From patchwork Mon Jul 17 12:38:03 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Andrew Cooper X-Patchwork-Id: 9844845 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 92A0760392 for ; Mon, 17 Jul 2017 12:41:04 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8399828179 for ; Mon, 17 Jul 2017 12:41:04 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 77E292842E; Mon, 17 Jul 2017 12:41:04 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id ABCEE284E3 for ; Mon, 17 Jul 2017 12:41:02 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dX5Hu-0001qT-9w; Mon, 17 Jul 2017 12:38:10 +0000 Received: from mail6.bemta6.messagelabs.com ([193.109.254.103]) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dX5Ht-0001qL-Cg for xen-devel@lists.xen.org; Mon, 17 Jul 2017 12:38:09 +0000 Received: from [85.158.143.35] by server-7.bemta-6.messagelabs.com id 95/A7-03557-0BFAC695; Mon, 17 Jul 2017 12:38:08 +0000 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprOIsWRWlGSWpSXmKPExsXitHSDve6G9Tm RBu8vMFss+biYxYHR4+ju30wBjFGsmXlJ+RUJrBmXNr9lL/jhWvHs02/GBsbJ5l2MnBwSAv4S 074sZQSx2QT0JXa/+MQEYosIqEuc7rjI2sXIxcEssJNZ4uTRRWBFwgJ2EmumzWXrYuTgYBFQl ThxVQwkzCvgKbFszh02iJlyEueP/2SGiAtKnJz5hAXEZhbQlGjd/psdwpaXaN46G6xGSEBN4l r/JfYJjDyzkLTMQtIyC0nLAkbmVYwaxalFZalFuoYmeklFmekZJbmJmTm6hgZmermpxcWJ6ak 5iUnFesn5uZsYgcHDAAQ7GK9vDDjEKMnBpCTKe5EtO1KILyk/pTIjsTgjvqg0J7X4EKMMB4eS BK/JupxIIcGi1PTUirTMHGAYw6QlOHiURHgfgaR5iwsSc4sz0yFSpxiNOTasXv+FiePVhP/fm IRY8vLzUqXEeVeClAqAlGaU5sENgsXXJUZZKWFeRqDThHgKUotyM0tQ5V8xinMwKgnzyoFM4c nMK4Hb9wroFCagU4R9wU4pSURISTUw7r+y3efyVKOVKx70B9/0vDZn48Wl04/tWid+fcvlEzd rH1z7sl7kJvumPRO4yxUW2HJu7ThRe8dk54EO1YmvxepniLy5PsXOj3uN/e3bi28+v3q4b2ND 2dHnd4+5PJojliXbnRvDnvrCNLzk0Jeq+44c/26alB+2rQoSMjHueHhP62dtWu8xNhklluKMR EMt5qLiRADGb6PvqgIAAA== X-Env-Sender: prvs=364a4c011=Andrew.Cooper3@citrix.com X-Msg-Ref: server-9.tower-21.messagelabs.com!1500295086!73477291!1 X-Originating-IP: [66.165.176.63] X-SpamReason: No, hits=0.0 required=7.0 tests=sa_preprocessor: VHJ1c3RlZCBJUDogNjYuMTY1LjE3Ni42MyA9PiAzMDYwNDg=\n, received_headers: No Received headers X-StarScan-Received: X-StarScan-Version: 9.4.25; banners=-,-,- X-VirusChecked: Checked Received: (qmail 60541 invoked from network); 17 Jul 2017 12:38:07 -0000 Received: from smtp02.citrix.com (HELO SMTP02.CITRIX.COM) (66.165.176.63) by server-9.tower-21.messagelabs.com with RC4-SHA encrypted SMTP; 17 Jul 2017 12:38:07 -0000 X-IronPort-AV: E=Sophos;i="5.40,374,1496102400"; d="scan'208";a="440136157" From: Andrew Cooper To: Xen-devel Date: Mon, 17 Jul 2017 13:38:03 +0100 Message-ID: <1500295083-10769-1-git-send-email-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.1.4 MIME-Version: 1.0 Cc: Juergen Gross , Wei Liu , Andrew Cooper , Ian Jackson , =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= , Jim Fehlig , Christian Lindig , David Scott , Boris Ostrovsky Subject: [Xen-devel] [PATCH RFC] tools: Drop xc_cpuid_check() and bindings X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xen.org Sender: "Xen-devel" X-Virus-Scanned: ClamAV using ClamSMTP There are no current users which I can locate. One piece of xend which didn't move forwards into xl/libxl is this: # Configure host CPUID consistency checks, which must be satisfied for this # VM to be allowed to run on this host's processor type: #cpuid_check=[ '1:ecx=xxxxxxxxxxxxxxxxxxxxxxxxxx1xxxxx' ] # - Host must have VMX feature flag set The implementation of xc_cpuid_check() is conceptually broken. Dom0's view of CPUID is not the approprite view to check, and will be wrong in the presence of CPUID masking/faulting, and for HVM-based toolstack domains. If it turns out that the functionality is required, it should be implemented in terms of XEN_SYSCTL_get_cpuid_policy to use the proper CPUID view. Signed-off-by: Andrew Cooper --- CC: Ian Jackson CC: Wei Liu CC: Marek Marczykowski-Górecki CC: David Scott CC: Christian Lindig CC: Juergen Gross CC: Jim Fehlig CC: Boris Ostrovsky CC: Konrad Rzeszutek Wilk RFC initially for feedback, and to see if anyone does expect to be using this call. It turns out that Xapi has a library function using it, but that function is dead so can be removed. --- tools/libxc/include/xenctrl.h | 4 --- tools/libxc/xc_cpuid_x86.c | 57 ------------------------------------- tools/ocaml/libs/xc/xenctrl.ml | 2 -- tools/ocaml/libs/xc/xenctrl.mli | 3 -- tools/ocaml/libs/xc/xenctrl_stubs.c | 43 ---------------------------- tools/python/xen/lowlevel/xc/xc.c | 34 ---------------------- 6 files changed, 143 deletions(-) diff --git a/tools/libxc/include/xenctrl.h b/tools/libxc/include/xenctrl.h index 96df836..acd778c 100644 --- a/tools/libxc/include/xenctrl.h +++ b/tools/libxc/include/xenctrl.h @@ -1793,10 +1793,6 @@ int xc_domain_debug_control(xc_interface *xch, uint32_t vcpu); #if defined(__i386__) || defined(__x86_64__) -int xc_cpuid_check(xc_interface *xch, - const unsigned int *input, - const char **config, - char **config_transformed); int xc_cpuid_set(xc_interface *xch, domid_t domid, const unsigned int *input, diff --git a/tools/libxc/xc_cpuid_x86.c b/tools/libxc/xc_cpuid_x86.c index 6f82277..d1d0b51 100644 --- a/tools/libxc/xc_cpuid_x86.c +++ b/tools/libxc/xc_cpuid_x86.c @@ -855,63 +855,6 @@ int xc_cpuid_apply_policy(xc_interface *xch, domid_t domid, } /* - * Check whether a VM is allowed to launch on this host's processor type. - * - * @config format is similar to that of xc_cpuid_set(): - * '1' -> the bit must be set to 1 - * '0' -> must be 0 - * 'x' -> we don't care - * 's' -> (same) must be the same - */ -int xc_cpuid_check( - xc_interface *xch, const unsigned int *input, - const char **config, - char **config_transformed) -{ - int i, j, rc; - unsigned int regs[4]; - - memset(config_transformed, 0, 4 * sizeof(*config_transformed)); - - cpuid(input, regs); - - for ( i = 0; i < 4; i++ ) - { - if ( config[i] == NULL ) - continue; - config_transformed[i] = alloc_str(); - if ( config_transformed[i] == NULL ) - { - rc = -ENOMEM; - goto fail_rc; - } - for ( j = 0; j < 32; j++ ) - { - unsigned char val = !!((regs[i] & (1U << (31 - j)))); - if ( !strchr("10xs", config[i][j]) || - ((config[i][j] == '1') && !val) || - ((config[i][j] == '0') && val) ) - goto fail; - config_transformed[i][j] = config[i][j]; - if ( config[i][j] == 's' ) - config_transformed[i][j] = '0' + val; - } - } - - return 0; - - fail: - rc = -EPERM; - fail_rc: - for ( i = 0; i < 4; i++ ) - { - free(config_transformed[i]); - config_transformed[i] = NULL; - } - return rc; -} - -/* * Configure a single input with the informatiom from config. * * Config is an array of strings: diff --git a/tools/ocaml/libs/xc/xenctrl.ml b/tools/ocaml/libs/xc/xenctrl.ml index 75006e7..70a325b 100644 --- a/tools/ocaml/libs/xc/xenctrl.ml +++ b/tools/ocaml/libs/xc/xenctrl.ml @@ -218,8 +218,6 @@ external domain_cpuid_set: handle -> domid -> (int64 * (int64 option)) = "stub_xc_domain_cpuid_set" external domain_cpuid_apply_policy: handle -> domid -> unit = "stub_xc_domain_cpuid_apply_policy" -external cpuid_check: handle -> (int64 * (int64 option)) -> string option array -> (bool * string option array) - = "stub_xc_cpuid_check" external map_foreign_range: handle -> domid -> int -> nativeint -> Xenmmap.mmap_interface diff --git a/tools/ocaml/libs/xc/xenctrl.mli b/tools/ocaml/libs/xc/xenctrl.mli