1. Patchew
  2. Xen
  3. View series

[PATCH v5] xen: make VMAP support in MMU system only

Ayan Kumar Halder posted 1 patch 2 months, 3 weeks ago
Patches applied successfully (tree, apply log)
git fetch https://gitlab.com/xen-project/patchew/xen tags/patchew/20240830090821.23105-1-ayan.kumar.halder@amd.com
xen/arch/arm/Kconfig   | 4 +++-
xen/arch/arm/setup.c   | 2 ++
xen/arch/ppc/Kconfig   | 1 +
xen/arch/riscv/Kconfig | 1 +
xen/arch/x86/Kconfig   | 1 +
xen/common/Kconfig     | 3 +++
xen/common/Makefile    | 2 +-
xen/common/vmap.c      | 2 --
xen/include/xen/vmap.h | 2 ++
9 files changed, 14 insertions(+), 4 deletions(-)
[PATCH v5] xen: make VMAP support in MMU system only
Posted by Ayan Kumar Halder 2 months, 3 weeks ago 
From: Penny Zheng <penny.zheng@arm.com>

Introduce CONFIG_HAS_VMAP which is selected by the architectures that
use MMU. vm_init() does not do anything if CONFIG_HAS_VMAP is not
enabled.

HAS_VMAP is widely used in ALTERNATIVE feature to remap a range of
memory with new memory attributes. Since this is highly dependent on
virtual address translation, we choose to make HAS_VMAP selected by
MMU. And ALTERNATIVE depends on HAS_VMAP.

At the moment, the users of HARDEN_BRANCH_PREDICTOR requires to use the
vmap() to update the exceptions vectors. While it might be possible to
rework the code, it is believed that speculative attackes would be
difficult to exploit on non-MMU because the software is tightly
controlled. So for now make HARDEN_BRANCH_PREDICTOR to depend on the
MMU.

Also took the opportunity to remove "#ifdef VMAP_VIRT_START .. endif"
from vmap.c. Instead vmap.c is compiled when HAS_VMAP is enabled. Thus,
HAS_VMAP is now enabled from x86, ppc and riscv architectures as all of
them use MMU and has VMAP_VIRT_START defined.

Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Signed-off-by: Wei Chen <wei.chen@arm.com>
Signed-off-by: Ayan Kumar Halder <ayan.kumar.halder@amd.com>
Acked-by: Julien Grall <jgrall@amazon.com>
---

Changes from :-

v1 - 1. HARDEN_BRANCH_PREDICTOR is now gated on HAS_VMAP.
2. cpuerrata.c is not gated on HAS_VMAP.

v2 - 1. Introduced CONFIG_VMAP in common/Kconfig.
2. Architectures using MMU select this config.
3. vm_init() now uses CONFIG_VMAP.

v3 - 1. HARDEN_BRANCH_PREDICTOR is now gated on MMU.
2. vmap.c is compiled when CONFIG_HAS_VMAP is enabled.
3. HAS_VMAP is enabled from x86, ppc and riscv architectures.

v4 - 1. Fixed the commit message.
2. Added Julien's Ack.

 xen/arch/arm/Kconfig   | 4 +++-
 xen/arch/arm/setup.c   | 2 ++
 xen/arch/ppc/Kconfig   | 1 +
 xen/arch/riscv/Kconfig | 1 +
 xen/arch/x86/Kconfig   | 1 +
 xen/common/Kconfig     | 3 +++
 xen/common/Makefile    | 2 +-
 xen/common/vmap.c      | 2 --
 xen/include/xen/vmap.h | 2 ++
 9 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/xen/arch/arm/Kconfig b/xen/arch/arm/Kconfig
index 21d03d9f44..323c967361 100644
--- a/xen/arch/arm/Kconfig
+++ b/xen/arch/arm/Kconfig
@@ -12,7 +12,7 @@ config ARM_64
 config ARM
 	def_bool y
 	select FUNCTION_ALIGNMENT_4B
-	select HAS_ALTERNATIVE
+	select HAS_ALTERNATIVE if HAS_VMAP
 	select HAS_DEVICE_TREE
 	select HAS_PASSTHROUGH
 	select HAS_UBSAN
@@ -61,6 +61,7 @@ config PADDR_BITS
 config MMU
 	def_bool y
 	select HAS_PMAP
+	select HAS_VMAP
 
 source "arch/Kconfig"
 
@@ -171,6 +172,7 @@ config ARM_SSBD
 
 config HARDEN_BRANCH_PREDICTOR
 	bool "Harden the branch predictor against aliasing attacks" if EXPERT
+	depends on MMU
 	default y
 	help
 	  Speculation attacks against some high-performance processors rely on
diff --git a/xen/arch/arm/setup.c b/xen/arch/arm/setup.c
index 961d3ea670..71ebaa77ca 100644
--- a/xen/arch/arm/setup.c
+++ b/xen/arch/arm/setup.c
@@ -446,7 +446,9 @@ void asmlinkage __init start_xen(unsigned long fdt_paddr)
      * It needs to be called after do_initcalls to be able to use
      * stop_machine (tasklets initialized via an initcall).
      */
+#ifdef CONFIG_HAS_ALTERNATIVE
     apply_alternatives_all();
+#endif
     enable_errata_workarounds();
     enable_cpu_features();
 
