|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [xen staging] x86/dom0: delay setting SMAP after dom0 build is done
commit ac6b9309694de9b2b5163886656282f6ada71565
Author: Roger Pau Monné <roger.pau@xxxxxxxxxx>
AuthorDate: Mon Aug 5 10:18:05 2024 +0200
Commit: Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Mon Aug 5 10:18:05 2024 +0200
x86/dom0: delay setting SMAP after dom0 build is done
Delay setting X86_CR4_SMAP on the BSP until the domain building is done, so
that there's no need to disable SMAP. Note however that SMAP is enabled for
the APs on bringup, as domain builder code strictly run on the BSP.
Delaying
the setting for the APs would mean having to do a callfunc IPI later in
order
to set it on all the APs.
The fixes tag is to account for the wrong usage of cpu_has_smap in
create_dom0(), it should instead have used
boot_cpu_has(X86_FEATURE_XEN_SMAP).
While there also make cr4_pv32_mask __ro_after_init.
Fixes: 493ab190e5b1 ('xen/sm{e, a}p: allow disabling sm{e, a}p for Xen
itself')
Suggested-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx>
Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
---
xen/arch/x86/setup.c | 48 +++++++++++++++++++++++++++---------------------
1 file changed, 27 insertions(+), 21 deletions(-)
diff --git a/xen/arch/x86/setup.c b/xen/arch/x86/setup.c
index eee20bb175..a7a85e94e3 100644
--- a/xen/arch/x86/setup.c
+++ b/xen/arch/x86/setup.c
@@ -80,7 +80,7 @@ int8_t __initdata opt_probe_port_aliases = -1;
boolean_param("probe-port-aliases", opt_probe_port_aliases);
/* Only used in asm code and within this source file */
-unsigned long asmlinkage __read_mostly cr4_pv32_mask;
+unsigned long asmlinkage __ro_after_init cr4_pv32_mask;
/* **** Linux config option: propagated to domain0. */
/* "acpi=off": Sisables both ACPI table parsing and interpreter. */
@@ -955,26 +955,9 @@ static struct domain *__init create_dom0(const module_t
*image,
}
}
- /*
- * Temporarily clear SMAP in CR4 to allow user-accesses in
construct_dom0().
- * This saves a large number of corner cases interactions with
- * copy_from_user().
- */
- if ( cpu_has_smap )
- {
- cr4_pv32_mask &= ~X86_CR4_SMAP;
- write_cr4(read_cr4() & ~X86_CR4_SMAP);
- }
-
if ( construct_dom0(d, image, headroom, initrd, cmdline) != 0 )
panic("Could not construct domain 0\n");
- if ( cpu_has_smap )
- {
- write_cr4(read_cr4() | X86_CR4_SMAP);
- cr4_pv32_mask |= X86_CR4_SMAP;
- }
-
return d;
}
@@ -1907,16 +1890,26 @@ void asmlinkage __init noreturn __start_xen(unsigned
long mbi_p)
if ( cpu_has_smep && opt_smep != SMEP_HVM_ONLY )
setup_force_cpu_cap(X86_FEATURE_XEN_SMEP);
if ( boot_cpu_has(X86_FEATURE_XEN_SMEP) )
+ {
set_in_cr4(X86_CR4_SMEP);
+ BUILD_BUG_ON(!(X86_CR4_SMEP & XEN_CR4_PV32_BITS));
+ cr4_pv32_mask |= X86_CR4_SMEP;
+ }
if ( !opt_smap )
setup_clear_cpu_cap(X86_FEATURE_SMAP);
if ( cpu_has_smap && opt_smap != SMAP_HVM_ONLY )
setup_force_cpu_cap(X86_FEATURE_XEN_SMAP);
if ( boot_cpu_has(X86_FEATURE_XEN_SMAP) )
- set_in_cr4(X86_CR4_SMAP);
-
- cr4_pv32_mask = mmu_cr4_features & XEN_CR4_PV32_BITS;
+ /*
+ * Set SMAP on the %cr4 mask so that it's set for APs on bringup, but
+ * don't set for the BSP until domain building is done.
+ *
+ * Don't set it in cr4_pv32_mask either, until it's also set on the
+ * BSP. Otherwise the BUG in cr4_pv32_restore would trigger for events
+ * received on the BSP.
+ */
+ mmu_cr4_features |= X86_CR4_SMAP;
if ( boot_cpu_has(X86_FEATURE_FSGSBASE) )
set_in_cr4(X86_CR4_FSGSBASE);
@@ -2048,6 +2041,19 @@ void asmlinkage __init noreturn __start_xen(unsigned
long mbi_p)
if ( !dom0 )
panic("Could not set up DOM0 guest OS\n");
+ /*
+ * Enable SMAP only after being done with the domain building phase, as the
+ * PV builder switches to the domain page-tables and must be run with SMAP
+ * disabled.
+ */
+ if ( boot_cpu_has(X86_FEATURE_XEN_SMAP) )
+ {
+ ASSERT(mmu_cr4_features & X86_CR4_SMAP);
+ write_cr4(read_cr4() | X86_CR4_SMAP);
+ BUILD_BUG_ON(!(X86_CR4_SMAP & XEN_CR4_PV32_BITS));
+ cr4_pv32_mask |= X86_CR4_SMAP;
+ }
+
heap_init_late();
init_trace_bufs();
--
generated by git-patchbot for /home/xen/git/xen.git#staging
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |