[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen-unstable] [IA64] Prevent rfi emulation with double un-cover

# HG changeset patch
# User Alex Williamson <alex.williamson@xxxxxx>
# Date 1180987422 21600
# Node ID e7295db8866483a34afd6e9226cfa2757b8492fa
# Parent  249446c52deba48aaaa2255535edf5da204379d4
[IA64] Prevent rfi emulation with double un-cover

Recently (CS 13436) rfi hyperprivop was simplified.  But as a consequence
rfi emulation with double un-cover is not possible anymore.

Comment priv_rfi and forbid rfi emulation with double un-cover.

Signed-off-by: Tristan Gingold <tgingold@xxxxxxx>
---
 xen/arch/ia64/xen/hyperprivop.S |   18 ++++++++++++++++--
 xen/arch/ia64/xen/privop.c      |    9 +++++++++
 2 files changed, 25 insertions(+), 2 deletions(-)

diff -r 249446c52deb -r e7295db88664 xen/arch/ia64/xen/hyperprivop.S
--- a/xen/arch/ia64/xen/hyperprivop.S   Mon Jun 04 14:00:35 2007 -0600
+++ b/xen/arch/ia64/xen/hyperprivop.S   Mon Jun 04 14:03:42 2007 -0600
@@ -1029,8 +1029,22 @@ ENTRY(slow_vcpu_rfi)
        ld8 r22=[r22];;
        tbit.z p6,p0=r22,63
 (p6)   br.spnt.few dispatch_break_fault ;;
-       // if vips is valid, discard current register frame
-       // don't need dorfirfi any more
+       // If vifs.v is set, we have two IFS to consider:
+       // * the guest IFS
+       // * the hypervisor IFS (validated by cover)
+       // Because IFS is copied to CFM and is used to adjust AR.BSP,
+       // virtualization of rfi is not easy.
+       // Previously there was a two steps method (a first rfi jumped to
+       // a stub which performed a new rfi).
+       // This new method discards the RS before executing the hypervisor
+       // cover.  After cover, IFS.IFM will be zero.  This IFS would simply
+       // clear CFM but not modifying AR.BSP.  Therefore the guest IFS can
+       // be used instead and there is no need of a second rfi.
+       // Discarding the RS with the following alloc instruction just clears
+       // CFM, which is safe because rfi will overwrite it.
+       // There is a drawback: because the RS must be discarded before
+       // executing C code, emulation of rfi must go through an hyperprivop
+       // and not through normal instruction decoding.
        alloc r22=ar.pfs,0,0,0,0
        br.spnt.few dispatch_break_fault
        ;;
diff -r 249446c52deb -r e7295db88664 xen/arch/ia64/xen/privop.c
--- a/xen/arch/ia64/xen/privop.c        Mon Jun 04 14:00:35 2007 -0600
+++ b/xen/arch/ia64/xen/privop.c        Mon Jun 04 14:03:42 2007 -0600
@@ -31,6 +31,15 @@ Privileged operation emulation routines
 
 static IA64FAULT priv_rfi(VCPU * vcpu, INST64 inst)
 {
+       REGS *regs = vcpu_regs(vcpu);
+       if (PSCB(vcpu, ifs) > 0x8000000000000000UL
+           && regs->cr_ifs > 0x8000000000000000UL) {
+               panic_domain(regs,
+                            "rfi emulation with double uncover is "
+                            "impossible - use hyperprivop\n"
+                            " ip=0x%lx vifs=0x%lx ifs=0x%lx\n",
+                            regs->cr_iip, PSCB(vcpu, ifs), regs->cr_ifs);
+       }
        return vcpu_rfi(vcpu);
 }
 

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.