From patchwork Fri May 22 16:33:52 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tamas K Lengyel X-Patchwork-Id: 11565969 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 7C7F9159A for ; Fri, 22 May 2020 16:35:32 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 639332054F for ; Fri, 22 May 2020 16:35:32 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 639332054F Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=intel.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jcAcT-0008No-FX; Fri, 22 May 2020 16:34:01 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jcAcS-0008Nj-CG for xen-devel@lists.xenproject.org; Fri, 22 May 2020 16:34:00 +0000 X-Inumbo-ID: 0891861c-9c4a-11ea-b07b-bc764e2007e4 Received: from mga17.intel.com (unknown [192.55.52.151]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id 0891861c-9c4a-11ea-b07b-bc764e2007e4; Fri, 22 May 2020 16:33:58 +0000 (UTC) IronPort-SDR: 0GUlAE8WTWb7Nv2TTpTc79aqv9ClrXzTz4m8utzAedEbBB2orqWneWllCFgriE7jgRyzpAQ07J DHb/5OnyZzzw== X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga008.jf.intel.com ([10.7.209.65]) by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2020 09:33:57 -0700 IronPort-SDR: cp+bdUzCCs1ZaOHkSL95CIMpt6nO1es0ml2hVDZF0p4hoiQPeIrJ5E0erNfpHj9Jym3aaNWHXS FQunWTL8V4ow== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.73,422,1583222400"; d="scan'208";a="301157055" Received: from rpenaran-mobl.amr.corp.intel.com (HELO ubuntu.localdomain) ([10.212.41.203]) by orsmga008.jf.intel.com with ESMTP; 22 May 2020 09:33:55 -0700 From: Tamas K Lengyel To: xen-devel@lists.xenproject.org Subject: [PATCH v2 for-4.14 1/2] x86/mem_sharing: block interrupt injection for forks Date: Fri, 22 May 2020 09:33:52 -0700 Message-Id: X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Kevin Tian , Stefano Stabellini , Tamas K Lengyel , Jun Nakajima , Wei Liu , Andrew Cooper , Ian Jackson , George Dunlap , Tamas K Lengyel , Jan Beulich , Julien Grall , =?utf-8?q?Roger_Pau_Monn=C3=A9?= Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" When running shallow forks without device models it may be undesirable for Xen to inject interrupts. With Windows forks we have observed the kernel going into infinite loops when trying to process such interrupts, likely because it attempts to interact with devices that are not responding without QEMU running. By disabling interrupt injection the fuzzer can exercise the target code without interference. Forks & memory sharing are only available on Intel CPUs so this only applies to vmx. Signed-off-by: Tamas K Lengyel --- v2: prohibit => block minor style adjustments --- xen/arch/x86/hvm/vmx/intr.c | 6 ++++++ xen/arch/x86/mm/mem_sharing.c | 6 +++++- xen/include/asm-x86/hvm/domain.h | 2 ++ xen/include/public/memory.h | 1 + 4 files changed, 14 insertions(+), 1 deletion(-) diff --git a/xen/arch/x86/hvm/vmx/intr.c b/xen/arch/x86/hvm/vmx/intr.c index 000e14af49..80bfbb4787 100644 --- a/xen/arch/x86/hvm/vmx/intr.c +++ b/xen/arch/x86/hvm/vmx/intr.c @@ -256,6 +256,12 @@ void vmx_intr_assist(void) if ( unlikely(v->arch.vm_event) && v->arch.vm_event->sync_event ) return; +#ifdef CONFIG_MEM_SHARING + /* Block event injection for VM fork if requested */ + if ( unlikely(v->domain->arch.hvm.mem_sharing.block_interrupts) ) + return; +#endif + /* Crank the handle on interrupt state. */ pt_vector = pt_update_irq(v); diff --git a/xen/arch/x86/mm/mem_sharing.c b/xen/arch/x86/mm/mem_sharing.c index 7271e5c90b..0c45a8d67e 100644 --- a/xen/arch/x86/mm/mem_sharing.c +++ b/xen/arch/x86/mm/mem_sharing.c @@ -2106,7 +2106,8 @@ int mem_sharing_memop(XEN_GUEST_HANDLE_PARAM(xen_mem_sharing_op_t) arg) rc = -EINVAL; if ( mso.u.fork.pad ) goto out; - if ( mso.u.fork.flags & ~XENMEM_FORK_WITH_IOMMU_ALLOWED ) + if ( mso.u.fork.flags & + ~(XENMEM_FORK_WITH_IOMMU_ALLOWED | XENMEM_FORK_BLOCK_INTERRUPTS) ) goto out; rc = rcu_lock_live_remote_domain_by_id(mso.u.fork.parent_domain, @@ -2134,6 +2135,9 @@ int mem_sharing_memop(XEN_GUEST_HANDLE_PARAM(xen_mem_sharing_op_t) arg) rc = hypercall_create_continuation(__HYPERVISOR_memory_op, "lh", XENMEM_sharing_op, arg); + else if ( !rc && (mso.u.fork.flags & XENMEM_FORK_BLOCK_INTERRUPTS) ) + d->arch.hvm.mem_sharing.block_interrupts = true; + rcu_unlock_domain(pd); break; } diff --git a/xen/include/asm-x86/hvm/domain.h b/xen/include/asm-x86/hvm/domain.h index 95fe18cddc..37e494d234 100644 --- a/xen/include/asm-x86/hvm/domain.h +++ b/xen/include/asm-x86/hvm/domain.h @@ -74,6 +74,8 @@ struct mem_sharing_domain * to resume the search. */ unsigned long next_shared_gfn_to_relinquish; + + bool block_interrupts; }; #endif diff --git a/xen/include/public/memory.h b/xen/include/public/memory.h index dbd35305df..1e4959638d 100644 --- a/xen/include/public/memory.h +++ b/xen/include/public/memory.h @@ -537,6 +537,7 @@ struct xen_mem_sharing_op { struct mem_sharing_op_fork { /* OP_FORK */ domid_t parent_domain; /* IN: parent's domain id */ #define XENMEM_FORK_WITH_IOMMU_ALLOWED (1u << 0) +#define XENMEM_FORK_BLOCK_INTERRUPTS (1u << 1) uint16_t flags; /* IN: optional settings */ uint32_t pad; /* Must be set to 0 */ } fork; From patchwork Fri May 22 16:33:53 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Tamas K Lengyel X-Patchwork-Id: 11565967 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 6D4CC1391 for ; Fri, 22 May 2020 16:34:36 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 52F1620814 for ; Fri, 22 May 2020 16:34:36 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 52F1620814 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=intel.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jcAcX-0008ON-Rr; Fri, 22 May 2020 16:34:05 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jcAcX-0008OG-9W for xen-devel@lists.xenproject.org; Fri, 22 May 2020 16:34:05 +0000 X-Inumbo-ID: 0a47d7e0-9c4a-11ea-b07b-bc764e2007e4 Received: from mga17.intel.com (unknown [192.55.52.151]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id 0a47d7e0-9c4a-11ea-b07b-bc764e2007e4; Fri, 22 May 2020 16:34:00 +0000 (UTC) IronPort-SDR: GAK5B0aPxgcDVjfYmww21crZRwn4iCU7cYH2NlSS0orDwucsU7hVgiHYvycYpmGImkAyovvUSX c4xNnwyYH6aQ== X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga008.jf.intel.com ([10.7.209.65]) by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2020 09:33:57 -0700 IronPort-SDR: iZyueIouIt1QOBCDMYx+urq1Nqe60j6GkJlwLC/tYvEctZCC1KG7/uhyQAzfRKkM2XIumvoZ13 lDdnoyMd4Fcw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.73,422,1583222400"; d="scan'208";a="301157059" Received: from rpenaran-mobl.amr.corp.intel.com (HELO ubuntu.localdomain) ([10.212.41.203]) by orsmga008.jf.intel.com with ESMTP; 22 May 2020 09:33:56 -0700 From: Tamas K Lengyel To: xen-devel@lists.xenproject.org Subject: [PATCH v2 for-4.14 2/2] tools/libxc: xc_memshr_fork with interrupts blocked Date: Fri, 22 May 2020 09:33:53 -0700 Message-Id: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Ian Jackson , Tamas K Lengyel , Wei Liu , =?utf-8?q?Roger_Pau_Monn=C3=A9?= Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Toolstack side for creating forks with interrupt injection blocked. Signed-off-by: Tamas K Lengyel Reviewed-by: Roger Pau Monné Acked-by: Ian Jackson --- tools/libxc/include/xenctrl.h | 3 ++- tools/libxc/xc_memshr.c | 4 +++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/tools/libxc/include/xenctrl.h b/tools/libxc/include/xenctrl.h index 45ff7db1e8..804ff001d7 100644 --- a/tools/libxc/include/xenctrl.h +++ b/tools/libxc/include/xenctrl.h @@ -2242,7 +2242,8 @@ int xc_memshr_range_share(xc_interface *xch, int xc_memshr_fork(xc_interface *xch, uint32_t source_domain, uint32_t client_domain, - bool allow_with_iommu); + bool allow_with_iommu, + bool block_interrupts); /* * Note: this function is only intended to be used on short-lived forks that diff --git a/tools/libxc/xc_memshr.c b/tools/libxc/xc_memshr.c index 2300cc7075..a6cfd7dccf 100644 --- a/tools/libxc/xc_memshr.c +++ b/tools/libxc/xc_memshr.c @@ -240,7 +240,7 @@ int xc_memshr_debug_gref(xc_interface *xch, } int xc_memshr_fork(xc_interface *xch, uint32_t pdomid, uint32_t domid, - bool allow_with_iommu) + bool allow_with_iommu, bool block_interrupts) { xen_mem_sharing_op_t mso; @@ -251,6 +251,8 @@ int xc_memshr_fork(xc_interface *xch, uint32_t pdomid, uint32_t domid, if ( allow_with_iommu ) mso.u.fork.flags |= XENMEM_FORK_WITH_IOMMU_ALLOWED; + if ( block_interrupts ) + mso.u.fork.flags |= XENMEM_FORK_BLOCK_INTERRUPTS; return xc_memshr_memop(xch, domid, &mso); }