From patchwork Fri Jan 17 13:31:26 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Alexandru Stefan ISAILA X-Patchwork-Id: 11339023 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 66F5714B7 for ; Fri, 17 Jan 2020 13:32:45 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 364ED206B7 for ; Fri, 17 Jan 2020 13:32:45 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=bitdefender.onmicrosoft.com header.i=@bitdefender.onmicrosoft.com header.b="W1sU4J1S" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 364ED206B7 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=bitdefender.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1isRik-0004AM-Bl; Fri, 17 Jan 2020 13:31:30 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1isRij-0004AH-Ho for xen-devel@lists.xenproject.org; Fri, 17 Jan 2020 13:31:29 +0000 X-Inumbo-ID: aa1986e0-392d-11ea-9fd7-bc764e2007e4 Received: from EUR05-AM6-obe.outbound.protection.outlook.com (unknown [2a01:111:f400:7e1b::718]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id aa1986e0-392d-11ea-9fd7-bc764e2007e4; Fri, 17 Jan 2020 13:31:28 +0000 (UTC) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=csEUq7fpohHn1teavYa3FrWS7AFenyaIquBCuY5hm6Px7SwW3sYcUt1zAYAOeace0qqNcDoba/GHCIjZeX5TM7JVajMMq/FdYg8FEI+hV6UTdanooynuLHlsdxXg9dxs3jKKJaanyZfYQUKizv9wqXJQpDAG5o0tIPS70rHLTXGnK22mM1ehBA40cSzFk35oqvFYFxqkgJGpgi95K1qpY6URRhbSASOMAMyRfwRCYW2mKhmy2dGu3bLOCuO7XSBef6CdYjzsyvMZcUc66t5CTOhcLwqw83b3pmGAPrK+QWIAssyARnMFSpd6xOJv3H2gbNORyHfRJ3uZg14NFuEZAQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ldElNgkacO1dJqZEmB9c0GFsYpfucd+SOQN8qtwKsdM=; b=aDNnUjIE/zngG1b+eL9vJCnhmbUGas0uQxNtummq2VqpNZDeDfKjaeu6m4O41TC2NEFOedSNwWu/xZPhDDKbRgkxC6QqYqwnA6l4j6Aq/HYISQmlgiOnwOf/rsPvoGQFIIcR2g5tpCt9pSsJ6eLOsrvzsNq5V7E8iDs6AQcWPDJjAvRg6wCwuJoa5m1ghdj1RSWGCQIPunkihqCDwBjlB025Cfe16Spdd5upupKiWNWzR6uCLLfk5u1lz+AqS9jWDWH+KpZhfJK6FgW1IcDZTlI7ScEJoMa33l18ESvvnxpACKuIn8qJXVEZxGASUNpO9tN8x4vD7uJ+OG4JF0BmvQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=bitdefender.com; dmarc=pass action=none header.from=bitdefender.com; dkim=pass header.d=bitdefender.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bitdefender.onmicrosoft.com; s=selector2-bitdefender-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ldElNgkacO1dJqZEmB9c0GFsYpfucd+SOQN8qtwKsdM=; b=W1sU4J1SICy/JjHYElk81nrlsvfY+3mxE7x2AY9yzIB7Mhn/tyehoDTvvAD7U6eZLFcOSW7ZQo3GR4vPJQuL/SB7njH+zVbmhKKcfTOjrdgk2cKdKaPXbGGih1QiG3tJpmtaUyY8G/Y+MYtXaLAcZeVH7hkcckJ2HNhLGTERKlA= Received: from DB6PR02MB2999.eurprd02.prod.outlook.com (10.170.219.144) by DB6PR02MB3207.eurprd02.prod.outlook.com (10.175.234.21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2644.18; Fri, 17 Jan 2020 13:31:26 +0000 Received: from DB6PR02MB2999.eurprd02.prod.outlook.com ([fe80::f1c2:7dd1:1131:1c1d]) by DB6PR02MB2999.eurprd02.prod.outlook.com ([fe80::f1c2:7dd1:1131:1c1d%7]) with mapi id 15.20.2644.023; Fri, 17 Jan 2020 13:31:26 +0000 Received: from aisaila-Latitude-E5570.dsd.bitdefender.biz (91.199.104.6) by AM0PR0402CA0004.eurprd04.prod.outlook.com (2603:10a6:208:15::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2644.20 via Frontend Transport; Fri, 17 Jan 2020 13:31:25 +0000 From: Alexandru Stefan ISAILA To: "xen-devel@lists.xenproject.org" Thread-Topic: [PATCH V8 1/4] x86/mm: Add array_index_nospec to guest provided index values Thread-Index: AQHVzTpq9xGBjBauhkySgHgyCm4sbQ== Date: Fri, 17 Jan 2020 13:31:26 +0000 Message-ID: <20200117133059.14602-1-aisaila@bitdefender.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-clientproxiedby: AM0PR0402CA0004.eurprd04.prod.outlook.com (2603:10a6:208:15::17) To DB6PR02MB2999.eurprd02.prod.outlook.com (2603:10a6:6:17::16) authentication-results: spf=none (sender IP is ) smtp.mailfrom=aisaila@bitdefender.com; x-ms-exchange-messagesentrepresentingtype: 1 x-mailer: git-send-email 2.17.1 x-originating-ip: [91.199.104.6] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 48b6800d-aa63-4a45-752e-08d79b518d37 x-ms-traffictypediagnostic: DB6PR02MB3207:|DB6PR02MB3207: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:1002; x-forefront-prvs: 0285201563 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(346002)(376002)(396003)(366004)(136003)(39850400004)(199004)(189003)(71200400001)(1076003)(52116002)(956004)(2616005)(66476007)(66556008)(36756003)(66446008)(64756008)(54906003)(478600001)(86362001)(6486002)(5660300002)(4326008)(8936002)(316002)(16526019)(66946007)(81156014)(26005)(81166006)(186003)(6916009)(8676002)(2906002)(6512007)(6506007); DIR:OUT; SFP:1102; SCL:1; SRVR:DB6PR02MB3207; H:DB6PR02MB2999.eurprd02.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: bitdefender.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: IRrOVVpTv7jEM5Aomevq17TEUqbStBjkdk9DPuoflmMIj22xhufeux7VMQh2Zuv8vL/mvWM3Xn6YUNoNwekDaAhKH4r6X1w82qxovSgtrqlSVdvg2M6ILqGRn8oFq+qPWkUldDhW4grk9bQ4Oyg7Sg9/LzpCNdkkf7UZiKBfE4D9RqIZKjOYEzshtXSim9Wdf7D06+zIdCQzGxZSV1un9jPr8dyvThTCJJTBrPYunLardQ2FtJa/5booG2Hrg09h8tsA4a1T00mYj4hRXUQoN4bnf1CKqo6tlfI6ALlS3GiW0mk/HG4Rt+tvF3ecosTXVSLNG+vTmz4DorNHdhbgHzua2lRSk2zUsBLk1B2KmM50cN/WIkmj/tJHg3MocqdHhzuYsKNXQO+7ArDt5gqKQz+u/E9MGl/NaWfFmNxWfNkBMb0fTdes7igNRxYpDYS1 Content-ID: MIME-Version: 1.0 X-OriginatorOrg: bitdefender.com X-MS-Exchange-CrossTenant-Network-Message-Id: 48b6800d-aa63-4a45-752e-08d79b518d37 X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Jan 2020 13:31:26.1611 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 487baf29-f1da-469a-9221-243f830c36f3 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: dyCZYRG57P8eFE/AYapyVzmmQsgOsAluSa7Q8/A1C51SNdtHH9aaF8pm0VflFoiuULuMUagvB9hcxQNU0pYT/LYiybDrk4C+niIhWxO0YRI= X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR02MB3207 Subject: [Xen-devel] [PATCH V8 1/4] x86/mm: Add array_index_nospec to guest provided index values X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Petre Ovidiu PIRCALABU , Kevin Tian , Tamas K Lengyel , Wei Liu , Razvan COJOCARU , George Dunlap , Andrew Cooper , Jan Beulich , Jun Nakajima , Alexandru Stefan ISAILA , =?utf-8?q?Roger_Pau_Monn?= =?utf-8?q?=C3=A9?= Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" This patch aims to sanitize indexes, potentially guest provided values, for altp2m_eptp[] and altp2m_p2m[] arrays. Requested-by: Jan Beulich Signed-off-by: Alexandru Isaila Acked-by: Tamas K Lengyel Reviewed-by: Jan Beulich Reviewed-by: Petre Pircalabu Acked-by: George Dunlap --- CC: Razvan Cojocaru CC: Tamas K Lengyel CC: Petre Pircalabu CC: George Dunlap CC: Jan Beulich CC: Andrew Cooper CC: Wei Liu CC: "Roger Pau Monné" CC: Jun Nakajima CC: Kevin Tian --- Changes since V7: - Make use of array_access_nospec() over array_index_nospec(altp2m_idx, ARRAY_SIZE(d->arch.altp2m_p2m). --- xen/arch/x86/mm/mem_access.c | 21 ++++++++++--------- xen/arch/x86/mm/p2m-ept.c | 4 ++-- xen/arch/x86/mm/p2m.c | 39 +++++++++++++++++++++--------------- 3 files changed, 37 insertions(+), 27 deletions(-) diff --git a/xen/arch/x86/mm/mem_access.c b/xen/arch/x86/mm/mem_access.c index 320b9fe621..31ff826393 100644 --- a/xen/arch/x86/mm/mem_access.c +++ b/xen/arch/x86/mm/mem_access.c @@ -366,11 +366,12 @@ long p2m_set_mem_access(struct domain *d, gfn_t gfn, uint32_t nr, #ifdef CONFIG_HVM if ( altp2m_idx ) { - if ( altp2m_idx >= MAX_ALTP2M || - d->arch.altp2m_eptp[altp2m_idx] == mfn_x(INVALID_MFN) ) + if ( altp2m_idx >= min(ARRAY_SIZE(d->arch.altp2m_p2m), MAX_EPTP) || + d->arch.altp2m_eptp[array_index_nospec(altp2m_idx, MAX_EPTP)] == + mfn_x(INVALID_MFN) ) return -EINVAL; - ap2m = d->arch.altp2m_p2m[altp2m_idx]; + ap2m = array_access_nospec(d->arch.altp2m_p2m, altp2m_idx); } #else ASSERT(!altp2m_idx); @@ -425,11 +426,12 @@ long p2m_set_mem_access_multi(struct domain *d, #ifdef CONFIG_HVM if ( altp2m_idx ) { - if ( altp2m_idx >= MAX_ALTP2M || - d->arch.altp2m_eptp[altp2m_idx] == mfn_x(INVALID_MFN) ) + if ( altp2m_idx >= min(ARRAY_SIZE(d->arch.altp2m_p2m), MAX_EPTP) || + d->arch.altp2m_eptp[array_index_nospec(altp2m_idx, MAX_EPTP)] == + mfn_x(INVALID_MFN) ) return -EINVAL; - ap2m = d->arch.altp2m_p2m[altp2m_idx]; + ap2m = array_access_nospec(d->arch.altp2m_p2m, altp2m_idx); } #else ASSERT(!altp2m_idx); @@ -491,11 +493,12 @@ int p2m_get_mem_access(struct domain *d, gfn_t gfn, xenmem_access_t *access, } else if ( altp2m_idx ) /* altp2m view 0 is treated as the hostp2m */ { - if ( altp2m_idx >= MAX_ALTP2M || - d->arch.altp2m_eptp[altp2m_idx] == mfn_x(INVALID_MFN) ) + if ( altp2m_idx >= min(ARRAY_SIZE(d->arch.altp2m_p2m), MAX_EPTP) || + d->arch.altp2m_eptp[array_index_nospec(altp2m_idx, MAX_EPTP)] == + mfn_x(INVALID_MFN) ) return -EINVAL; - p2m = d->arch.altp2m_p2m[altp2m_idx]; + p2m = array_access_nospec(d->arch.altp2m_p2m, altp2m_idx); } #else ASSERT(!altp2m_idx); diff --git a/xen/arch/x86/mm/p2m-ept.c b/xen/arch/x86/mm/p2m-ept.c index b5517769c9..b078a9a59e 100644 --- a/xen/arch/x86/mm/p2m-ept.c +++ b/xen/arch/x86/mm/p2m-ept.c @@ -1353,7 +1353,7 @@ void setup_ept_dump(void) void p2m_init_altp2m_ept(struct domain *d, unsigned int i) { - struct p2m_domain *p2m = d->arch.altp2m_p2m[i]; + struct p2m_domain *p2m = array_access_nospec(d->arch.altp2m_p2m, i); struct p2m_domain *hostp2m = p2m_get_hostp2m(d); struct ept_data *ept; @@ -1366,7 +1366,7 @@ void p2m_init_altp2m_ept(struct domain *d, unsigned int i) p2m->max_mapped_pfn = p2m->max_remapped_gfn = 0; ept = &p2m->ept; ept->mfn = pagetable_get_pfn(p2m_get_pagetable(p2m)); - d->arch.altp2m_eptp[i] = ept->eptp; + d->arch.altp2m_eptp[array_index_nospec(i, MAX_EPTP)] = ept->eptp; } unsigned int p2m_find_altp2m_by_eptp(struct domain *d, uint64_t eptp) diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c index 3119269073..00b24342fc 100644 --- a/xen/arch/x86/mm/p2m.c +++ b/xen/arch/x86/mm/p2m.c @@ -2502,7 +2502,7 @@ static void p2m_reset_altp2m(struct domain *d, unsigned int idx, struct p2m_domain *p2m; ASSERT(idx < MAX_ALTP2M); - p2m = d->arch.altp2m_p2m[idx]; + p2m = array_access_nospec(d->arch.altp2m_p2m, idx); p2m_lock(p2m); @@ -2543,7 +2543,7 @@ static int p2m_activate_altp2m(struct domain *d, unsigned int idx) ASSERT(idx < MAX_ALTP2M); - p2m = d->arch.altp2m_p2m[idx]; + p2m = array_access_nospec(d->arch.altp2m_p2m, idx); hostp2m = p2m_get_hostp2m(d); p2m_lock(p2m); @@ -2574,12 +2574,13 @@ int p2m_init_altp2m_by_id(struct domain *d, unsigned int idx) { int rc = -EINVAL; - if ( idx >= MAX_ALTP2M ) + if ( idx >= min(ARRAY_SIZE(d->arch.altp2m_p2m), MAX_EPTP) ) return rc; altp2m_list_lock(d); - if ( d->arch.altp2m_eptp[idx] == mfn_x(INVALID_MFN) ) + if ( d->arch.altp2m_eptp[array_index_nospec(idx, MAX_EPTP)] == + mfn_x(INVALID_MFN) ) rc = p2m_activate_altp2m(d, idx); altp2m_list_unlock(d); @@ -2615,7 +2616,7 @@ int p2m_destroy_altp2m_by_id(struct domain *d, unsigned int idx) struct p2m_domain *p2m; int rc = -EBUSY; - if ( !idx || idx >= MAX_ALTP2M ) + if ( !idx || idx >= min(ARRAY_SIZE(d->arch.altp2m_p2m), MAX_EPTP) ) return rc; rc = domain_pause_except_self(d); @@ -2625,14 +2626,16 @@ int p2m_destroy_altp2m_by_id(struct domain *d, unsigned int idx) rc = -EBUSY; altp2m_list_lock(d); - if ( d->arch.altp2m_eptp[idx] != mfn_x(INVALID_MFN) ) + if ( d->arch.altp2m_eptp[array_index_nospec(idx, MAX_EPTP)] != + mfn_x(INVALID_MFN) ) { - p2m = d->arch.altp2m_p2m[idx]; + p2m = array_access_nospec(d->arch.altp2m_p2m, idx); if ( !_atomic_read(p2m->active_vcpus) ) { p2m_reset_altp2m(d, idx, ALTP2M_DEACTIVATE); - d->arch.altp2m_eptp[idx] = mfn_x(INVALID_MFN); + d->arch.altp2m_eptp[array_index_nospec(idx, MAX_EPTP)] = + mfn_x(INVALID_MFN); rc = 0; } } @@ -2689,11 +2692,13 @@ int p2m_change_altp2m_gfn(struct domain *d, unsigned int idx, mfn_t mfn; int rc = -EINVAL; - if ( idx >= MAX_ALTP2M || d->arch.altp2m_eptp[idx] == mfn_x(INVALID_MFN) ) + if ( idx >= min(ARRAY_SIZE(d->arch.altp2m_p2m), MAX_EPTP) || + d->arch.altp2m_eptp[array_index_nospec(idx, MAX_EPTP)] == + mfn_x(INVALID_MFN) ) return rc; hp2m = p2m_get_hostp2m(d); - ap2m = d->arch.altp2m_p2m[idx]; + ap2m = array_access_nospec(d->arch.altp2m_p2m, idx); p2m_lock(hp2m); p2m_lock(ap2m); @@ -3032,11 +3037,12 @@ int p2m_set_suppress_ve(struct domain *d, gfn_t gfn, bool suppress_ve, if ( altp2m_idx > 0 ) { - if ( altp2m_idx >= MAX_ALTP2M || - d->arch.altp2m_eptp[altp2m_idx] == mfn_x(INVALID_MFN) ) + if ( altp2m_idx >= min(ARRAY_SIZE(d->arch.altp2m_p2m), MAX_EPTP) || + d->arch.altp2m_eptp[array_index_nospec(altp2m_idx, MAX_EPTP)] == + mfn_x(INVALID_MFN) ) return -EINVAL; - p2m = ap2m = d->arch.altp2m_p2m[altp2m_idx]; + p2m = ap2m = array_access_nospec(d->arch.altp2m_p2m, altp2m_idx); } else p2m = host_p2m; @@ -3075,11 +3081,12 @@ int p2m_get_suppress_ve(struct domain *d, gfn_t gfn, bool *suppress_ve, if ( altp2m_idx > 0 ) { - if ( altp2m_idx >= MAX_ALTP2M || - d->arch.altp2m_eptp[altp2m_idx] == mfn_x(INVALID_MFN) ) + if ( altp2m_idx >= min(ARRAY_SIZE(d->arch.altp2m_p2m), MAX_EPTP) || + d->arch.altp2m_eptp[array_index_nospec(altp2m_idx, MAX_EPTP)] == + mfn_x(INVALID_MFN) ) return -EINVAL; - p2m = ap2m = d->arch.altp2m_p2m[altp2m_idx]; + p2m = ap2m = array_access_nospec(d->arch.altp2m_p2m, altp2m_idx); } else p2m = host_p2m; From patchwork Fri Jan 17 13:31:30 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Alexandru Stefan ISAILA X-Patchwork-Id: 11339029 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 6A5161820 for ; Fri, 17 Jan 2020 13:32:53 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 39D06206B7 for ; Fri, 17 Jan 2020 13:32:53 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=bitdefender.onmicrosoft.com header.i=@bitdefender.onmicrosoft.com header.b="ezmJqMo+" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 39D06206B7 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=bitdefender.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1isRip-0004Ay-PJ; Fri, 17 Jan 2020 13:31:35 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1isRio-0004Ao-FW for xen-devel@lists.xenproject.org; Fri, 17 Jan 2020 13:31:34 +0000 X-Inumbo-ID: ac24263e-392d-11ea-b833-bc764e2007e4 Received: from EUR05-AM6-obe.outbound.protection.outlook.com (unknown [2a01:111:f400:7e1b::70f]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id ac24263e-392d-11ea-b833-bc764e2007e4; Fri, 17 Jan 2020 13:31:31 +0000 (UTC) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=IvtvSV1m9K2V3v61KMgoNwQSU2v3xJ6gsNtI08qkY5/42anaPwmJRiAEW0OW5mVqoC+gywG+n6woSlqIKGt7NPOcHGBBvwgdYYzYhILF24WVlciLJOmyIUVfc7oAXVegW89sR4ZL+jIcECexheHtv9CmcmDdGdF5o7YOTo0k5nR5ZHTA0+7zDUCT6T7Qlez3JNyZU54D2gvNmgZ84Ydgc8BZCQxuuVvcFpW3rezaiJ/E3lSKc5Ps2IjL+Zix6vZI8K739DLPq9EhtbjkgMx85v45lWB3kKkbUjYfLhe/xnuXaDuRSDr3uX3alDplQ5a/zCHXVSfQSD0zLIDjADAVXQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=roAEFmyFi2yNBdKzFUufx2e0ulDCZ/OkDjYFa9/ZFdM=; b=H2GXPSznlIy1CAAHlNAIdLDwg1XZo069WSaU/WpquDrm0soq0d374QHN0xGbrV9w8b48d/yfXZVJM7sXp5qxCFbRluv9TKV1hkWSBCvFSmcyuAeG6HQF9sbLFLr/EZ787LV20p42oR1+aybPQsDAZcBILHKVfp12vlHm+vCBBh7fh7nE+a23OIJjDolA5Px6HcBaeXMC1W+uQXGxU4MB1tSJ0TQ7rGaKg0E2WhiYc7TOzpZPDYXNQijciFYfuYKHred7pwd+1zulV+JlHCz6Q7RUoIR/oL57wfnJoiwW4TOTKFAh1//y8TRV1nim46KFyYRcbC609NzahWe22Vuu5g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=bitdefender.com; dmarc=pass action=none header.from=bitdefender.com; dkim=pass header.d=bitdefender.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bitdefender.onmicrosoft.com; s=selector2-bitdefender-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=roAEFmyFi2yNBdKzFUufx2e0ulDCZ/OkDjYFa9/ZFdM=; b=ezmJqMo+dcEeWfWW/KPyRlfR9Zu3BoKRLPc+i7t1B4HI0FfyS325WgS1uO5D7Ooi5+LhTlKGc+9YfMwkOJth6fqM8hqZLoK6tSMPsC41IkvclVpKYlx4COoEhG0kgUx0zkveTMe5JF+Z/b73MGnGC1rgWMWiwuqGO4H/ZS9sCQU= Received: from DB6PR02MB2999.eurprd02.prod.outlook.com (10.170.219.144) by DB6PR02MB3207.eurprd02.prod.outlook.com (10.175.234.21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2644.18; Fri, 17 Jan 2020 13:31:30 +0000 Received: from DB6PR02MB2999.eurprd02.prod.outlook.com ([fe80::f1c2:7dd1:1131:1c1d]) by DB6PR02MB2999.eurprd02.prod.outlook.com ([fe80::f1c2:7dd1:1131:1c1d%7]) with mapi id 15.20.2644.023; Fri, 17 Jan 2020 13:31:30 +0000 Received: from aisaila-Latitude-E5570.dsd.bitdefender.biz (91.199.104.6) by AM0PR0402CA0004.eurprd04.prod.outlook.com (2603:10a6:208:15::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2644.20 via Frontend Transport; Fri, 17 Jan 2020 13:31:29 +0000 From: Alexandru Stefan ISAILA To: "xen-devel@lists.xenproject.org" Thread-Topic: [PATCH V8 2/4] x86/altp2m: Add hypercall to set a range of sve bits Thread-Index: AQHVzTptSkYAIu/W+UimKALDRNBbPQ== Date: Fri, 17 Jan 2020 13:31:30 +0000 Message-ID: <20200117133059.14602-2-aisaila@bitdefender.com> References: <20200117133059.14602-1-aisaila@bitdefender.com> In-Reply-To: <20200117133059.14602-1-aisaila@bitdefender.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-clientproxiedby: AM0PR0402CA0004.eurprd04.prod.outlook.com (2603:10a6:208:15::17) To DB6PR02MB2999.eurprd02.prod.outlook.com (2603:10a6:6:17::16) authentication-results: spf=none (sender IP is ) smtp.mailfrom=aisaila@bitdefender.com; x-ms-exchange-messagesentrepresentingtype: 1 x-mailer: git-send-email 2.17.1 x-originating-ip: [91.199.104.6] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 761f7d53-6cfc-4489-23ff-08d79b518fab x-ms-traffictypediagnostic: DB6PR02MB3207:|DB6PR02MB3207: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:94; x-forefront-prvs: 0285201563 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(346002)(376002)(396003)(366004)(136003)(39850400004)(199004)(189003)(71200400001)(1076003)(52116002)(956004)(2616005)(66476007)(66556008)(36756003)(107886003)(66446008)(64756008)(54906003)(478600001)(7416002)(86362001)(6486002)(5660300002)(4326008)(8936002)(316002)(16526019)(66946007)(81156014)(26005)(81166006)(186003)(6916009)(8676002)(2906002)(6666004)(6512007)(6506007); DIR:OUT; SFP:1102; SCL:1; SRVR:DB6PR02MB3207; H:DB6PR02MB2999.eurprd02.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: bitdefender.