2fyTvGacajYm1eF/k/F3oDJ9CU6jefSLlbFILas1hpZHGeIcw98z0M58wIFqtQw24LhXFvd4 YiaT/D3YzdJ5RYlagr41IrbwP9flKyaVOQw5wFWiVhj5TcyplFNZH4tDfjZw0jQG+G4KtWSV efbpIxVy0uCl/sb5nFJpZ6gGqECaua60QFjERO6UYD66vRJjnRaPqrWqJPwwKqY4tmEt4kZ9 TlDiXC/YSB5EoLco7klaghVQihSD4NF5r/5ClHq5KR/z2WeG5ft6/BnDUVwNowE4OdnR2pJ8 JT0KhhUMErF3bjvhuvmFK883azPL+GyVG8bklhmwSvUErANRpfbTr+RzdRZwC0xloZFGvO2i 88xNmc/NUqRO0Un1lE/MZ1itfqjuSLDTxoHiUqvp4UIwHf/01kkuFTqGIWMIYHbLSlPpW6Ho krW8mK/BQsVXPS94zeY9nOnhsfUgDj2HokVEdWQ5vNsxVGe2GEXIBkXTkeg5+m0jFakXNBSI FBS/TAhxZXe72TyEIO7BUfh5ifZ4FhMALK8DtHW9imqmob78z3EPlEVQ29IRO4It9E2excDg wrhc8zSOdB/jFGEYSvDq+jO9G/taXR9wXwqPnFdE1ZcizX3iMRq10+UEI4+eEKgpoetcQwc1 Qxmu8TXa187qccQn5u28lnc695HjsiYF1Vljuk7s4/M0++YWGJGT9bxgbQjxawcRLt1t3HY1 JT+p+CQ7foVEbaGnzGXTeMGEdmBvqjYb2eF0QE/Rcd7p1xBHkJPm6gJsVmSw28wa645lcLBO heP6Wu9GrcJVJdVUUOHS93oUJl7pUQRPd/kSurVfrJzX3SFTyfepHsGTRfJhwjFyRFw+Ylia cbzWZv9Vh4yVPU4pAdass9AiNfHMAhlnjiNLX06pjz6uYejiIm9E+1bbwfSMLBpvMtpYmz9q r5iCidD8D0HOMWWX8Ud2dR7wYwiRZTjOa3Llg== IronPort-HdrOrdr: A9a23:8F9pUKqxzpLiLKEmmJzEj4MaV5oTeYIsimQD101hICG8cqSj+f xG+85rrCMc6QxhPk3I9urhBEDtex/hHNtOkOws1NSZLW7bUQmTXeJfBOLZqlWKcUDDH6xmpM NdmsBFeaXN5DNB7PoSjjPWLz9Z+qjkzJyV X-IronPort-AV: E=Sophos;i="5.92,256,1650945600"; d="scan'208";a="75816900" From: Andrew Cooper To: Xen-devel CC: Andrew Cooper , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , Wei Liu Subject: [PATCH 3/3] x86/spec-ctrl: Add fine-grained cmdline suboptions for primitives Date: Fri, 8 Jul 2022 17:19:34 +0100 Message-ID: <20220708161934.10095-4-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20220708161934.10095-1-andrew.cooper3@citrix.com> References: <20220708161934.10095-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @citrix.com) X-ZM-MESSAGEID: 1657297244364100005 Support controling the PV/HVM suboption of msr-sc/rsb/md-clear, which previously wasn't possible. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- CC: Jan Beulich CC: Roger Pau Monn=C3=A9 CC: Wei Liu --- docs/misc/xen-command-line.pandoc | 12 +++++-- xen/arch/x86/spec_ctrl.c | 66 +++++++++++++++++++++++++++++++++--= ---- 2 files changed, 66 insertions(+), 12 deletions(-) diff --git a/docs/misc/xen-command-line.pandoc b/docs/misc/xen-command-line= .pandoc index da18172e50c5..de33ccc005fc 100644 --- a/docs/misc/xen-command-line.pandoc +++ b/docs/misc/xen-command-line.pandoc @@ -2257,7 +2257,8 @@ not be able to control the state of the mitigation. By default SSBD will be mitigated at runtime (i.e `ssbd=3Druntime`). =20 ### spec-ctrl (x86) -> `=3D List of [ , xen=3D, {pv,hvm,msr-sc,rsb,md-clear}=3D, +> `=3D List of [ , xen=3D, {pv,hvm}=3D, +> {msr-sc,rsb,md-clear}=3D|{pv,hvm}=3D, > bti-thunk=3Dretpoline|lfence|jmp, {ibrs,ibpb,ssbd,psfd, > eager-fpu,l1d-flush,branch-harden,srb-lock, > unpriv-mmio}=3D ]` @@ -2282,12 +2283,17 @@ in place for guests to use. =20 Use of a positive boolean value for either of these options is invalid. =20 -The