index 720e4b2..702d8a7 100644 --- a/tools/ocaml/libs/xc/xenctrl.mli +++ b/tools/ocaml/libs/xc/xenctrl.mli @@ -179,6 +179,3 @@ external domain_cpuid_set: handle -> domid -> (int64 * (int64 option)) = "stub_xc_domain_cpuid_set" external domain_cpuid_apply_policy: handle -> domid -> unit = "stub_xc_domain_cpuid_apply_policy" -external cpuid_check: handle -> (int64 * (int64 option)) -> string option array -> (bool * string option array) - = "stub_xc_cpuid_check" - diff --git a/tools/ocaml/libs/xc/xenctrl_stubs.c b/tools/ocaml/libs/xc/xenctrl_stubs.c index f1b28db..c66732f 100644 --- a/tools/ocaml/libs/xc/xenctrl_stubs.c +++ b/tools/ocaml/libs/xc/xenctrl_stubs.c @@ -805,49 +805,6 @@ CAMLprim value stub_xc_domain_cpuid_apply_policy(value xch, value domid) CAMLreturn(Val_unit); } -CAMLprim value stub_xc_cpuid_check(value xch, value input, value config) -{ - CAMLparam3(xch, input, config); - CAMLlocal3(ret, array, tmp); -#if defined(__i386__) || defined(__x86_64__) - int r; - unsigned int c_input[2]; - char *c_config[4], *out_config[4]; - - c_config[0] = string_of_option_array(config, 0); - c_config[1] = string_of_option_array(config, 1); - c_config[2] = string_of_option_array(config, 2); - c_config[3] = string_of_option_array(config, 3); - - cpuid_input_of_val(c_input[0], c_input[1], input); - - array = caml_alloc(4, 0); - for (r = 0; r < 4; r++) { - tmp = Val_none; - if (c_config[r]) { - tmp = caml_alloc_small(1, 0); - Field(tmp, 0) = caml_alloc_string(32); - } - Store_field(array, r, tmp); - } - - for (r = 0; r < 4; r++) - out_config[r] = (c_config[r]) ? String_val(Field(Field(array, r), 0)) : NULL; - - r = xc_cpuid_check(_H(xch), c_input, (const char **)c_config, out_config); - if (r < 0) - failwith_xc(_H(xch)); - - ret = caml_alloc_tuple(2); - Store_field(ret, 0, Val_bool(r)); - Store_field(ret, 1, array); - -#else - caml_failwith("xc_domain_cpuid_check: not implemented"); -#endif - CAMLreturn(ret); -} - CAMLprim value stub_xc_version_version(value xch) { CAMLparam1(xch); diff --git a/tools/python/xen/lowlevel/xc/xc.c b/tools/python/xen/lowlevel/xc/xc.c index 5d112af..aa9f8e4 100644 --- a/tools/python/xen/lowlevel/xc/xc.c +++ b/tools/python/xen/lowlevel/xc/xc.c @@ -711,29 +711,6 @@ static PyObject *pyxc_create_cpuid_dict(char **regs) return dict; } -static PyObject *pyxc_dom_check_cpuid(XcObject *self, - PyObject *args) -{ - PyObject *sub_input, *config; - unsigned int input[2]; - char *regs[4], *regs_transform[4]; - - if ( !PyArg_ParseTuple(args, "iOO", &input[0], &sub_input, &config) ) - return NULL; - - pyxc_dom_extract_cpuid(config, regs); - - input[1] = XEN_CPUID_INPUT_UNUSED; - if ( PyLong_Check(sub_input) ) - input[1] = PyLong_AsUnsignedLong(sub_input); - - if ( xc_cpuid_check(self->xc_handle, input, - (const char **)regs, regs_transform) ) - return pyxc_error_to_exception(self->xc_handle); - - return pyxc_create_cpuid_dict(regs_transform); -} - static PyObject *pyxc_dom_set_policy_cpuid(XcObject *self, PyObject *args) { @@ -2467,17 +2444,6 @@ static PyMethodDef pyxc_methods[] = { " keys [str]: String of keys to inject.\n" }, #if defined(__i386__) || defined(__x86_64__) - { "domain_check_cpuid", - (PyCFunction)pyxc_dom_check_cpuid, - METH_VARARGS, "\n" - "Apply checks to host CPUID.\n" - " input [long]: Input for cpuid instruction (eax)\n" - " sub_input [long]: Second input (optional, may be None) for cpuid " - " instruction (ecx)\n" - " config [dict]: Dictionary of register\n" - " config [dict]: Dictionary of register, use for checking\n\n" - "Returns: [int] 0 on success; exception on error.\n" }, - { "domain_set_cpuid", (PyCFunction)pyxc_dom_set_cpuid, METH_VARARGS, "\n"