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: kAGlFp7P+YbcjG0JoXwaabC2fq7PdjDDKbyg+Gi21mxDAn1FGdlkL+UPkAN64RhcT8y5aiw0gaNVACdFJKJX5bbc82wQcEzikWe9+4dQXDyMUFVt7lgfHsRBehaAzMVcx5OqeuDMLaejRewRkHdZWaudlQgPHF72SFiExNTItIylgzo04nqtZb9M470MqviyfoUMDo3tydR0A1F21r5H2KvrHe05G0XTaCB81Fxjd/FHXdbDkSQmjxAazC8pvr2YL0BbrfOCEtRKkkUZ7GxSIGYbwBB/9VGn2a3plgX8xiwk4Q9XSgx44DdCKnimet0XNuGrkbSDJIeDdTD/7f2bIzlg8MMWzJUq5oiUqObzUDuIPNQ0+efDTVYGJZq7uHUXvpvGtdnBSk5Rn51yPsskV4L8+foWqiVXeLmb7kZZjQqgRc/72pZbli3J8+mXutfX Content-ID: MIME-Version: 1.0 X-OriginatorOrg: bitdefender.com X-MS-Exchange-CrossTenant-Network-Message-Id: 761f7d53-6cfc-4489-23ff-08d79b518fab X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Jan 2020 13:31:30.2667 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 487baf29-f1da-469a-9221-243f830c36f3 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: on2eBBvVHh/jIj73/RtM4mTnc1Jvk4eL0qOy7nR2eGnGsSMLXWbNYQEtzrteIDupbN3JlcocqufmC25W4spr+gPP0OoQ/uBUtWAkBvVjAps= X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR02MB3207 Subject: [Xen-devel] [PATCH V8 2/4] x86/altp2m: Add hypercall to set a range of sve bits X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Petre Ovidiu PIRCALABU , Stefano Stabellini , Julien Grall , Razvan COJOCARU , Wei Liu , Konrad Rzeszutek Wilk , George Dunlap , Andrew Cooper , Ian Jackson , Tamas K Lengyel , Jan Beulich , Alexandru Stefan ISAILA , =?utf-8?q?Roger_Pau_Monn?= =?utf-8?q?=C3=A9?= Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" By default the sve bits are not set. This patch adds a new hypercall, xc_altp2m_set_supress_ve_multi(), to set a range of sve bits. The core function, p2m_set_suppress_ve_multi(), does not break in case of a error and it is doing a best effort for setting the bits in the given range. A check for continuation is made in order to have preemption on large ranges. The gfn of the first error is stored in xen_hvm_altp2m_suppress_ve_multi.first_error_gfn and the error code is stored in xen_hvm_altp2m_suppress_ve_multi.first_error. If no error occurred the values will be 0. Signed-off-by: Alexandru Isaila Reviewed-by: Petre Pircalabu Acked-by: George Dunlap --- CC: Ian Jackson CC: Wei Liu CC: Andrew Cooper CC: George Dunlap CC: Jan Beulich CC: Julien Grall CC: Konrad Rzeszutek Wilk CC: Stefano Stabellini CC: "Roger Pau Monné" CC: George Dunlap CC: Razvan Cojocaru CC: Tamas K Lengyel CC: Petre Pircalabu --- Changes since V7: - Fix commit message - Move all in values in the sve initializer - Drop sve.first_error check. --- tools/libxc/include/xenctrl.h | 4 ++ tools/libxc/xc_altp2m.c | 33 +++++++++++++++ xen/arch/x86/hvm/hvm.c | 20 +++++++++ xen/arch/x86/mm/p2m.c | 75 +++++++++++++++++++++++++-------- xen/include/public/hvm/hvm_op.h | 13 ++++++ xen/include/xen/mem_access.h | 3 ++ 6 files changed, 130 insertions(+), 18 deletions(-) diff --git a/tools/libxc/include/xenctrl.h b/tools/libxc/include/xenctrl.h index 75f191ae3a..cc4eb1e3d3 100644 --- a/tools/libxc/include/xenctrl.h +++ b/tools/libxc/include/xenctrl.h @@ -1923,6 +1923,10 @@ int xc_altp2m_switch_to_view(xc_interface *handle, uint32_t domid, uint16_t view_id); int xc_altp2m_set_suppress_ve(xc_interface *handle, uint32_t domid, uint16_t view_id, xen_pfn_t gfn, bool sve); +int xc_altp2m_set_supress_ve_multi(xc_interface *handle, uint32_t domid, + uint16_t view_id, xen_pfn_t first_gfn, + xen_pfn_t last_gfn, bool sve, + xen_pfn_t *error_gfn, int32_t *error_code); int xc_altp2m_get_suppress_ve(xc_interface *handle, uint32_t domid, uint16_t view_id, xen_pfn_t gfn, bool *sve); int xc_altp2m_set_mem_access(xc_interface *handle, uint32_t domid, diff --git a/tools/libxc/xc_altp2m.c b/tools/libxc/xc_altp2m.c index 09dad0355e..46fb725806 100644 --- a/tools/libxc/xc_altp2m.c +++ b/tools/libxc/xc_altp2m.c @@ -234,6 +234,39 @@ int xc_altp2m_set_suppress_ve(xc_interface *handle, uint32_t domid, return rc; } +int xc_altp2m_set_supress_ve_multi(xc_interface *handle, uint32_t domid, + uint16_t view_id, xen_pfn_t first_gfn, + xen_pfn_t last_gfn, bool sve, + xen_pfn_t *error_gfn, int32_t *error_code) +{ + int rc; + DECLARE_HYPERCALL_BUFFER(xen_hvm_altp2m_op_t, arg); + + arg = xc_hypercall_buffer_alloc(handle, arg, sizeof(*arg)); + if ( arg == NULL ) + return -1; + + arg->version = HVMOP_ALTP2M_INTERFACE_VERSION; + arg->cmd = HVMOP_altp2m_set_suppress_ve_multi; + arg->domain = domid; + arg->u.suppress_ve_multi.view = view_id; + arg->u.suppress_ve_multi.first_gfn = first_gfn; + arg->u.suppress_ve_multi.last_gfn = last_gfn; + arg->u.suppress_ve_multi.suppress_ve = sve; + + rc = xencall2(handle->xcall, __HYPERVISOR_hvm_op, HVMOP_altp2m, + HYPERCALL_BUFFER_AS_ARG(arg)); + + if ( arg->u.suppress_ve_multi.first_error ) + { + *error_gfn = arg->u.suppress_ve_multi.first_error_gfn; + *error_code = arg->u.suppress_ve_multi.first_error; + } + + xc_hypercall_buffer_free(handle, arg); + return rc; +} + int xc_altp2m_set_mem_access(xc_interface *handle, uint32_t domid, uint16_t view_id, xen_pfn_t gfn, xenmem_access_t access) diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c index 4723f5d09c..4d79b4934e 100644 --- a/xen/arch/x86/hvm/hvm.c +++ b/xen/arch/x86/hvm/hvm.c @@ -4520,6 +4520,7 @@ static int do_altp2m_op( case HVMOP_altp2m_destroy_p2m: case HVMOP_altp2m_switch_p2m: case HVMOP_altp2m_set_suppress_ve: + case HVMOP_altp2m_set_suppress_ve_multi: case HVMOP_altp2m_get_suppress_ve: case HVMOP_altp2m_set_mem_access: case HVMOP_altp2m_set_mem_access_multi: @@ -4678,6 +4679,25 @@ static int do_altp2m_op( } break; + case HVMOP_altp2m_set_suppress_ve_multi: + { + uint64_t max_phys_addr = (1UL << d->arch.cpuid->extd.maxphysaddr) - 1; + + a.u.suppress_ve_multi.last_gfn = min(a.u.suppress_ve_multi.last_gfn, + max_phys_addr); + + if ( a.u.suppress_ve_multi.pad1 || + a.u.suppress_ve_multi.first_gfn > a.u.suppress_ve_multi.last_gfn ) + rc = -EINVAL; + else + { + rc = p2m_set_suppress_ve_multi(d, &a.u.suppress_ve_multi); + if ( (!rc || rc == -ERESTART) && __copy_to_guest(arg, &a, 1) ) + rc = -EFAULT; + } + break; + } + case HVMOP_altp2m_get_suppress_ve: if ( a.u.suppress_ve.pad1 || a.u.suppress_ve.pad2 ) rc = -EINVAL; diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c index 00b24342fc..3a2929c365 100644 --- a/xen/arch/x86/mm/p2m.c +++ b/xen/arch/x86/mm/p2m.c @@ -3026,44 +3026,83 @@ out: */ int p2m_set_suppress_ve(struct domain *d, gfn_t gfn, bool suppress_ve, unsigned int altp2m_idx) +{ + int rc; + struct xen_hvm_altp2m_suppress_ve_multi sve = { + altp2m_idx, suppress_ve, 0, 0, gfn_x(gfn), gfn_x(gfn), 0 + }; + + if ( !