|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [xen master] Revert "x86/dom0: delay setting SMAP after dom0 build is done"
commit bec25f11d5180d407cf04d2de2525fa6f876bde1
Author: Jan Beulich <jbeulich@xxxxxxxx>
AuthorDate: Mon Aug 5 12:55:37 2024 +0200
Commit: Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Mon Aug 5 12:55:37 2024 +0200
Revert "x86/dom0: delay setting SMAP after dom0 build is done"
This reverts commit ac6b9309694de9b2b5163886656282f6ada71565. The
change crashes Xen on boot on SMAP-capable systems.
---
xen/arch/x86/setup.c | 48 +++++++++++++++++++++---------------------------
1 file changed, 21 insertions(+), 27 deletions(-)
diff --git a/xen/arch/x86/setup.c b/xen/arch/x86/setup.c
index a7a85e94e3..eee20bb175 100644
--- a/xen/arch/x86/setup.c
+++ b/xen/arch/x86/setup.c
@@ -80,7 +80,7 @@ int8_t __initdata opt_probe_port_aliases = -1;
boolean_param("probe-port-aliases", opt_probe_port_aliases);
/* Only used in asm code and within this source file */
-unsigned long asmlinkage __ro_after_init cr4_pv32_mask;
+unsigned long asmlinkage __read_mostly cr4_pv32_mask;
/* **** Linux config option: propagated to domain0. */
/* "acpi=off": Sisables both ACPI table parsing and interpreter. */
@@ -955,9 +955,26 @@ static struct domain *__init create_dom0(const module_t
*image,
}
}
+ /*
+ * Temporarily clear SMAP in CR4 to allow user-accesses in
construct_dom0().
+ * This saves a large number of corner cases interactions with
+ * copy_from_user().
+ */
+ if ( cpu_has_smap )
+ {
+ cr4_pv32_mask &= ~X86_CR4_SMAP;
+ write_cr4(read_cr4() & ~X86_CR4_SMAP);
+ }
+
if ( construct_dom0(d, image, headroom, initrd, cmdline) != 0 )
panic("Could not construct domain 0\n");
+ if ( cpu_has_smap )
+ {
+ write_cr4(read_cr4() | X86_CR4_SMAP);
+ cr4_pv32_mask |= X86_CR4_SMAP;
+ }
+
return d;
}
@@ -1890,26 +1907,16 @@ void asmlinkage __init noreturn __start_xen(unsigned
long mbi_p)
if ( cpu_has_smep && opt_smep != SMEP_HVM_ONLY )
setup_force_cpu_cap(X86_FEATURE_XEN_SMEP);
if ( boot_cpu_has(X86_FEATURE_XEN_SMEP) )
- {
set_in_cr4(X86_CR4_SMEP);
- BUILD_BUG_ON(!(X86_CR4_SMEP & XEN_CR4_PV32_BITS));
- cr4_pv32_mask |= X86_CR4_SMEP;
- }
if ( !opt_smap )
setup_clear_cpu_cap(X86_FEATURE_SMAP);
if ( cpu_has_smap && opt_smap != SMAP_HVM_ONLY )
setup_force_cpu_cap(X86_FEATURE_XEN_SMAP);
if ( boot_cpu_has(X86_FEATURE_XEN_SMAP) )
- /*
- * Set SMAP on the %cr4 mask so that it's set for APs on bringup, but
- * don't set for the BSP until domain building is done.
- *
- * Don't set it in cr4_pv32_mask either, until it's also set on the
- * BSP. Otherwise the BUG in cr4_pv32_restore would trigger for events
- * received on the BSP.
- */
- mmu_cr4_features |= X86_CR4_SMAP;
+ set_in_cr4(X86_CR4_SMAP);
+
+ cr4_pv32_mask = mmu_cr4_features & XEN_CR4_PV32_BITS;
if ( boot_cpu_has(X86_FEATURE_FSGSBASE) )
set_in_cr4(X86_CR4_FSGSBASE);
@@ -2041,19 +2048,6 @@ void asmlinkage __init noreturn __start_xen(unsigned
long mbi_p)
if ( !dom0 )
panic("Could not set up DOM0 guest OS\n");
- /*
- * Enable SMAP only after being done with the domain building phase, as the
- * PV builder switches to the domain page-tables and must be run with SMAP
- * disabled.
- */
- if ( boot_cpu_has(X86_FEATURE_XEN_SMAP) )
- {
- ASSERT(mmu_cr4_features & X86_CR4_SMAP);
- write_cr4(read_cr4() | X86_CR4_SMAP);
- BUILD_BUG_ON(!(X86_CR4_SMAP & XEN_CR4_PV32_BITS));
- cr4_pv32_mask |= X86_CR4_SMAP;
- }
-
heap_init_late();
init_trace_bufs();
--
generated by git-patchbot for /home/xen/git/xen.git#master
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |