From patchwork Mon Sep 14 12:38:49 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Jan Beulich X-Patchwork-Id: 11773679 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 0E67A14B7 for ; Mon, 14 Sep 2020 12:39:29 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id CB06120759 for ; Mon, 14 Sep 2020 12:39:28 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org CB06120759 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=suse.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1kHnky-0001cB-N0; Mon, 14 Sep 2020 12:38:52 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1kHnkx-0001c4-OK for xen-devel@lists.xenproject.org; Mon, 14 Sep 2020 12:38:51 +0000 X-Inumbo-ID: 94a86a6e-5948-4a54-bb1c-d32a59a50556 Received: from mx2.suse.de (unknown [195.135.220.15]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id 94a86a6e-5948-4a54-bb1c-d32a59a50556; Mon, 14 Sep 2020 12:38:50 +0000 (UTC) X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (unknown [195.135.221.27]) by mx2.suse.de (Postfix) with ESMTP id 296B4AC79; Mon, 14 Sep 2020 12:39:05 +0000 (UTC) Subject: [PATCH 1/3] x86/shim: fix build with PV_SHIM_EXCLUSIVE and SHADOW_PAGING From: Jan Beulich To: "xen-devel@lists.xenproject.org" Cc: Andrew Cooper , Wei Liu , =?utf-8?q?Roger_Pau_Monn=C3=A9?= , George Dunlap , Tim Deegan References: <5d86a23c-5dea-8697-9ba1-900d35b99695@suse.com> Message-ID: <3ddb9adf-22b5-9196-1f3c-7cb3cafd08dd@suse.com> Date: Mon, 14 Sep 2020 14:38:49 +0200 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.12.0 MIME-Version: 1.0 In-Reply-To: <5d86a23c-5dea-8697-9ba1-900d35b99695@suse.com> Content-Language: en-US X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" While there's little point in enabling both, the combination ought to at least build correctly. Drop the direct PV_SHIM_EXCLUSIVE conditionals and instead zap PG_log_dirty to zero under the right conditions, and key other #ifdef-s off of that. While there also expand on ded576ce07e9 ("x86/shadow: dirty VRAM tracking is needed for HVM only"): There was yet another is_hvm_domain() missing, and code touching the struct fields needs to be guarded by suitable #ifdef-s as well. While there also guard shadow-mode-only fields accordingly. Fixes: 8b5b49ceb3d9 ("x86: don't include domctl and alike in shim-exclusive builds") Reported-by: Andrew Cooper Signed-off-by: Jan Beulich Reviewed-by: Roger Pau Monné --- a/xen/arch/x86/mm/paging.c +++ b/xen/arch/x86/mm/paging.c @@ -47,7 +47,7 @@ /* Per-CPU variable for enforcing the lock ordering */ DEFINE_PER_CPU(int, mm_lock_level); -#ifndef CONFIG_PV_SHIM_EXCLUSIVE +#if PG_log_dirty /************************************************/ /* LOG DIRTY SUPPORT */ @@ -630,7 +630,7 @@ void paging_log_dirty_init(struct domain d->arch.paging.log_dirty.ops = ops; } -#endif /* CONFIG_PV_SHIM_EXCLUSIVE */ +#endif /* PG_log_dirty */ /************************************************/ /* CODE FOR PAGING SUPPORT */ @@ -671,7 +671,7 @@ void paging_vcpu_init(struct vcpu *v) shadow_vcpu_init(v); } -#ifndef CONFIG_PV_SHIM_EXCLUSIVE +#if PG_log_dirty int paging_domctl(struct domain *d, struct xen_domctl_shadow_op *sc, XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl, bool_t resuming) @@ -792,7 +792,7 @@ long paging_domctl_continuation(XEN_GUES return ret; } -#endif /* CONFIG_PV_SHIM_EXCLUSIVE */ +#endif /* PG_log_dirty */ /* Call when destroying a domain */ int paging_teardown(struct domain *d) @@ -808,7 +808,7 @@ int paging_teardown(struct domain *d) if ( preempted ) return -ERESTART; -#ifndef CONFIG_PV_SHIM_EXCLUSIVE +#if PG_log_dirty /* clean up log dirty resources. */ rc = paging_free_log_dirty_bitmap(d, 0); if ( rc == -ERESTART ) --- a/xen/arch/x86/mm/shadow/common.c +++ b/xen/arch/x86/mm/shadow/common.c @@ -2869,12 +2869,14 @@ void shadow_teardown(struct domain *d, b * calls now that we've torn down the bitmap */ d->arch.paging.mode &= ~PG_log_dirty; - if ( d->arch.hvm.dirty_vram ) +#ifdef CONFIG_HVM + if ( is_hvm_domain(d) && d->arch.hvm.dirty_vram ) { xfree(d->arch.hvm.dirty_vram->sl1ma); xfree(d->arch.hvm.dirty_vram->dirty_bitmap); XFREE(d->arch.hvm.dirty_vram); } +#endif out: paging_unlock(d); --- a/xen/arch/x86/mm/shadow/multi.c +++ b/xen/arch/x86/mm/shadow/multi.c @@ -618,6 +618,7 @@ _sh_propagate(struct vcpu *v, } } +#ifdef CONFIG_HVM if ( unlikely(level == 1) && is_hvm_domain(d) ) { struct sh_dirty_vram *dirty_vram = d->arch.hvm.dirty_vram; @@ -632,6 +633,7 @@ _sh_propagate(struct vcpu *v, sflags &= ~_PAGE_RW; } } +#endif /* Read-only memory */ if ( p2m_is_readonly(p2mt) ) @@ -1050,6 +1052,7 @@ static inline void shadow_vram_get_l1e(s mfn_t sl1mfn, struct domain *d) { +#ifdef CONFIG_HVM mfn_t mfn = shadow_l1e_get_mfn(new_sl1e); int flags = shadow_l1e_get_flags(new_sl1e); unsigned long gfn; @@ -1074,6 +1077,7 @@ static inline void shadow_vram_get_l1e(s dirty_vram->sl1ma[i] = mfn_to_maddr(sl1mfn) | ((unsigned long)sl1e & ~PAGE_MASK); } +#endif } static inline void shadow_vram_put_l1e(shadow_l1e_t old_sl1e, @@ -1081,6 +1085,7 @@ static inline void shadow_vram_put_l1e(s mfn_t sl1mfn, struct domain *d) { +#ifdef CONFIG_HVM mfn_t mfn = shadow_l1e_get_mfn(old_sl1e); int flags = shadow_l1e_get_flags(old_sl1e); unsigned long gfn; @@ -1140,6 +1145,7 @@ static inline void shadow_vram_put_l1e(s dirty_vram->last_dirty = NOW(); } } +#endif } static int shadow_set_l1e(struct domain *d, --- a/xen/include/asm-x86/paging.h +++ b/xen/include/asm-x86/paging.h @@ -67,8 +67,12 @@ #define PG_translate 0 #define PG_external 0 #endif +#if defined(CONFIG_HVM) || !defined(CONFIG_PV_SHIM_EXCLUSIVE) /* Enable log dirty mode */ #define PG_log_dirty (XEN_DOMCTL_SHADOW_ENABLE_LOG_DIRTY << PG_mode_shift) +#else +#define PG_log_dirty 0 +#endif /* All paging modes. */ #define PG_MASK (PG_refcounts | PG_log_dirty | PG_translate | PG_external) @@ -154,7 +158,7 @@ struct paging_mode { /***************************************************************************** * Log dirty code */ -#ifndef CONFIG_PV_SHIM_EXCLUSIVE +#if PG_log_dirty /* get the dirty bitmap for a specific range of pfns */ void paging_log_dirty_range(struct domain *d, @@ -195,23 +199,28 @@ int paging_mfn_is_dirty(struct domain *d #define L4_LOGDIRTY_IDX(pfn) ((pfn_x(pfn) >> (PAGE_SHIFT + 3 + PAGETABLE_ORDER * 2)) & \ (LOGDIRTY_NODE_ENTRIES-1)) +#ifdef CONFIG_HVM /* VRAM dirty tracking support */ struct sh_dirty_vram { unsigned long begin_pfn; unsigned long end_pfn; +#ifdef CONFIG_SHADOW_PAGING paddr_t *sl1ma; uint8_t *dirty_bitmap; s_time_t last_dirty; +#endif }; +#endif -#else /* !CONFIG_PV_SHIM_EXCLUSIVE */ +#else /* !PG_log_dirty */ static inline void paging_log_dirty_init(struct domain *d, const struct log_dirty_ops *ops) {} static inline void paging_mark_dirty(struct domain *d, mfn_t gmfn) {} static inline void paging_mark_pfn_dirty(struct domain *d, pfn_t pfn) {} +static inline bool paging_mfn_is_dirty(struct domain *d, mfn_t gmfn) { return false; } -#endif /* CONFIG_PV_SHIM_EXCLUSIVE */ +#endif /* PG_log_dirty */ /***************************************************************************** * Entry points into the paging-assistance code */ From patchwork Mon Sep 14 12:39:08 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Jan Beulich X-Patchwork-Id: 11773681 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 44A1B59D for ; Mon, 14 Sep 2020 12:39:54 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 1ECCE20759 for ; Mon, 14 Sep 2020 12:39:53 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 1ECCE20759 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=suse.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1kHnlI-0001eO-0H; Mon, 14 Sep 2020 12:39:12 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1kHnlG-0001eC-CE for xen-devel@lists.xenproject.org; Mon, 14 Sep 2020 12:39:10 +0000 X-Inumbo-ID: 1946bd0f-9534-4a5f-8dc1-6569f06bd3bc Received: from mx2.suse.de (unknown [195.135.220.15]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id 1946bd0f-9534-4a5f-8dc1-6569f06bd3bc; Mon, 14 Sep 2020 12:39:09 +0000 (UTC) X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (unknown [195.135.221.27]) by mx2.suse.de (Postfix) with ESMTP id 259D7B2F5; Mon, 14 Sep 2020 12:39:24 +0000 (UTC) Subject: [PATCH 2/3] x86/shim: adjust Kconfig defaults From: Jan Beulich To: "xen-devel@lists.xenproject.org" Cc: Andrew Cooper , Wei Liu , =?utf-8?q?Roger_Pau_Monn=C3=A9?