(rc = p2m_set_suppress_ve_multi(d, &sve)) ) + rc = sve.first_error; + + return rc; +} + +/* + * Set/clear the #VE suppress bit for multiple pages. Only available on VMX. + */ +int p2m_set_suppress_ve_multi(struct domain *d, + struct xen_hvm_altp2m_suppress_ve_multi *sve) { struct p2m_domain *host_p2m = p2m_get_hostp2m(d); struct p2m_domain *ap2m = NULL; - struct p2m_domain *p2m; - mfn_t mfn; - p2m_access_t a; - p2m_type_t t; - int rc; + struct p2m_domain *p2m = host_p2m; + uint64_t start = sve->first_gfn; + int rc = 0; - if ( altp2m_idx > 0 ) + if ( sve->view > 0 ) { - if ( altp2m_idx >= min(ARRAY_SIZE(d->arch.altp2m_p2m), MAX_EPTP) || - d->arch.altp2m_eptp[array_index_nospec(altp2m_idx, MAX_EPTP)] == + if ( sve->view >= min(ARRAY_SIZE(d->arch.altp2m_p2m), MAX_EPTP) || + d->arch.altp2m_eptp[array_index_nospec(sve->view, MAX_EPTP)] == mfn_x(INVALID_MFN) ) return -EINVAL; - p2m = ap2m = array_access_nospec(d->arch.altp2m_p2m, altp2m_idx); + p2m = ap2m = array_access_nospec(d->arch.altp2m_p2m, sve->view); } - else - p2m = host_p2m; - gfn_lock(host_p2m, gfn, 0); + p2m_lock(host_p2m); if ( ap2m ) p2m_lock(ap2m); - rc = altp2m_get_effective_entry(p2m, gfn, &mfn, &t, &a, AP2MGET_query); + while ( sve->last_gfn >= start ) + { + p2m_access_t a; + p2m_type_t t; + mfn_t mfn; + int err = 0; - if ( rc ) - goto out; + if ( (err = altp2m_get_effective_entry(p2m, _gfn(start), &mfn, &t, &a, + AP2MGET_query)) && + !sve->first_error ) + { + sve->first_error_gfn = start; /* Save the gfn of the first error */ + sve->first_error = err; /* Save the first error code */ + } - rc = p2m->set_entry(p2m, gfn, mfn, PAGE_ORDER_4K, t, a, suppress_ve); + if ( !err && (err = p2m->set_entry(p2m, _gfn(start), mfn, + PAGE_ORDER_4K, t, a, + sve->suppress_ve)) && + !sve->first_error ) + { + sve->first_error_gfn = start; /* Save the gfn of the first error */ + sve->first_error = err; /* Save the first error code */ + } + + /* Check for continuation if it's not the last iteration. */ + if ( sve->last_gfn >= ++start && hypercall_preempt_check() ) + { + rc = -ERESTART; + break; + } + } + + sve->first_gfn = start; -out: if ( ap2m ) p2m_unlock(ap2m); - gfn_unlock(host_p2m, gfn, 0); + p2m_unlock(host_p2m); return rc; } diff --git a/xen/include/public/hvm/hvm_op.h b/xen/include/public/hvm/hvm_op.h index 353f8034d9..d344606864 100644 --- a/xen/include/public/hvm/hvm_op.h +++ b/xen/include/public/hvm/hvm_op.h @@ -46,6 +46,16 @@ struct xen_hvm_altp2m_suppress_ve { uint64_t gfn; }; +struct xen_hvm_altp2m_suppress_ve_multi { + uint16_t view; + uint8_t suppress_ve; /* Boolean type. */ + uint8_t pad1; + int32_t first_error; /* Should be set to 0. */ + uint64_t first_gfn; /* Value may be updated. */ + uint64_t last_gfn; + uint64_t first_error_gfn; /* Gfn of the first error. */ +}; + #if __XEN_INTERFACE_VERSION__ < 0x00040900 /* Set the logical level of one of a domain's PCI INTx wires. */ @@ -339,6 +349,8 @@ struct xen_hvm_altp2m_op { #define HVMOP_altp2m_vcpu_disable_notify 13 /* Get the active vcpu p2m index */ #define HVMOP_altp2m_get_p2m_idx 14 +/* Set the "Supress #VE" bit for a range of pages */ +#define HVMOP_altp2m_set_suppress_ve_multi 15 domid_t domain; uint16_t pad1; uint32_t pad2; @@ -353,6 +365,7 @@ struct xen_hvm_altp2m_op { struct xen_hvm_altp2m_change_gfn change_gfn; struct xen_hvm_altp2m_set_mem_access_multi set_mem_access_multi; struct xen_hvm_altp2m_suppress_ve suppress_ve; + struct xen_hvm_altp2m_suppress_ve_multi suppress_ve_multi; struct xen_hvm_altp2m_vcpu_disable_notify disable_notify; struct xen_hvm_altp2m_get_vcpu_p2m_idx get_vcpu_p2m_idx; uint8_t pad[64]; diff --git a/xen/include/xen/mem_access.h b/xen/include/xen/mem_access.h index e4d24502e0..00e594a0ad 100644 --- a/xen/include/xen/mem_access.h +++ b/xen/include/xen/mem_access.h @@ -75,6 +75,9 @@ long p2m_set_mem_access_multi(struct domain *d, int p2m_set_suppress_ve(struct domain *d, gfn_t gfn, bool suppress_ve, unsigned int altp2m_idx); +int p2m_set_suppress_ve_multi(struct domain *d, + struct xen_hvm_altp2m_suppress_ve_multi *suppress_ve); + int p2m_get_suppress_ve(struct domain *d, gfn_t gfn, bool *suppress_ve, unsigned int altp2m_idx); From patchwork Fri Jan 17 13:31:31 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Alexandru Stefan ISAILA X-Patchwork-Id: 11339025 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 82C2213A0 for ; Fri, 17 Jan 2020 13:32:47 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 5D715206B7 for ; Fri, 17 Jan 2020 13:32:47 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=bitdefender.onmicrosoft.com header.i=@bitdefender.onmicrosoft.com header.b="D8kPQGEo" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 5D715206B7 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=bitdefender.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1isRiv-0004CR-3n; Fri, 17 Jan 2020 13:31:41 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1isRit-0004C7-Ff for xen-devel@lists.xenproject.org; Fri, 17 Jan 2020 13:31:39 +0000 X-Inumbo-ID: ad3aa048-392d-11ea-b833-bc764e2007e4 Received: from EUR05-AM6-obe.outbound.protection.outlook.com (unknown [2a01:111:f400:7e1b::70f]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id ad3aa048-392d-11ea-b833-bc764e2007e4; Fri, 17 Jan 2020 13:31:33 +0000 (UTC) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fMJ7zACMW9zipM9JLRm1udhuVb/Nc+3U1J1QMvvgh7Aht1VnhffYusRMefJ2AsrIe1lV/LPGVoLO4qIRE415/s5btZyWKdYX4kuZ3nikD0E0IAtQUQsTnOsXkzzRKVnIgP2LY31HDh7036BxmgtEjrHhzhXRbRlPwa5RhY9r4PJUimRU1iCObdqA9LTvNEJQZ3dZtejvzRIKhiozfw6M3k3PRpZPFsZ/6XFy1ivgfXThRLkBefwpN9gvEF8jn2Zd42GURE5Rie//daSgEUqI+hDvlfzcpQ2aaRNE6qWNO1NDPfdNmSMdNvRwV4BXjB9xwZXGvXfbnCWvLENhH3+zRQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Zak+i1VwAM5Dez896o8r9BagCFc4u+w82IQ3EmvKg9M=; b=LcGVOkkrq65UDmjUZpCCpSLReJRCYeG+NAk9o0OlZK7A9ux/tv/TqgkOPkRwTwQ24kN/kOeNRyWhdBM4YYKSxwAjv5xqX9XFdqzYIqo9yG5vzkxSpH9yAPLfZR/j8+cvUtepXHc3Gfr/Ht7/MYRrvIwpIkVqI89H019lj2M0aDabdpqds4hUEVEIWLn3j62WxJ6vPEld0jqbhdgZw2iPOvmFH10ZUDXphcyW1np4MvndFtWbEC+36f+C693WcycCetLxB9vdTHIEITD55QY2NDE1XeN8xuyGdMK4Ze+dWMjDy6J07lA5QwHmeI5lvB9CSXYgGWjRIDCGhsmtxmT6hA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=bitdefender.com; dmarc=pass action=none header.from=bitdefender.com; dkim=pass header.d=bitdefender.