From patchwork Fri Nov 1 20:25:00 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Andrew Cooper X-Patchwork-Id: 11223645 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id EDC6D13BD for ; Fri, 1 Nov 2019 20:26:41 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id CA7C221855 for ; Fri, 1 Nov 2019 20:26:41 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=citrix.com header.i=@citrix.com header.b="YjvGdlbR" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org CA7C221855 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iQdU0-0000ht-9B; Fri, 01 Nov 2019 20:25:20 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iQdTy-0000hQ-Il for xen-devel@lists.xenproject.org; Fri, 01 Nov 2019 20:25:18 +0000 X-Inumbo-ID: b69c6403-fce5-11e9-956e-12813bfff9fa Received: from esa5.hc3370-68.iphmx.com (unknown [216.71.155.168]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id b69c6403-fce5-11e9-956e-12813bfff9fa; Fri, 01 Nov 2019 20:25:15 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1572639915; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=uLUmtimU6Hs4ypP2kjjGEnqhc+P8avMj7O94JM3DcVA=; b=YjvGdlbR/YN4pIIkPuTuUPhGRgsayKJElCSGW9YdByu4ceLLhJdDVAOL RjYvhbji5kKPLnYbPOewM3T9JotoiJjyiuWJPEXpxVK5GJOxtPA3kJWwV IvdxnF8+wWKr1cqSVrYuArCd9VUbhcZEQkDD1JsZvI0u+/yC/nG0zcCH9 o=; Authentication-Results: esa5.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=andrew.cooper3@citrix.com; spf=Pass smtp.mailfrom=Andrew.Cooper3@citrix.com; spf=None smtp.helo=postmaster@mail.citrix.com Received-SPF: None (esa5.hc3370-68.iphmx.com: no sender authenticity information available from domain of andrew.cooper3@citrix.com) identity=pra; client-ip=162.221.158.21; receiver=esa5.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="andrew.cooper3@citrix.com"; x-conformance=sidf_compatible Received-SPF: Pass (esa5.hc3370-68.iphmx.com: domain of Andrew.Cooper3@citrix.com designates 162.221.158.21 as permitted sender) identity=mailfrom; client-ip=162.221.158.21; receiver=esa5.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="Andrew.Cooper3@citrix.com"; x-conformance=sidf_compatible; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ip4:168.245.78.127 ~all" Received-SPF: None (esa5.hc3370-68.iphmx.com: no sender authenticity information available from domain of postmaster@mail.citrix.com) identity=helo; client-ip=162.221.158.21; receiver=esa5.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="postmaster@mail.citrix.com"; x-conformance=sidf_compatible IronPort-SDR: wIm9PwG5XylHVHM/7nCj3axiZH72qUvYO4DMS8PMdvtyJLMKdF8pBi79plvvut4JiBYXs01G4M A+Zr8/tV7TMIK9+K1TUDZuZ/vsKvvJ29mhDJKpfrMzjNigsLKrvz14GbBar0DA94lL64qS+48J J2Lz3gnFhtc+yveQDOtQMpTylLDBR/RNkEqSz8fwVrUbv/JUETghIaCZJwZdJLWc8BHBCS6bOy r+inZwpbFQ51GpEJoR2exbGUfx7QUa6G998NBxg9gC4jwbo0eBsH4eEdFAXm4cC1eb9Tty947Q tcc= X-SBRS: 2.7 X-MesageID: 8082546 X-Ironport-Server: esa5.