= , George Dunlap References: <5d86a23c-5dea-8697-9ba1-900d35b99695@suse.com> Message-ID: <7eb74774-f8dc-ef97-c66d-0c4ac50ed9e0@suse.com> Date: Mon, 14 Sep 2020 14:39:08 +0200 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.12.0 MIME-Version: 1.0 In-Reply-To: <5d86a23c-5dea-8697-9ba1-900d35b99695@suse.com> Content-Language: en-US X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Just like HVM, defaulting SHADOW_PAGING and TBOOT to Yes in shim- exclusive mode makes no sense, as the respective code is dead there. Also adjust the shim default config file: It needs to specifiy values only for settings where a non-default value is wanted. Signed-off-by: Jan Beulich Reviewed-by: Roger Pau Monné --- a/xen/arch/x86/Kconfig +++ b/xen/arch/x86/Kconfig @@ -116,9 +116,9 @@ config XEN_SHSTK compatiblity can be provided via the PV Shim mechanism. config SHADOW_PAGING - bool "Shadow Paging" - default y - ---help--- + bool "Shadow Paging" + default y if !PV_SHIM_EXCLUSIVE + ---help--- Shadow paging is a software alternative to hardware paging support (Intel EPT, AMD NPT). @@ -165,8 +165,8 @@ config HVM_FEP If unsure, say N. config TBOOT - def_bool y - prompt "Xen tboot support" if EXPERT + bool "Xen tboot support" if EXPERT + default y if !PV_SHIM_EXCLUSIVE select CRYPTO ---help--- Allows support for Trusted Boot using the Intel(R) Trusted Execution --- a/xen/arch/x86/configs/pvshim_defconfig +++ b/xen/arch/x86/configs/pvshim_defconfig @@ -8,12 +8,9 @@ CONFIG_NR_CPUS=32 CONFIG_EXPERT=y CONFIG_SCHED_NULL=y # Disable features not used by the PV shim -# CONFIG_HVM is not set # CONFIG_XEN_SHSTK is not set # CONFIG_HYPFS is not set -# CONFIG_SHADOW_PAGING is not set # CONFIG_BIGMEM is not set -# CONFIG_TBOOT is not set # CONFIG_KEXEC is not set # CONFIG_XENOPROF is not set # CONFIG_XSM is not set From patchwork Mon Sep 14 12:39:33 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jan Beulich X-Patchwork-Id: 11773687 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 9061F14B7 for ; Mon, 14 Sep 2020 12:40:57 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 6592120759 for ; Mon, 14 Sep 2020 12:40:57 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 6592120759 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=suse.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1kHnlh-0001jq-CH; Mon, 14 Sep 2020 12:39:37 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1kHnlf-0001jN-EI for xen-devel@lists.xenproject.org; Mon, 14 Sep 2020 12:39:35 +0000 X-Inumbo-ID: 60667035-976a-4454-9902-1853e3fddc70 Received: from mx2.suse.de (unknown [195.135.220.15]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id 60667035-976a-4454-9902-1853e3fddc70; Mon, 14 Sep 2020 12:39:34 +0000 (UTC) X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (unknown [195.135.221.27]) by mx2.suse.de (Postfix) with ESMTP id 73581AC79; Mon, 14 Sep 2020 12:39:49 +0000 (UTC) Subject: [PATCH 3/3] x86/shim: don't permit HVM and PV_SHIM_EXCLUSIVE at the same time From: Jan Beulich To: "xen-devel@lists.xenproject.org" Cc: Andrew Cooper , Wei Liu , =?utf-8?q?Roger_Pau_Monn=C3=A9?= , George Dunlap References: <5d86a23c-5dea-8697-9ba1-900d35b99695@suse.com> Message-ID: Date: Mon, 14 Sep 2020 14:39:33 +0200 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.12.0 MIME-Version: 1.0 In-Reply-To: <5d86a23c-5dea-8697-9ba1-900d35b99695@suse.com> Content-Language: en-US X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" This combination doesn't really make sense (and there likely are more). The alternative here would be some presumably intrusive #ifdef-ary to get this combination to actually build again. Signed-off-by: Jan Beulich --- a/xen/arch/x86/Kconfig +++ b/xen/arch/x86/Kconfig @@ -23,7 +23,7 @@ config X86 select HAS_PDX select HAS_SCHED_GRANULARITY select HAS_UBSAN - select HAS_VPCI if !PV_SHIM_EXCLUSIVE && HVM + select HAS_VPCI if HVM select NEEDS_LIBELF select NUMA @@ -90,8 +90,8 @@ config PV_LINEAR_PT If unsure, say Y. config HVM - def_bool !PV_SHIM_EXCLUSIVE - prompt "HVM support" + bool "HVM support" + depends on !PV_SHIM_EXCLUSIVE ---help--- Interfaces to support HVM domains. HVM domains require hardware virtualisation extensions (e.g. Intel VT-x, AMD SVM), but can boot