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bitdefender.onmicrosoft.com; s=selector2-bitdefender-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Zak+i1VwAM5Dez896o8r9BagCFc4u+w82IQ3EmvKg9M=; b=D8kPQGEoIrptRSc1jhOr6aqduosoH+lJGtp4Y3/bYUwLXrG1bP91TDspmxEqQuq7HQzHRQhRPViGSSsksg1QZG6Prdj2TclM9fwAkmZgTt03aJ9rrR17USFfqQQIt/GDJx943GOg4/QlqQUnvT/kBgK/l8p+cxPs/C4KEJ5hylw= Received: from DB6PR02MB2999.eurprd02.prod.outlook.com (10.170.219.144) by DB6PR02MB3207.eurprd02.prod.outlook.com (10.175.234.21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2644.18; Fri, 17 Jan 2020 13:31:32 +0000 Received: from DB6PR02MB2999.eurprd02.prod.outlook.com ([fe80::f1c2:7dd1:1131:1c1d]) by DB6PR02MB2999.eurprd02.prod.outlook.com ([fe80::f1c2:7dd1:1131:1c1d%7]) with mapi id 15.20.2644.023; Fri, 17 Jan 2020 13:31:32 +0000 Received: from aisaila-Latitude-E5570.dsd.bitdefender.biz (91.199.104.6) by AM0PR0402CA0004.eurprd04.prod.outlook.com (2603:10a6:208:15::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2644.20 via Frontend Transport; Fri, 17 Jan 2020 13:31:31 +0000 From: Alexandru Stefan ISAILA To: "xen-devel@lists.xenproject.org" Thread-Topic: [PATCH V8 3/4] x86/mm: Pull vendor-independent altp2m code out of p2m-ept.c and into p2m.c Thread-Index: AQHVzTpu4N3BdlWD2E+51bjjxJHR2g== Date: Fri, 17 Jan 2020 13:31:31 +0000 Message-ID: <20200117133059.14602-3-aisaila@bitdefender.com> References: <20200117133059.14602-1-aisaila@bitdefender.com> In-Reply-To: <20200117133059.14602-1-aisaila@bitdefender.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-clientproxiedby: AM0PR0402CA0004.eurprd04.prod.outlook.com (2603:10a6:208:15::17) To DB6PR02MB2999.eurprd02.prod.outlook.com (2603:10a6:6:17::16) authentication-results: spf=none (sender IP is ) smtp.mailfrom=aisaila@bitdefender.com; x-ms-exchange-messagesentrepresentingtype: 1 x-mailer: git-send-email 2.17.1 x-originating-ip: [91.199.104.6] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: b4cc1fb3-506b-4d8c-51f9-08d79b5190ad x-ms-traffictypediagnostic: DB6PR02MB3207:|DB6PR02MB3207: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:243; x-forefront-prvs: 0285201563 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(346002)(376002)(396003)(366004)(136003)(39850400004)(199004)(189003)(71200400001)(1076003)(52116002)(956004)(2616005)(66476007)(66556008)(36756003)(66446008)(64756008)(54906003)(478600001)(86362001)(6486002)(5660300002)(4326008)(8936002)(316002)(16526019)(66946007)(81156014)(26005)(81166006)(186003)(6916009)(8676002)(2906002)(6512007)(6506007); DIR:OUT; SFP:1102; SCL:1; SRVR:DB6PR02MB3207; H:DB6PR02MB2999.eurprd02.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: bitdefender.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: ZIh0uFhBI5T14mRJJbTl7jLEEdoe7So0nWou938hSvGIXOycTR6WcFl9aluT5PylByhIroUTm5WX9PHa+1PmxZpG+ZyLfi0PgA+sOK3pBlXmmY8Di0F5QIEi29V4KcHDGhnSOf6BWprUVrihXaHu4OeeOaGSHzNauY9GFjvutk3S5rfMwW8sh8UfYLnYWpKXHcZUK+FPrusep2WhNB6UYpHbmt8jYSf4/3IvfL1WS/puRZRREoKpFSa5FhATZz4jORuBoRtRMT4MzQdnLwB8Jb2+RW2nBDU+kRHb853w0JCJtbeOvCNCtp5niZK8vC9k7NPrgqi1RnIMh9CnwTjWKYvX11fV35KJSa1mglWQeVmIJdbnpFnioac/P2ib+qoPJ2If70obsbntD8ZhKB26gu0kPOA+1bdMBJkclIRqL40EGlKCEDeZvPc3xO7d+kV8 Content-ID: <2F84694402926F47815D097CD83A135B@eurprd02.prod.outlook.com> MIME-Version: 1.0 X-OriginatorOrg: bitdefender.com X-MS-Exchange-CrossTenant-Network-Message-Id: b4cc1fb3-506b-4d8c-51f9-08d79b5190ad X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Jan 2020 13:31:31.9667 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 487baf29-f1da-469a-9221-243f830c36f3 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: AsoW9lVOMs2zE5je8hfHhmhsqb1QweSkXM8d3Lna2xYLjtSYVf1BCh054oaGM7675vVSkPLgEgvm0gxcIA5Wn7BBk0S/L1Ye1WUxsgd+SUg= X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR02MB3207 Subject: [Xen-devel] [PATCH V8 3/4] x86/mm: Pull vendor-independent altp2m code out of p2m-ept.c and into p2m.c X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Kevin Tian , Jun Nakajima , Wei Liu , George Dunlap , Andrew Cooper , Jan Beulich , Alexandru Stefan ISAILA , =?utf-8?q?Roger_Pau_Monn?= =?utf-8?q?=C3=A9?= Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" No functional changes. Requested-by: Jan Beulich Signed-off-by: Alexandru Isaila Reviewed-by: Jan Beulich Reviewed-by: Petre Pircalabu Acked-by: George Dunlap --- CC: Jun Nakajima CC: Kevin Tian CC: George Dunlap CC: Jan Beulich CC: Andrew Cooper CC: Wei Liu CC: "Roger Pau Monné" --- xen/arch/x86/mm/p2m-ept.c | 6 ------ xen/arch/x86/mm/p2m.c | 6 ++++++ 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/xen/arch/x86/mm/p2m-ept.c b/xen/arch/x86/mm/p2m-ept.c index b078a9a59e..05a5526e08 100644 --- a/xen/arch/x86/mm/p2m-ept.c +++ b/xen/arch/x86/mm/p2m-ept.c @@ -1357,13 +1357,7 @@ void p2m_init_altp2m_ept(struct domain *d, unsigned int i) struct p2m_domain *hostp2m = p2m_get_hostp2m(d); struct ept_data *ept; - p2m->default_access = hostp2m->default_access; - p2m->domain = hostp2m->domain; - - p2m->global_logdirty = hostp2m->global_logdirty; p2m->ept.ad = hostp2m->ept.ad; - p2m->min_remapped_gfn = gfn_x(INVALID_GFN); - p2m->max_mapped_pfn = p2m->max_remapped_gfn = 0; ept = &p2m->ept; ept->mfn = pagetable_get_pfn(p2m_get_pagetable(p2m)); d->arch.altp2m_eptp[array_index_nospec(i, MAX_EPTP)] = ept->eptp; diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c index 3a2929c365..696946697a 100644 --- a/xen/arch/x86/mm/p2m.c +++ b/xen/arch/x86/mm/p2m.c @@ -2562,6 +2562,12 @@ static int p2m_activate_altp2m(struct domain *d, unsigned int idx) goto out; } + p2m->default_access = hostp2m->default_access; + p2m->domain = hostp2m->domain; + p2m->global_logdirty = hostp2m->global_logdirty; + p2m->min_remapped_gfn = gfn_x(INVALID_GFN); + p2m->max_mapped_pfn = p2m->max_remapped_gfn = 0; + p2m_init_altp2m_ept(d, idx); out: From patchwork Fri Jan 17 13:31:33 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Alexandru Stefan ISAILA X-Patchwork-Id: 11339027 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 2D09214B7 for ; Fri, 17 Jan 2020 13:32:53 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id F0EEF206B7 for ; Fri, 17 Jan 2020 13:32:52 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=bitdefender.onmicrosoft.com header.i=@bitdefender.onmicrosoft.com header.b="hAX2f4HB" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org F0EEF206B7 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=bitdefender.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1isRiz-0004EE-Io; Fri, 17 Jan 2020 13:31:45 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1isRiy-0004Dw-Fn for xen-devel@lists.xenproject.org; Fri, 17 Jan 2020 13:31:44 +0000 X-Inumbo-ID: ae9b2016-392d-11ea-9fd7-bc764e2007e4 Received: from EUR04-VI1-obe.outbound.protection.outlook.com (unknown [2a01:111:f400:fe0e::712]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id ae9b2016-392d-11ea-9fd7-bc764e2007e4; Fri, 17 Jan 2020 13:31:36 +0000 (UTC) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=nYkBgqnkyAVrS8voF+t5fm4s4XkmFdZGiVzSn4oRt1bUw8WHjdT2dk37K2cXvf/fs5Gtt/Ijl4jIpexEyRoc3gfvu+eG6MBRP+g9vzlEDmIcwtqRoPFrSIkNGQHBArJN0WgIZlGfRoSlEqhRw1TrcojwI9+rsbErRfeuR4AMhCnQCvZA8eGbNDkYu01XBuI9uKtjnYkvaTTy9FkR+p05K58dlCySgLr9czvr7uW1Zpk7JQIk+ayV8XSbjATkSjEGXpXS9GAUE9aRTHzOUI64RN1nDYwrpvrcwuvlsQiWW38mNnUSdoTmxaAz1ziQI791zZEdMtBimtqCvmBx/P04yQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tKkiEIFep5Gag6ffzhkeq6WwkrhpReS6HP+mEeiQp3M=; b=DLFpVXqvq3uuRRoqhhKD2bsIqfeTc69EBVGxtftMi3vITvvaJHMZeVFCbd0XT+dkxFGJAyA4WllStlAGTl6ZXI0PEpmFr8z6OISx0zIILPPQafwRakwQP1ywzh3SyLaeUy8Xkb7HfsSM3o2jsmqaBocYGUy4FRVQ+cVE8slBi4/BN1S3XF5v6McJT+SeKuAmuQn7ZCpN15IS4yRE5FVnFx0/WhbQtNs9Q6vWdzTwkzzq6Tu5CZqRZ3s7DA1FpxElXyXyIWxw41b0JTdUcvZMpcIyP48BFBecjddQcWUJX8WX0ps6bYbZFWMYuwdJxYI+0sxdPfYmoAaDm6Mohog/VQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=bitdefender.com; dmarc=pass action=none header.from=bitdefender.com; dkim=pass header.d=bitdefender.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bitdefender.onmicrosoft.com; s=selector2-bitdefender-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tKkiEIFep5Gag6ffzhkeq6WwkrhpReS6HP+mEeiQp3M=; b=hAX2f4HBV5tDbkEPupV+/uOfaM/ot0kDJ0y7JLRZtf2/QearRlAOw92UyAqI+e49hp3L0Vb02sxOBph3R0x7tybkrP4xOjKNVjfq2reuXIqOz7semeXo/apE+lIhxHaMZUbk6Ie+b/VLr8jFM08G13dbYSajmXZl6tddhhIVxPU= Received: from DB6PR02MB2999.eurprd02.prod.outlook.com (10.170.219.144) by DB6PR02MB3160.eurprd02.prod.outlook.com (10.170.220.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2623.12; Fri, 17 Jan 2020 13:31:34 +0000 Received: from DB6PR02MB2999.eurprd02.prod.outlook.com ([fe80::f1c2:7dd1:1131:1c1d]) by DB6PR02MB2999.eurprd02.prod.outlook.com ([fe80::f1c2:7dd1:1131:1c1d%7]) with mapi id 15.20.2644.023; Fri, 17 Jan 2020 13:31:34 +0000 Received: from aisaila-Latitude-E5570.dsd.bitdefender.biz (91.199.104.6) by AM0PR0402CA0004.eurprd04.prod.outlook.com (2603:10a6:208:15::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2644.20 via Frontend Transport; Fri, 17 Jan 2020 13:31:32 +0000 From: Alexandru Stefan ISAILA To: "xen-devel@lists.xenproject.org" Thread-Topic: [PATCH V8 4/4] x86/mm: Make use of the default access param from xc_altp2m_create_view Thread-Index: AQHVzTpv5ZLQiQKNJUyjMfvbmY7/kg== Date: Fri, 17 Jan 2020 13:31:33 +0000 Message-ID: <20200117133059.14602-4-aisaila@bitdefender.com> References: <20200117133059.14602-1-aisaila@bitdefender.com> In-Reply-To: <20200117133059.14602-1-aisaila@bitdefender.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-clientproxiedby: AM0PR0402CA0004.eurprd04.prod.outlook.com (2603:10a6:208:15::17) To DB6PR02MB2999.eurprd02.prod.outlook.com (2603:10a6:6:17::16) authentication-results: spf=none (sender IP is ) smtp.mailfrom=aisaila@bitdefender.com; x-ms-exchange-messagesentrepresentingtype: 1 x-mailer: git-send-email 2.17.1 x-originating-ip: [91.199.104.6] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: d35c0483-2b1d-4994-14f7-08d79b5191d6 x-ms-traffictypediagnostic: DB6PR02MB3160:|DB6PR02MB3160: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:2958; x-forefront-prvs: 0285201563 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(376002)(39850400004)(396003)(346002)(136003)(366004)(189003)(199004)(186003)(2616005)(52116002)(956004)(26005)(6512007)(16526019)(6506007)(71200400001)(81156014)(36756003)(66946007)(8676002)(66476007)(66446008)(64756008)(66556008)(81166006)(86362001)(7416002)(6486002)(316002)(5660300002)(8936002)(54906003)(1076003)(478600001)(6916009)(2906002)(4326008); DIR:OUT; SFP:1102; SCL:1; SRVR:DB6PR02MB3160; H:DB6PR02MB2999.eurprd02.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; received-spf: None (protection.outlook.com: bitdefender.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 7heIFMuL8T/4DeVDcO7Uv2UanhlismWgRu0R3uySOfstkoZRmLu9cMfKKUg8pN8v2/2KB/wRkMV+CKsV1b/PgSPMbyK0nvJe7/d9kmAkjtIoXkz0iLkwAb99lJ9neO49xzRasJbYc9vB8U4fHThLEcCb//atyEUe+3Y7UU+hkPhlHJFARKuBy0+HPNaCNMpJZZ2AYzlZsuCPPmum0UDl9PPYr4Lfwh97eU784Lx4IXCW7CRCE/azBuZw5S+zUVFLCB3mXh9LEWm4NX/nIxZVF4zG4to7rVcpCEfp6pMunPO9z5yeHhIcQ8SE4ATT4zDoVCNr3/xYo1GFFjPuuWNrfV0/tZ5A+O7GrLmx6y3vn5roKDYg1A3H7/9mAZY5lTst10xI2qX3o9lcSQsS+a620Ou26CrR81HSQlHuEa9m2iikf2p9BUhK16um4C2L0xwC Content-ID: MIME-Version: 1.0 X-OriginatorOrg: bitdefender.com X-MS-Exchange-CrossTenant-Network-Message-Id: d35c0483-2b1d-4994-14f7-08d79b5191d6 X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Jan 2020 13:31:33.9136 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 487baf29-f1da-469a-9221-243f830c36f3 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: eArH0r09JiwaeYcQ+uyUFDzWD6W2+yIJGWVKN0u8hIi6Yv0On6uyLIvzFoh/t3Z+RYp/n9yYaM3HdVkoYucv/cUWB4cET8CodRclrEOElAI= X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR02MB3160 Subject: [Xen-devel] [PATCH V8 4/4] x86/mm: Make use of the default access param from xc_altp2m_create_view X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Petre Ovidiu PIRCALABU , Stefano Stabellini , Julien Grall , Razvan COJOCARU , Wei Liu , Konrad Rzeszutek Wilk , George Dunlap , Andrew Cooper , Ian Jackson , Tamas K Lengyel , Jan Beulich , Alexandru Stefan ISAILA , =?utf-8?q?Roger_Pau_Monn?