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.68,256,1569297600"; d="scan'208";a="8082546" From: Andrew Cooper To: Xen-devel Date: Fri, 1 Nov 2019 20:25:00 +0000 Message-ID: <20191101202502.31750-2-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20191101202502.31750-1-andrew.cooper3@citrix.com> References: <20191101202502.31750-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Subject: [Xen-devel] [PATCH 1/3] x86/boot: Remove cached CPUID data from the trampoline X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Juergen Gross , Sergey Dyasli , Wei Liu , Andrew Cooper , Jan Beulich , =?utf-8?q?Roger_Pau_Monn=C3=A9?= Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" We have a cached cpuid_ext_features in the trampoline which is kept in sync by various pieces of boot logic. This is complicated, and all it is actually used for is to derive whether NX is safe to use. Replace it with a canned value to load into EFER. trampoline_setup() and efi_arch_cpu() now tweak trampoline_efer at the point that they are stashing the main copy of CPUID data. Similarly, early_init_intel() needs to tweak if it has re-enabled the use of NX. This simplifies the AP boot and S3 resume paths by using trampoline_efer directly, rather than locally turning FEATURE_NX into EFER_NX. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- CC: Jan Beulich CC: Wei Liu CC: Roger Pau Monné CC: Sergey Dyasli CC: Juergen Gross --- xen/arch/x86/boot/head.S | 9 +++++++-- xen/arch/x86/boot/trampoline.S | 13 +++++-------- xen/arch/x86/boot/wakeup.S | 13 ++----------- xen/arch/x86/cpu/common.c | 3 --- xen/arch/x86/cpu/intel.c | 1 + xen/arch/x86/efi/efi-boot.h | 8 +++++--- xen/include/asm-x86/processor.h | 2 +- 7 files changed, 21 insertions(+), 28 deletions(-) diff --git a/xen/arch/x86/boot/head.S b/xen/arch/x86/boot/head.S index a1564b520b..77309e3c82 100644 --- a/xen/arch/x86/boot/head.S +++ b/xen/arch/x86/boot/head.S @@ -640,8 +640,13 @@ trampoline_setup: jbe 1f mov $0x80000001,%eax cpuid -1: mov %edx,sym_fs(cpuid_ext_features) - mov %edx,sym_fs(boot_cpu_data)+CPUINFO_FEATURE_OFFSET(X86_FEATURE_LM) +1: mov %edx, sym_fs(boot_cpu_data) + CPUINFO_FEATURE_OFFSET(X86_FEATURE_LM) + + /* Check for NX. Adjust EFER setting if available. */ + bt $cpufeat_bit(X86_FEATURE_NX), %edx + jnc 1f + orb $EFER_NX >> 8, 1 + sym_esi(trampoline_efer) +1: /* Check for availability of long mode. */ bt $cpufeat_bit(X86_FEATURE_LM),%edx diff --git a/xen/arch/x86/boot/trampoline.S b/xen/arch/x86/boot/trampoline.S index 870ec79a2d..26584493bb 100644 --- a/xen/arch/x86/boot/trampoline.S +++ b/xen/arch/x86/boot/trampoline.S @@ -88,8 +88,9 @@ trampoline_gdt: GLOBAL(trampoline_misc_enable_off) .quad 0 -GLOBAL(cpuid_ext_features) - .long 0 +/* EFER OR-mask for boot paths. This gets adjusted with NX when available. */ +GLOBAL(trampoline_efer) + .long EFER_LME | EFER_SCE GLOBAL(trampoline_xen_phys_start) .long 0 @@ -132,14 +133,10 @@ trampoline_protmode_entry: 1: /* Set up EFER (Extended Feature Enable Register). */ - mov bootsym_rel(cpuid_ext_features,4,%edi) movl $MSR_EFER,%ecx rdmsr - or $EFER_LME|EFER_SCE,%eax /* Long Mode + SYSCALL/SYSRET */ - bt $cpufeat_bit(X86_FEATURE_NX),%edi /* No Execute? */ - jnc 1f - btsl $_EFER_NX,%eax /* No Execute */ -1: wrmsr + or bootsym_rel(trampoline_efer, 4, %eax) + wrmsr mov $(X86_CR0_PG | X86_CR0_AM | X86_CR0_WP | X86_CR0_NE |\ X86_CR0_ET | X86_CR0_MP | X86_CR0_PE), %eax diff --git a/xen/arch/x86/boot/wakeup.S b/xen/arch/x86/boot/wakeup.S index 25ec2fa32b..fc47721f43 100644 --- a/xen/arch/x86/boot/wakeup.S +++ b/xen/arch/x86/boot/wakeup.S @@ -131,20 +131,11 @@ wakeup_32: wrmsr 1: - /* Will cpuid feature change after resume? */ /* Set up EFER (Extended Feature Enable Register). */ - mov bootsym_rel(cpuid_ext_features,4,%edi) - test $0x20100800,%edi /* SYSCALL/SYSRET, No Execute, Long Mode? */ - jz .Lskip_eferw movl $MSR_EFER,%ecx rdmsr - btsl $_EFER_LME,%eax /* Long Mode */ - btsl $_EFER_SCE,%eax /* SYSCALL/SYSRET */ - btl $20,%edi /* No Execute? */ - jnc 1f - btsl $_EFER_NX,%eax /* No Execute */ -1: wrmsr -.Lskip_eferw: + or bootsym_rel(trampoline_efer, 4, %eax) + wrmsr wbinvd diff --git a/xen/arch/x86/cpu/common.c b/xen/arch/x86/cpu/common.c index 6c6bd63301..e5ad17d8d9 100644 --- a/xen/arch/x86/cpu/common.c +++ b/xen/arch/x86/cpu/common.c @@ -391,9 +391,6 @@ static void generic_identify(struct cpuinfo_x86 *c) cpuid(0x80000001, &tmp, &tmp, &c->x86_capability[cpufeat_word(X86_FEATURE_LAHF_LM)], &c->x86_capability[cpufeat_word(X86_FEATURE_SYSCALL)]); - if (c == &boot_cpu_data) - bootsym(cpuid_ext_features) = - c->x86_capability[cpufeat_word(X86_FEATURE_NX)]; if (c->extended_cpuid_level >= 0x80000004) get_model_name(c); /* Default name */ diff --git a/xen/arch/x86/cpu/intel.c b/xen/arch/x86/cpu/intel.c index 5356a6ae10..4d7324e4d0 100644 --- a/xen/arch/x86/cpu/intel.c +++ b/xen/arch/x86/cpu/intel.c @@ -270,6 +270,7 @@ static void early_init_intel(struct cpuinfo_x86 *c) if (disable) { wrmsrl(MSR_IA32_MISC_ENABLE, misc_enable & ~disable); bootsym(trampoline_misc_enable_off) |= disable; + bootsym(trampoline_efer) |= EFER_NX; } if (disable & MSR_IA32_MISC_ENABLE_LIMIT_CPUID) diff --git a/xen/arch/x86/efi/efi-boot.h b/xen/arch/x86/efi/efi-boot.h index 940ce12706..cde193a771 100644 --- a/xen/arch/x86/efi/efi-boot.h +++ b/xen/arch/x86/efi/efi-boot.h @@ -238,7 +238,7 @@ static void __init noreturn efi_arch_post_exit_boot(void) asm volatile("pushq $0\n\tpopfq"); rdmsrl(MSR_EFER, efer); efer |= EFER_SCE; - if ( cpuid_ext_features & cpufeat_mask(X86_FEATURE_NX) ) + if ( cpu_has_nx ) efer |= EFER_NX; wrmsrl(MSR_EFER, efer); write_cr0(X86_CR0_PE | X86_CR0_MP | X86_CR0_ET | X86_CR0_NE | X86_CR0_WP | @@ -640,9 +640,11 @@ static void __init efi_arch_cpu(void) if ( (eax >> 16) == 0x8000 && eax > 0x80000000 ) { - cpuid_ext_features = cpuid_edx(0x80000001); boot_cpu_data.x86_capability[cpufeat_word(X86_FEATURE_SYSCALL)] - = cpuid_ext_features; + = cpuid_edx(0x80000001); + + if ( cpu_has_nx ) + trampoline_efer |= EFER_NX; } } diff --git a/xen/include/asm-x86/processor.h b/xen/include/asm-x86/processor.h index b686156ea0..45d8f5117e 100644 --- a/xen/include/asm-x86/processor.h +++ b/xen/include/asm-x86/processor.h @@ -151,7 +151,7 @@ extern void ctxt_switch_levelling(const struct vcpu *next); extern void (*ctxt_switch_masking)(const struct vcpu *next); extern bool_t opt_cpu_info; -extern u32 cpuid_ext_features; +extern u32 trampoline_efer; extern u64 trampoline_misc_enable_off; /* Maximum width of physical addresses supported by the hardware. */