From patchwork Wed Apr 18 17:08:32 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Laura Abbott X-Patchwork-Id: 10348717 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id F2DC0601D7 for ; Wed, 18 Apr 2018 17:08:55 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E543B2877F for ; Wed, 18 Apr 2018 17:08:55 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id D986E28782; Wed, 18 Apr 2018 17:08:55 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00, MAILING_LIST_MULTI, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.wl.linuxfoundation.org (Postfix) with SMTP id AC5282877F for ; Wed, 18 Apr 2018 17:08:54 +0000 (UTC) Received: (qmail 3165 invoked by uid 550); 18 Apr 2018 17:08:53 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Delivered-To: mailing list kernel-hardening@lists.openwall.com Received: (qmail 3142 invoked from network); 18 Apr 2018 17:08:52 -0000 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=L0CmRt2Q/6x+b3MBwp7RjVdQoYyRYoWFzN6MBGW1nao=; b=Jmio/FTiX0dNhSNSPOwR+HK6/CF02czyzAq/KXXjAGpL3IsSlTWd6EkUYu+JLJx93n EBd60yuBB/nfWFgsHGNpISckEjOusdskeWP8SBnsGPFEHIh3+iS5cw+25fSHDINgc5pj AwU5J67QWDtQs2OZZlbYPNrO6PTZpegqE3P735G3930zS/fyAowcK/Fpb/griXMUj650 qteeblxpTZSaCw1CWmMlJFJtL5q4XyayrYAAt99UCAhEryp6CDDm2N+pTWvAVzu9K90Q bAbRGppQafkbVd0a8rXr7gfMHeFQ8fYQtT5Pf3Akbp10c0v3XyDl5xL92Dj0RBHLvia0 se5A== X-Gm-Message-State: ALQs6tDbrdt/9pQANvoMnIxwwmhMVkP8ZY8mvap5mVow3KcutV1CZgje N6c6BwudWVctBYZad5X1i3AWdw== X-Google-Smtp-Source: AIpwx49mPlxOnmWmqUgWdPjeNCHgHiK8ore9oVS6rvB5K5Zv1ohSNacR3AgsJaLRpIoxHhNF8Zgo3Q== X-Received: by 2002:a9d:19a6:: with SMTP id k35-v6mr1873109otk.328.1524071320290; Wed, 18 Apr 2018 10:08:40 -0700 (PDT) From: Laura Abbott To: Boris Ostrovsky , Juergen Gross Cc: Laura Abbott , Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , x86@kernel.org, xen-devel@lists.xenproject.org, linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com Subject: [PATCHv2] x86/xen: Remove use of VLAs Date: Wed, 18 Apr 2018 10:08:32 -0700 Message-Id: <20180418170832.8798-1-labbott@redhat.com> X-Mailer: git-send-email 2.14.3 X-Virus-Scanned: ClamAV using ClamSMTP There's an ongoing effort to remove VLAs[1] from the kernel to eventually turn on -Wvla. It turns out, the few VLAs in use in Xen produce only a single entry array that is always bounded by GDT_SIZE. Clean up the code to get rid of the VLA and the loop. [1] https://lkml.org/lkml/2018/3/7/621 Signed-off-by: Laura Abbott Reviewed-by: Boris Ostrovsky --- v2: Updated the code to reflect that we know size is always bounded by GDT_SIZE. This gets rid of the array and the loop. I can throw a few more comments in there if someone thinks they need to be updated. --- arch/x86/xen/enlighten_pv.c | 84 ++++++++++++++++----------------------------- 1 file changed, 29 insertions(+), 55 deletions(-) diff --git a/arch/x86/xen/enlighten_pv.c b/arch/x86/xen/enlighten_pv.c index c36d23aa6c35..1254f2fa3a89 100644 --- a/arch/x86/xen/enlighten_pv.c +++ b/arch/x86/xen/enlighten_pv.c @@ -421,45 +421,32 @@ static void xen_load_gdt(const struct desc_ptr *dtr) { unsigned long va = dtr->address; unsigned int size = dtr->size + 1; - unsigned pages = DIV_ROUND_UP(size, PAGE_SIZE); - unsigned long frames[pages]; - int f; - - /* - * A GDT can be up to 64k in size, which corresponds to 8192 - * 8-byte entries, or 16 4k pages.. - */ + unsigned long pfn, mfn; + int level; + pte_t *ptep; + void *virt; - BUG_ON(size > 65536); + BUG_ON(size > GDT_SIZE); BUG_ON(va & ~PAGE_MASK); - for (f = 0; va < dtr->address + size; va += PAGE_SIZE, f++) { - int level; - pte_t *ptep; - unsigned long pfn, mfn; - void *virt; - - /* - * The GDT is per-cpu and is in the percpu data area. - * That can be virtually mapped, so we need to do a - * page-walk to get the underlying MFN for the - * hypercall. The page can also be in the kernel's - * linear range, so we need to RO that mapping too. - */ - ptep = lookup_address(va, &level); - BUG_ON(ptep == NULL); - - pfn = pte_pfn(*ptep); - mfn = pfn_to_mfn(pfn); - virt = __va(PFN_PHYS(pfn)); + /* + * The GDT is per-cpu and is in the percpu data area. + * That can be virtually mapped, so we need to do a + * page-walk to get the underlying MFN for the + * hypercall. The page can also be in the kernel's + * linear range, so we need to RO that mapping too. + */ + ptep = lookup_address(va, &level); + BUG_ON(ptep == NULL); - frames[f] = mfn; + pfn = pte_pfn(*ptep); + mfn = pfn_to_mfn(pfn); + virt = __va(PFN_PHYS(pfn)); - make_lowmem_page_readonly((void *)va); - make_lowmem_page_readonly(virt); - } + make_lowmem_page_readonly((void *)va); + make_lowmem_page_readonly(virt); - if (HYPERVISOR_set_gdt(frames, size / sizeof(struct desc_struct))) + if (HYPERVISOR_set_gdt(&mfn, size / sizeof(struct desc_struct))) BUG(); } @@ -470,34 +457,21 @@ static void __init xen_load_gdt_boot(const struct desc_ptr *dtr) { unsigned long va = dtr->address; unsigned int size = dtr->size + 1; - unsigned pages = DIV_ROUND_UP(size, PAGE_SIZE); - unsigned long frames[pages]; - int f; - - /* - * A GDT can be up to 64k in size, which corresponds to 8192 - * 8-byte entries, or 16 4k pages.. - */ + unsigned long pfn, mfn; + pte_t pte; - BUG_ON(size > 65536); + BUG_ON(size > GDT_SIZE); BUG_ON(va & ~PAGE_MASK); - for (f = 0; va < dtr->address + size; va += PAGE_SIZE, f++) { - pte_t pte; - unsigned long pfn, mfn; + pfn = virt_to_pfn(va); + mfn = pfn_to_mfn(pfn); - pfn = virt_to_pfn(va); - mfn = pfn_to_mfn(pfn); + pte = pfn_pte(pfn, PAGE_KERNEL_RO); - pte = pfn_pte(pfn, PAGE_KERNEL_RO); - - if (HYPERVISOR_update_va_mapping((unsigned long)va, pte, 0)) - BUG(); - - frames[f] = mfn; - } + if (HYPERVISOR_update_va_mapping((unsigned long)va, pte, 0)) + BUG(); - if (HYPERVISOR_set_gdt(frames, size / sizeof(struct desc_struct))) + if (HYPERVISOR_set_gdt(&mfn, size / sizeof(struct desc_struct))) BUG(); }