= =?utf-8?q?=C3=A9?= Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" At this moment the default_access param from xc_altp2m_create_view is not used. This patch assigns default_access to p2m->default_access at the time of initializing a new altp2m view. Signed-off-by: Alexandru Isaila Acked-by: Jan Beulich Acked-by: Tamas K Lengyel Reviewed-by: Petre Pircalabu Acked-by: George Dunlap --- CC: Jan Beulich CC: Andrew Cooper CC: Wei Liu CC: "Roger Pau Monné" CC: George Dunlap CC: Ian Jackson CC: Julien Grall CC: Konrad Rzeszutek Wilk CC: Stefano Stabellini CC: Razvan Cojocaru CC: Tamas K Lengyel CC: Petre Pircalabu CC: George Dunlap --- Changes since V6: - Remove the NULL check for p2m in xenmem_access_to_p2m_access() - Use hostp2m for default access in p2m_init_next_altp2m() - Remove the artifact line from p2m_init_next_altp2m(). --- xen/arch/x86/hvm/hvm.c | 3 ++- xen/arch/x86/mm/mem_access.c | 6 +++--- xen/arch/x86/mm/p2m.c | 20 +++++++++++++++----- xen/include/asm-x86/p2m.h | 3 ++- xen/include/public/hvm/hvm_op.h | 2 -- xen/include/xen/mem_access.h | 4 ++++ 6 files changed, 26 insertions(+), 12 deletions(-) diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c index 4d79b4934e..b96fafed65 100644 --- a/xen/arch/x86/hvm/hvm.c +++ b/xen/arch/x86/hvm/hvm.c @@ -4654,7 +4654,8 @@ static int do_altp2m_op( } case HVMOP_altp2m_create_p2m: - if ( !(rc = p2m_init_next_altp2m(d, &a.u.view.view)) ) + if ( !(rc = p2m_init_next_altp2m(d, &a.u.view.view, + a.u.view.hvmmem_default_access)) ) rc = __copy_to_guest(arg, &a, 1) ? -EFAULT : 0; break; diff --git a/xen/arch/x86/mm/mem_access.c b/xen/arch/x86/mm/mem_access.c index 31ff826393..d16540a9aa 100644 --- a/xen/arch/x86/mm/mem_access.c +++ b/xen/arch/x86/mm/mem_access.c @@ -314,9 +314,9 @@ static int set_mem_access(struct domain *d, struct p2m_domain *p2m, return rc; } -static bool xenmem_access_to_p2m_access(struct p2m_domain *p2m, - xenmem_access_t xaccess, - p2m_access_t *paccess) +bool xenmem_access_to_p2m_access(const struct p2m_domain *p2m, + xenmem_access_t xaccess, + p2m_access_t *paccess) { static const p2m_access_t memaccess[] = { #define ACCESS(ac) [XENMEM_access_##ac] = p2m_access_##ac diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c index 696946697a..4599a0bc24 100644 --- a/xen/arch/x86/mm/p2m.c +++ b/xen/arch/x86/mm/p2m.c @@ -25,6 +25,7 @@ #include /* copy_from_guest() */ #include +#include #include #include #include @@ -2536,7 +2537,8 @@ void p2m_flush_altp2m(struct domain *d) altp2m_list_unlock(d); } -static int p2m_activate_altp2m(struct domain *d, unsigned int idx) +static int p2m_activate_altp2m(struct domain *d, unsigned int idx, + p2m_access_t hvmmem_default_access) { struct p2m_domain *hostp2m, *p2m; int rc; @@ -2562,7 +2564,7 @@ static int p2m_activate_altp2m(struct domain *d, unsigned int idx) goto out; } - p2m->default_access = hostp2m->default_access; + p2m->default_access = hvmmem_default_access; p2m->domain = hostp2m->domain; p2m->global_logdirty = hostp2m->global_logdirty; p2m->min_remapped_gfn = gfn_x(INVALID_GFN); @@ -2579,6 +2581,7 @@ static int p2m_activate_altp2m(struct domain *d, unsigned int idx) int p2m_init_altp2m_by_id(struct domain *d, unsigned int idx) { int rc = -EINVAL; + struct p2m_domain *hostp2m = p2m_get_hostp2m(d); if ( idx >= min(ARRAY_SIZE(d->arch.altp2m_p2m), MAX_EPTP) ) return rc; @@ -2587,16 +2590,23 @@ int p2m_init_altp2m_by_id(struct domain *d, unsigned int idx) if ( d->arch.altp2m_eptp[array_index_nospec(idx, MAX_EPTP)] == mfn_x(INVALID_MFN) ) - rc = p2m_activate_altp2m(d, idx); + rc = p2m_activate_altp2m(d, idx, hostp2m->default_access); altp2m_list_unlock(d); return rc; } -int p2m_init_next_altp2m(struct domain *d, uint16_t *idx) +int p2m_init_next_altp2m(struct domain *d, uint16_t *idx, + xenmem_access_t hvmmem_default_access) { int rc = -EINVAL; unsigned int i; + p2m_access_t a; + struct p2m_domain *hostp2m = p2m_get_hostp2m(d); + + if ( hvmmem_default_access > XENMEM_access_default || + !xenmem_access_to_p2m_access(hostp2m, hvmmem_default_access, &a) ) + return rc; altp2m_list_lock(d); @@ -2605,7 +2615,7 @@ int p2m_init_next_altp2m(struct domain *d, uint16_t *idx) if ( d->arch.altp2m_eptp[i] != mfn_x(INVALID_MFN) ) continue; - rc = p2m_activate_altp2m(d, i); + rc = p2m_activate_altp2m(d, i, a); if ( !rc ) *idx = i; diff --git a/xen/include/asm-x86/p2m.h b/xen/include/asm-x86/p2m.h index 94285db1b4..ac2d2787f4 100644 --- a/xen/include/asm-x86/p2m.h +++ b/xen/include/asm-x86/p2m.h @@ -884,7 +884,8 @@ bool p2m_altp2m_get_or_propagate(struct p2m_domain *ap2m, unsigned long gfn_l, int p2m_init_altp2m_by_id(struct domain *d, unsigned int idx); /* Find an available alternate p2m and make it valid */ -int p2m_init_next_altp2m(struct domain *d, uint16_t *idx); +int p2m_init_next_altp2m(struct domain *d, uint16_t *idx, + xenmem_access_t hvmmem_default_access); /* Make a specific alternate p2m invalid */ int p2m_destroy_altp2m_by_id(struct domain *d, unsigned int idx); diff --git a/xen/include/public/hvm/hvm_op.h b/xen/include/public/hvm/hvm_op.h index d344606864..610e020a62 100644 --- a/xen/include/public/hvm/hvm_op.h +++ b/xen/include/public/hvm/hvm_op.h @@ -251,8 +251,6 @@ DEFINE_XEN_GUEST_HANDLE(xen_hvm_altp2m_vcpu_disable_notify_t); struct xen_hvm_altp2m_view { /* IN/OUT variable */ uint16_t view; - /* Create view only: default access type - * NOTE: currently ignored */ uint16_t hvmmem_default_access; /* xenmem_access_t */ }; typedef struct xen_hvm_altp2m_view xen_hvm_altp2m_view_t; diff --git a/xen/include/xen/mem_access.h b/xen/include/xen/mem_access.h index 00e594a0ad..5d53fb8ce4 100644 --- a/xen/include/xen/mem_access.h +++ b/xen/include/xen/mem_access.h @@ -58,6 +58,10 @@ typedef enum { /* NOTE: Assumed to be only 4 bits right now on x86. */ } p2m_access_t; +bool xenmem_access_to_p2m_access(const struct p2m_domain *p2m, + xenmem_access_t xaccess, + p2m_access_t *paccess); + /* * Set access type for a region of gfns. * If gfn == INVALID_GFN, sets the default access type.