[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen stable-4.10] x86: split opt_pv_l1tf
commit b79ac2746c4614e15e69266048d92be9b03194fd Author: Jan Beulich <jbeulich@xxxxxxxx> AuthorDate: Mon Nov 5 15:09:16 2018 +0100 Commit: Jan Beulich <jbeulich@xxxxxxxx> CommitDate: Mon Nov 5 15:09:16 2018 +0100 x86: split opt_pv_l1tf Use separate tracking variables for the hardware domain and DomU-s. No functional change intended, but adjust the comment in init_speculation_mitigations() to match prior as well as resulting code. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Acked-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> master commit: 0b89643ef6ef14e2c2b731ca675d23e405ed69b1 master date: 2018-10-04 14:49:19 +0200 --- xen/arch/x86/spec_ctrl.c | 44 ++++++++++++++++++++--------------------- xen/include/asm-x86/shadow.h | 5 ++--- xen/include/asm-x86/spec_ctrl.h | 4 +--- 3 files changed, 25 insertions(+), 28 deletions(-) diff --git a/xen/arch/x86/spec_ctrl.c b/xen/arch/x86/spec_ctrl.c index a5e32112a2..5d8c888687 100644 --- a/xen/arch/x86/spec_ctrl.c +++ b/xen/arch/x86/spec_ctrl.c @@ -126,8 +126,10 @@ static int __init parse_spec_ctrl(const char *s) if ( opt_smt < 0 ) opt_smt = 1; - if ( opt_pv_l1tf < 0 ) - opt_pv_l1tf = 0; + if ( opt_pv_l1tf_hwdom < 0 ) + opt_pv_l1tf_hwdom = 0; + if ( opt_pv_l1tf_domu < 0 ) + opt_pv_l1tf_domu = 0; disable_common: opt_rsb_pv = false; @@ -205,7 +207,8 @@ static int __init parse_spec_ctrl(const char *s) } custom_param("spec-ctrl", parse_spec_ctrl); -int8_t __read_mostly opt_pv_l1tf = -1; +int8_t __read_mostly opt_pv_l1tf_hwdom = -1; +int8_t __read_mostly opt_pv_l1tf_domu = -1; static __init int parse_pv_l1tf(const char *s) { @@ -213,12 +216,14 @@ static __init int parse_pv_l1tf(const char *s) int val, rc = 0; /* Inhibit the defaults as an explicit choice has been given. */ - if ( opt_pv_l1tf == -1 ) - opt_pv_l1tf = 0; + if ( opt_pv_l1tf_hwdom == -1 ) + opt_pv_l1tf_hwdom = 0; + if ( opt_pv_l1tf_domu == -1 ) + opt_pv_l1tf_domu = 0; /* Interpret 'pv-l1tf' alone in its positive boolean form. */ if ( *s == '\0' ) - opt_pv_l1tf = OPT_PV_L1TF_DOM0 | OPT_PV_L1TF_DOMU; + opt_pv_l1tf_hwdom = opt_pv_l1tf_domu = 1; do { ss = strchr(s, ','); @@ -228,20 +233,18 @@ static __init int parse_pv_l1tf(const char *s) switch ( parse_bool(s, ss) ) { case 0: - opt_pv_l1tf = 0; + opt_pv_l1tf_hwdom = opt_pv_l1tf_domu = 0; break; case 1: - opt_pv_l1tf = OPT_PV_L1TF_DOM0 | OPT_PV_L1TF_DOMU; + opt_pv_l1tf_hwdom = opt_pv_l1tf_domu = 1; break; default: if ( (val = parse_boolean("dom0", s, ss)) >= 0 ) - opt_pv_l1tf = ((opt_pv_l1tf & ~OPT_PV_L1TF_DOM0) | - (val ? OPT_PV_L1TF_DOM0 : 0)); + opt_pv_l1tf_hwdom = val; else if ( (val = parse_boolean("domu", s, ss)) >= 0 ) - opt_pv_l1tf = ((opt_pv_l1tf & ~OPT_PV_L1TF_DOMU) | - (val ? OPT_PV_L1TF_DOMU : 0)); + opt_pv_l1tf_domu = val; else if ( *s ) rc = -EINVAL; break; @@ -304,7 +307,7 @@ static void __init print_details(enum ind_thunk thunk, uint64_t caps) opt_l1d_flush ? " L1D_FLUSH" : ""); /* L1TF diagnostics, printed if vulnerable or PV shadowing is in use. */ - if ( cpu_has_bug_l1tf || opt_pv_l1tf ) + if ( cpu_has_bug_l1tf || opt_pv_l1tf_hwdom || opt_pv_l1tf_domu ) printk(" L1TF: believed%s vulnerable, maxphysaddr L1D %u, CPUID %u" ", Safe address %"PRIx64"\n", cpu_has_bug_l1tf ? "" : " not", @@ -333,8 +336,8 @@ static void __init print_details(enum ind_thunk thunk, uint64_t caps) opt_xpti_domu ? "enabled" : "disabled"); printk(" PV L1TF shadowing: Dom0 %s, DomU %s\n", - opt_pv_l1tf & OPT_PV_L1TF_DOM0 ? "enabled" : "disabled", - opt_pv_l1tf & OPT_PV_L1TF_DOMU ? "enabled" : "disabled"); + opt_pv_l1tf_hwdom ? "enabled" : "disabled", + opt_pv_l1tf_domu ? "enabled" : "disabled"); } /* Calculate whether Retpoline is known-safe on this CPU. */ @@ -875,13 +878,10 @@ void __init init_speculation_mitigations(void) * In shim mode, SHADOW is expected to be compiled out, and a malicious * guest kernel can only attack the shim Xen, not the host Xen. */ - if ( opt_pv_l1tf == -1 ) - { - if ( pv_shim || !cpu_has_bug_l1tf ) - opt_pv_l1tf = 0; - else - opt_pv_l1tf = OPT_PV_L1TF_DOMU; - } + if ( opt_pv_l1tf_hwdom == -1 ) + opt_pv_l1tf_hwdom = 0; + if ( opt_pv_l1tf_domu == -1 ) + opt_pv_l1tf_domu = !pv_shim && cpu_has_bug_l1tf; /* * By default, enable L1D_FLUSH on L1TF-vulnerable hardware, unless diff --git a/xen/include/asm-x86/shadow.h b/xen/include/asm-x86/shadow.h index f40f411871..1a494029fa 100644 --- a/xen/include/asm-x86/shadow.h +++ b/xen/include/asm-x86/shadow.h @@ -224,9 +224,8 @@ void pv_l1tf_tasklet(unsigned long data); static inline void pv_l1tf_domain_init(struct domain *d) { - d->arch.pv_domain.check_l1tf = - opt_pv_l1tf & (is_hardware_domain(d) - ? OPT_PV_L1TF_DOM0 : OPT_PV_L1TF_DOMU); + d->arch.pv_domain.check_l1tf = is_hardware_domain(d) ? opt_pv_l1tf_hwdom + : opt_pv_l1tf_domu; #if defined(CONFIG_SHADOW_PAGING) && defined(CONFIG_PV) tasklet_init(&d->arch.paging.shadow.pv_l1tf_tasklet, diff --git a/xen/include/asm-x86/spec_ctrl.h b/xen/include/asm-x86/spec_ctrl.h index 1b29f45b1b..c8463544ae 100644 --- a/xen/include/asm-x86/spec_ctrl.h +++ b/xen/include/asm-x86/spec_ctrl.h @@ -37,9 +37,7 @@ extern uint8_t default_spec_ctrl_flags; extern int8_t opt_xpti_hwdom, opt_xpti_domu; -extern int8_t opt_pv_l1tf; -#define OPT_PV_L1TF_DOM0 0x01 -#define OPT_PV_L1TF_DOMU 0x02 +extern int8_t opt_pv_l1tf_hwdom, opt_pv_l1tf_domu; /* * The L1D address mask, which might be wider than reported in CPUID, and the -- generated by git-patchbot for /home/xen/git/xen.git#stable-4.10 _______________________________________________ Xen-changelog mailing list Xen-changelog@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/xen-changelog
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |