From nobody Mon Feb 9 13:06:38 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1675444005; cv=none; d=zohomail.com; s=zohoarc; b=GfFN9VZP9fDrzH/0gbz9Qx5oBcqd2+vZ8BZg8Ro04t4CWgzRKkJQ/gEIm0aSB73qDD7Wf693U9N5oR3qDSYUxDDK1sSKyWDzhLjkVPB4x5p8/wm+CZSgfQpJ4GbFtLwwnj7bnMAipf5HrX4t/kAuaNcWxLfexbqe7xYsFqyfg4k= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1675444005; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=4+ff1E7mX9WhYpbpoBrQzNoWKjRBFV88fd7wUihi2Qc=; b=RHhxTY3qCuZ6MM45vsD0SfSoH3bUn0IId/p/ov8ENTfPAyBwP+mwR/xSvOFRBgNWYa7jkuOqNOOYJTtxQFHk7b9ax6yRGdeDUBwv41awHQ9iO9JLcwrxy8hm3Q0JrOfuVzBD5TWQcfgFZALgzaPmpS0gzRzBu8s2bplTEMIosiM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1675444005747987.5467058499264; Fri, 3 Feb 2023 09:06:45 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.489261.757610 (Exim 4.92) (envelope-from ) id 1pNzVf-0002cs-5R; Fri, 03 Feb 2023 17:05:59 +0000 Received: by outflank-mailman (output) from mailman id 489261.757610; Fri, 03 Feb 2023 17:05:59 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1pNzVf-0002be-1U; Fri, 03 Feb 2023 17:05:59 +0000 Received: by outflank-mailman (input) for mailman id 489261; Fri, 03 Feb 2023 17:05:57 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1pNzVd-0002ZN-Q5 for xen-devel@lists.xenproject.org; Fri, 03 Feb 2023 17:05:57 +0000 Received: from mail-wr1-x436.google.com (mail-wr1-x436.google.com [2a00:1450:4864:20::436]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id 0663cefd-a3e5-11ed-933c-83870f6b2ba8; Fri, 03 Feb 2023 18:05:57 +0100 (CET) Received: by mail-wr1-x436.google.com with SMTP id m14so5202688wrg.13 for ; Fri, 03 Feb 2023 09:05:57 -0800 (PST) Received: from 34-6F-24-FC-D2-65.. (46.204.104.21.nat.umts.dynamic.t-mobile.pl. [46.204.104.21]) by smtp.gmail.com with ESMTPSA id f17-20020a5d50d1000000b002bfe266d710sm2452191wrt.90.2023.02.03.09.05.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 03 Feb 2023 09:05:55 -0800 (PST) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 0663cefd-a3e5-11ed-933c-83870f6b2ba8 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=4+ff1E7mX9WhYpbpoBrQzNoWKjRBFV88fd7wUihi2Qc=; b=fyMBwyuNo6g5Xnun+n9KPuzqpdI1HAlf+fhuLWm3WTQydKG+afSiJrUXVMDZHwdYIr S7Acw7HKIRvBgnbOwJLI/CO5PLIynKjHJGCiE98g6M2yIcvzfZXDxjJIT1A970G2WepJ QIpfwg6O3kEpPv4WOZk3A34Pt2CL24cTe4XlgYDJVLVKGifEmdctHXNFYjXHlvvKyw8E BdcdVpFO1b2n/gUXA2Lcicd9fU6ff1DLuso4qC2fUk1dKaRhzH/CESeUBbuD6AmprLEs 2L2mcQmQ+1pkp2poTTuMgcuhF3TEjVffWV3YVvQQlqZrWTFwbsYj3lDcHfOyUk7XsSn1 uP0Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=4+ff1E7mX9WhYpbpoBrQzNoWKjRBFV88fd7wUihi2Qc=; b=BE8k9W2C3h9zFbjXabjbr+kyO85vfEdrR2cW6GGY58F/dUQKkXOR2c5eu1cL4j6UvD /d+OoTIkmmSrFXnOvt2qW2Zg7G14uCTW7hEw/0tf1Z1I21qcHzQTRfNytYHOs70jSCOR aIwxJY2SFtYGhR+NGpIpqC1iO7xob1+bEgQ95Lkjnoe23x/I97PYFtxPWXMlo7xCWTxh zZHzNj424jMpqyRVwADHiQGROuPETd2wdzP0+ZbcnQcPsu9XH1UcIai4ZyfmynnkeA33 ssQYuPV/NGr/VZteXAJGgPpV1B0jKQYj04DQI2fsaZMW5tGRRq9Ac0AvH4NdRUFCRrsL B//g== X-Gm-Message-State: AO0yUKXHpgJEopsDa4UEw2J8r9jrs5XHrDHMPmH3e3oaR3tYGeVjVFvS PLQLOzTlmfp7RDj+N3Msp4WDBaagtgo= X-Google-Smtp-Source: AK7set9hy80yhziTOn3wgFU9CUlgc0skleSvABzW0WPwWlOlvBXOlcTunEo+b4Kwx8atuTza5zwJzg== X-Received: by 2002:a5d:4d47:0:b0:2bf:de97:f3f8 with SMTP id a7-20020a5d4d47000000b002bfde97f3f8mr9230469wru.28.1675443956225; Fri, 03 Feb 2023 09:05:56 -0800 (PST) From: Oleksii Kurochko To: xen-devel@lists.xenproject.org Cc: Oleksii Kurochko , Andrew Cooper , George Dunlap , Jan Beulich , Julien Grall , Stefano Stabellini , Wei Liu Subject: [PATCH v1 1/4] xen: introduce CONFIG_GENERIC_BUG_FRAME Date: Fri, 3 Feb 2023 19:05:47 +0200 Message-Id: <8adf4aeff96750982e3d670cb3aed11553d546d5.1675441720.git.oleksii.kurochko@gmail.com> X-Mailer: git-send-email 2.39.0 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @gmail.com) X-ZM-MESSAGEID: 1675444006299100003 Content-Type: text/plain; charset="utf-8" A large part of the content of the bug.h is repeated among all architectures, so it was decided to create a new config CONFIG_GENERIC_BUG_FRAME. The version of from ARM was taken as the base version, as it looks the most portable. The patch introduces the following stuff: * common bug.h header * generic implementation of do_bug_frame() * new config CONFIG_GENERIC_BUG_FRAME Signed-off-by: Oleksii Kurochko --- xen/common/Kconfig | 6 ++ xen/common/Makefile | 1 + xen/common/bug.c | 88 +++++++++++++++++++++++++++++ xen/include/xen/bug.h | 127 ++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 222 insertions(+) create mode 100644 xen/common/bug.c create mode 100644 xen/include/xen/bug.h diff --git a/xen/common/Kconfig b/xen/common/Kconfig index f1ea3199c8..811b4eaf3b 100644 --- a/xen/common/Kconfig +++ b/xen/common/Kconfig @@ -92,6 +92,12 @@ config STATIC_MEMORY =20 If unsure, say N. =20 +config GENERIC_DO_BUG_FRAME + bool + help + Generic do_bug_frame() function is needed to handle the type of bug + frame and print an information about it. + menu "Speculative hardening" =20 config INDIRECT_THUNK diff --git a/xen/common/Makefile b/xen/common/Makefile index bbd75b4be6..7d04c8d3b2 100644 --- a/xen/common/Makefile +++ b/xen/common/Makefile @@ -1,5 +1,6 @@ obj-$(CONFIG_ARGO) +=3D argo.o obj-y +=3D bitmap.o +obj-$(CONFIG_GENERIC_DO_BUG_FRAME) +=3D bug.o obj-$(CONFIG_HYPFS_CONFIG) +=3D config_data.o obj-$(CONFIG_CORE_PARKING) +=3D core_parking.o obj-y +=3D cpu.o diff --git a/xen/common/bug.c b/xen/common/bug.c new file mode 100644 index 0000000000..393e58d571 --- /dev/null +++ b/xen/common/bug.c @@ -0,0 +1,88 @@ +#include +#include +#include +#include +#include +#include + +#include + +int do_bug_frame(const struct cpu_user_regs *regs, vaddr_t pc) +{ + const struct bug_frame *bug =3D NULL; + const char *prefix =3D "", *filename, *predicate; + unsigned long fixup; + int id =3D -1, lineno; + const struct virtual_region *region; + + region =3D find_text_region(pc); + if ( region ) + { + for ( id =3D 0; id < BUGFRAME_NR; id++ ) + { + const struct bug_frame *b; + unsigned int i; + + for ( i =3D 0, b =3D region->frame[id].bugs; + i < region->frame[id].n_bugs; b++, i++ ) + { + if ( ((vaddr_t)bug_loc(b)) =3D=3D pc ) + { + bug =3D b; + goto found; + } + } + } + } + found: + if ( !bug ) + return -ENOENT; + + if ( id =3D=3D BUGFRAME_run_fn ) + { + void (*fn)(const struct cpu_user_regs *) =3D (void *)regs->BUG_FN_= REG; + + fn(regs); + return 0; + } + + /* WARN, BUG or ASSERT: decode the filename pointer and line number. */ + filename =3D bug_file(bug); + if ( !is_kernel(filename) ) + return -EINVAL; + fixup =3D strlen(filename); + if ( fixup > 50 ) + { + filename +=3D fixup - 47; + prefix =3D "..."; + } + lineno =3D bug_line(bug); + + switch ( id ) + { + case BUGFRAME_warn: + printk("Xen WARN at %s%s:%d\n", prefix, filename, lineno); + show_execution_state(regs); + return 0; + + case BUGFRAME_bug: + printk("Xen BUG at %s%s:%d\n", prefix, filename, lineno); + show_execution_state(regs); + panic("Xen BUG at %s%s:%d\n", prefix, filename, lineno); + + case BUGFRAME_assert: + /* ASSERT: decode the predicate string pointer. */ + predicate =3D bug_msg(bug); + if ( !is_kernel(predicate) ) + predicate =3D ""; + + printk("Assertion '%s' failed at %s%s:%d\n", + predicate, prefix, filename, lineno); + show_execution_state(regs); + panic("Assertion '%s' failed at %s%s:%d\n", + predicate, prefix, filename, lineno); + } + + return -EINVAL; +} + diff --git a/xen/include/xen/bug.h b/xen/include/xen/bug.h new file mode 100644 index 0000000000..b46dae035e --- /dev/null +++ b/xen/include/xen/bug.h @@ -0,0 +1,127 @@ +#ifndef __XEN_BUG_H__ +#define __XEN_BUG_H__ + +#define BUG_DISP_WIDTH 24 +#define BUG_LINE_LO_WIDTH (31 - BUG_DISP_WIDTH) +#define BUG_LINE_HI_WIDTH (31 - BUG_DISP_WIDTH) + +#define BUGFRAME_run_fn 0 +#define BUGFRAME_warn 1 +#define BUGFRAME_bug 2 +#define BUGFRAME_assert 3 + +#define BUGFRAME_NR 4 + +#ifndef __ASSEMBLY__ + +#include +#include +#include +#include + +#include + +#ifndef BUG_FRAME_STUFF +struct bug_frame { + signed int loc_disp; /* Relative address to the bug address */ + signed int file_disp; /* Relative address to the filename */ + signed int msg_disp; /* Relative address to the predicate (for ASSE= RT) */ + uint16_t line; /* Line number */ + uint32_t pad0:16; /* Padding for 8-bytes align */ +}; + +#define bug_loc(b) ((const void *)(b) + (b)->loc_disp) +#define bug_file(b) ((const void *)(b) + (b)->file_disp); +#define bug_line(b) ((b)->line) +#define bug_msg(b) ((const char *)(b) + (b)->msg_disp) +#endif /* BUG_FRAME_STUFF */ + +#ifndef BUG_FRAME +/* Many versions of GCC doesn't support the asm %c parameter which would + * be preferable to this unpleasantness. We use mergeable string + * sections to avoid multiple copies of the string appearing in the + * Xen image. BUGFRAME_run_fn needs to be handled separately. + */ +#define BUG_FRAME(type, line, file, has_msg, msg) do { = \ + BUILD_BUG_ON((line) >> 16); = \ + BUILD_BUG_ON((type) >=3D BUGFRAME_NR); = \ + asm ("1:"BUG_INSTR"\n" = \ + ".pushsection .rodata.str, \"aMS\", %progbits, 1\n" = \ + "2:\t.asciz " __stringify(file) "\n" = \ + "3:\n" = \ + ".if " #has_msg "\n" = \ + "\t.asciz " #msg "\n" = \ + ".endif\n" = \ + ".popsection\n" = \ + ".pushsection .bug_frames." __stringify(type) ", \"a\", %progbits= \n"\ + "4:\n" = \ + ".p2align 2\n" = \ + ".long (1b - 4b)\n" = \ + ".long (2b - 4b)\n" = \ + ".long (3b - 4b)\n" = \ + ".hword " __stringify(line) ", 0\n" = \ + ".popsection"); = \ +} while (0) +#endif /* BUG_FRAME */ + +#ifndef run_in_exception_handler +/* + * GCC will not allow to use "i" when PIE is enabled (Xen doesn't set the + * flag but instead rely on the default value from the compiler). So the + * easiest way to implement run_in_exception_handler() is to pass the to + * be called function in a fixed register. + */ +#define run_in_exception_handler(fn) do { = \ + register void *fn_ asm(__stringify(BUG_FN_REG)) =3D (fn); = \ + asm ("1:"BUG_INSTR"\n" = \ + ".pushsection .bug_frames." __stringify(BUGFRAME_run_fn) "," = \ + " \"a\", %%progbits\n" = \ + "2:\n" = \ + ".p2align 2\n" = \ + ".long (1b - 2b)\n" = \ + ".long 0, 0, 0\n" = \ + ".popsection" :: "r" (fn_)); = \ +} while (0) +#endif /* run_in_exception_handler */ + +#ifndef WARN +#define WARN() BUG_FRAME(BUGFRAME_warn, __LINE__, __FILE__, 0, "") +#endif /* WARN */ + +#ifndef BUG +#define BUG() do { \ + BUG_FRAME(BUGFRAME_bug, __LINE__, __FILE__, 0, ""); \ + unreachable(); \ +} while (0) +#endif + +#ifndef assert_failed +#define assert_failed(msg) do { \ + BUG_FRAME(BUGFRAME_assert, __LINE__, __FILE__, 1, msg); \ + unreachable(); \ +} while (0) +#endif + +extern const struct bug_frame __start_bug_frames[], + __stop_bug_frames_0[], + __stop_bug_frames_1[], + __stop_bug_frames_2[], + __stop_bug_frames_3[]; + +#else /* !__ASSEMBLY__ */ + +#ifdef CONFIG_X86 +#include +#endif + +#endif /* __ASSEMBLY__ */ + +#endif /* __XEN_BUG_H__ */ +/* + * Local variables: + * mode: C + * c-file-style: "BSD" + * c-basic-offset: 4 + * indent-tabs-mode: nil + * End: + */ --=20 2.39.0