booleans `pv=3D`, `hvm=3D`, `msr-sc=3D`, `rsb=3D` and `md-clear=3D` of= fer fine +The `pv=3D`, `hvm=3D`, `msr-sc=3D`, `rsb=3D` and `md-clear=3D` options off= er fine grained control over the primitives by Xen. These impact Xen's ability to -protect itself, and Xen's ability to virtualise support for guests to use. +protect itself, and/or Xen's ability to virtualise support for guests to u= se. =20 * `pv=3D` and `hvm=3D` offer control over all suboptions for PV and HVM gu= ests respectively. +* Each other option can be used either as a plain boolean + (e.g. `spec-ctrl=3Drsb` to control both the PV and HVM sub-options), or = with + `pv=3D` or `hvm=3D` subsuboptions (e.g. `spec-ctrl=3Drsb=3Dno-hvm` to di= sable HVM + RSB only). + * `msr-sc=3D` offers control over Xen's support for manipulating `MSR_SPEC= _CTRL` on entry and exit. These blocks are necessary to virtualise support for guests and if disabled, guests will be unable to use IBRS/STIBP/SSBD/etc. diff --git a/xen/arch/x86/spec_ctrl.c b/xen/arch/x86/spec_ctrl.c index ba64a09048be..328862bdf549 100644 --- a/xen/arch/x86/spec_ctrl.c +++ b/xen/arch/x86/spec_ctrl.c @@ -147,20 +147,68 @@ static int __init cf_check parse_spec_ctrl(const char= *s) opt_rsb_hvm =3D val; opt_md_clear_hvm =3D val; } - else if ( (val =3D parse_boolean("msr-sc", s, ss)) >=3D 0 ) + else if ( (val =3D parse_boolean("msr-sc", s, ss)) !=3D -1 ) { - opt_msr_sc_pv =3D val; - opt_msr_sc_hvm =3D val; + switch ( val ) + { + case 0: + case 1: + opt_msr_sc_pv =3D opt_msr_sc_hvm =3D val; + break; + + case -2: + s +=3D strlen("msr-sc=3D"); + if ( (val =3D parse_boolean("pv", s, ss)) >=3D 0 ) + opt_msr_sc_pv =3D val; + else if ( (val =3D parse_boolean("hvm", s, ss)) >=3D 0 ) + opt_msr_sc_hvm =3D val; + else + default: + rc =3D -EINVAL; + break; + } } - else if ( (val =3D parse_boolean("rsb", s, ss)) >=3D 0 ) + else if ( (val =3D parse_boolean("rsb", s, ss)) !=3D -1 ) { - opt_rsb_pv =3D val; - opt_rsb_hvm =3D val; + switch ( val ) + { + case 0: + case 1: + opt_rsb_pv =3D opt_rsb_hvm =3D val; + break; + + case -2: + s +=3D strlen("rsb=3D"); + if ( (val =3D parse_boolean("pv", s, ss)) >=3D 0 ) + opt_rsb_pv =3D val; + else if ( (val =3D parse_boolean("hvm", s, ss)) >=3D 0 ) + opt_rsb_hvm =3D val; + else + default: + rc =3D -EINVAL; + break; + } } - else if ( (val =3D parse_boolean("md-clear", s, ss)) >=3D 0 ) + else if ( (val =3D parse_boolean("md-clear", s, ss)) !=3D -1 ) { - opt_md_clear_pv =3D val; - opt_md_clear_hvm =3D val; + switch ( val ) + { + case 0: + case 1: + opt_md_clear_pv =3D opt_md_clear_hvm =3D val; + break; + + case -2: + s +=3D strlen("md-clear=3D"); + if ( (val =3D parse_boolean("pv", s, ss)) >=3D 0 ) + opt_md_clear_pv =3D val; + else if ( (val =3D parse_boolean("hvm", s, ss)) >=3D 0 ) + opt_md_clear_hvm =3D val; + else + default: + rc =3D -EINVAL; + break; + } } =20 /* Xen's speculative sidechannel mitigation settings. */ --=20 2.11.0