diff --git a/xen/arch/ppc/Kconfig b/xen/arch/ppc/Kconfig
index f6a77a8200..6db575a48d 100644
--- a/xen/arch/ppc/Kconfig
+++ b/xen/arch/ppc/Kconfig
@@ -2,6 +2,7 @@ config PPC
 	def_bool y
 	select FUNCTION_ALIGNMENT_4B
 	select HAS_DEVICE_TREE
+	select HAS_VMAP
 
 config PPC64
 	def_bool y
diff --git a/xen/arch/riscv/Kconfig b/xen/arch/riscv/Kconfig
index 259eea8d3b..7a113c7774 100644
--- a/xen/arch/riscv/Kconfig
+++ b/xen/arch/riscv/Kconfig
@@ -3,6 +3,7 @@ config RISCV
 	select FUNCTION_ALIGNMENT_16B
 	select GENERIC_BUG_FRAME
 	select HAS_DEVICE_TREE
+	select HAS_VMAP
 
 config RISCV_64
 	def_bool y
diff --git a/xen/arch/x86/Kconfig b/xen/arch/x86/Kconfig
index d0aaf359eb..dee8db45e8 100644
--- a/xen/arch/x86/Kconfig
+++ b/xen/arch/x86/Kconfig
@@ -29,6 +29,7 @@ config X86
 	select HAS_PIRQ
 	select HAS_SCHED_GRANULARITY
 	select HAS_UBSAN
+	select HAS_VMAP
 	select HAS_VPCI if HVM
 	select NEEDS_LIBELF
 
diff --git a/xen/common/Kconfig b/xen/common/Kconfig
index 565ceda741..90268d9249 100644
--- a/xen/common/Kconfig
+++ b/xen/common/Kconfig
@@ -83,6 +83,9 @@ config HAS_SCHED_GRANULARITY
 config HAS_UBSAN
 	bool
 
+config HAS_VMAP
+	bool
+
 config MEM_ACCESS_ALWAYS_ON
 	bool
 
diff --git a/xen/common/Makefile b/xen/common/Makefile
index 7e66802a9e..fc52e0857d 100644
--- a/xen/common/Makefile
+++ b/xen/common/Makefile
@@ -52,7 +52,7 @@ obj-$(CONFIG_TRACEBUFFER) += trace.o
 obj-y += version.o
 obj-y += virtual_region.o
 obj-y += vm_event.o
-obj-y += vmap.o
+obj-$(CONFIG_HAS_VMAP) += vmap.o
 obj-y += vsprintf.o
 obj-y += wait.o
 obj-bin-y += warning.init.o
diff --git a/xen/common/vmap.c b/xen/common/vmap.c
index ced9cbf26f..47225fecc0 100644
--- a/xen/common/vmap.c
+++ b/xen/common/vmap.c
@@ -1,4 +1,3 @@
-#ifdef VMAP_VIRT_START
 #include <xen/bitmap.h>
 #include <xen/sections.h>
 #include <xen/init.h>
@@ -427,4 +426,3 @@ void *_xvrealloc(void *va, size_t size, unsigned int align)
 
     return ptr;
 }
-#endif
diff --git a/xen/include/xen/vmap.h b/xen/include/xen/vmap.h
index fdae37e950..c1dd7ac22f 100644
--- a/xen/include/xen/vmap.h
+++ b/xen/include/xen/vmap.h
@@ -141,7 +141,9 @@ void *arch_vmap_virt_end(void);
 /* Initialises the VMAP_DEFAULT virtual range */
 static inline void vm_init(void)
 {
+#ifdef CONFIG_HAS_VMAP
     vm_init_type(VMAP_DEFAULT, (void *)VMAP_VIRT_START, arch_vmap_virt_end());
+#endif
 }
 
 #endif /* __XEN_VMAP_H__ */
-- 
2.25.1
Re: [PATCH v5] xen: make VMAP support in MMU system only
Posted by Jan Beulich 2 months, 3 weeks ago 
On 30.08.2024 11:08, Ayan Kumar Halder wrote:
> From: Penny Zheng <penny.zheng@arm.com>
> 
> Introduce CONFIG_HAS_VMAP which is selected by the architectures that
> use MMU. vm_init() does not do anything if CONFIG_HAS_VMAP is not
> enabled.
> 
> HAS_VMAP is widely used in ALTERNATIVE feature to remap a range of
> memory with new memory attributes. Since this is highly dependent on
> virtual address translation, we choose to make HAS_VMAP selected by
> MMU. And ALTERNATIVE depends on HAS_VMAP.
> 
> At the moment, the users of HARDEN_BRANCH_PREDICTOR requires to use the
> vmap() to update the exceptions vectors. While it might be possible to
> rework the code, it is believed that speculative attackes would be
> difficult to exploit on non-MMU because the software is tightly
> controlled. So for now make HARDEN_BRANCH_PREDICTOR to depend on the
> MMU.
> 
> Also took the opportunity to remove "#ifdef VMAP_VIRT_START .. endif"
> from vmap.c. Instead vmap.c is compiled when HAS_VMAP is enabled. Thus,
> HAS_VMAP is now enabled from x86, ppc and riscv architectures as all of
> them use MMU and has VMAP_VIRT_START defined.
> 
> Signed-off-by: Penny Zheng <penny.zheng@arm.com>
> Signed-off-by: Wei Chen <wei.chen@arm.com>
> Signed-off-by: Ayan Kumar Halder <ayan.kumar.halder@amd.com>
> Acked-by: Julien Grall <jgrall@amazon.com>

Acked-by: Jan Beulich <jbeulich@suse.com>

Patchew 2.1-devel-b67e4c2

© 2016 - 2024 Red Hat, Inc.