[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[xen stable-4.18] x86/HVM: drop stdvga's "cache" struct member



commit c41c3d8c44ac72c63bf7c41a72436baca150f304
Author:     Jan Beulich <jbeulich@xxxxxxxx>
AuthorDate: Tue Nov 12 13:50:54 2024 +0100
Commit:     Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Tue Nov 12 13:50:54 2024 +0100

    x86/HVM: drop stdvga's "cache" struct member
    
    Since 68e1183411be ("libxc: introduce a xc_dom_arch for hvm-3.0-x86_32
    guests"), HVM guests are built using XEN_DOMCTL_sethvmcontext, which
    ends up disabling stdvga caching because of arch_hvm_load() being
    involved in the processing of the request. With that the field is
    useless, and can be dropped. Drop the helper functions manipulating /
    checking as well right away, but leave the use sites of
    stdvga_cache_is_enabled() with the hard-coded result the function would
    have produced, to aid validation of subsequent dropping of further code.
    
    This is part of XSA-463 / CVE-2024-45818
    
    Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
    Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    (cherry picked from commit 53b7246bdfb3c280adcdf714918e4decb7e108f4)
---
 xen/arch/x86/hvm/save.c           |  3 ---
 xen/arch/x86/hvm/stdvga.c         | 44 +++------------------------------------
 xen/arch/x86/include/asm/hvm/io.h |  7 -------
 3 files changed, 3 insertions(+), 51 deletions(-)

diff --git a/xen/arch/x86/hvm/save.c b/xen/arch/x86/hvm/save.c
index 79713cd6ca..832a10f67e 100644
--- a/xen/arch/x86/hvm/save.c
+++ b/xen/arch/x86/hvm/save.c
@@ -64,9 +64,6 @@ int arch_hvm_load(struct domain *d, struct hvm_save_header 
*hdr)
     /* Time when restore started  */
     d->arch.hvm.sync_tsc = rdtsc();
 
-    /* VGA state is not saved/restored, so we nobble the cache. */
-    d->arch.hvm.stdvga.cache = STDVGA_CACHE_DISABLED;
-
     return 0;
 }
 
diff --git a/xen/arch/x86/hvm/stdvga.c b/xen/arch/x86/hvm/stdvga.c
index 6419211266..ac7056b00b 100644
--- a/xen/arch/x86/hvm/stdvga.c
+++ b/xen/arch/x86/hvm/stdvga.c
@@ -100,37 +100,6 @@ static void vram_put(struct hvm_hw_stdvga *s, void *p)
     unmap_domain_page(p);
 }
 
-static void stdvga_try_cache_enable(struct hvm_hw_stdvga *s)
-{
-    /*
-     * Caching mode can only be enabled if the the cache has
-     * never been used before. As soon as it is disabled, it will
-     * become out-of-sync with the VGA device model and since no
-     * mechanism exists to acquire current VRAM state from the
-     * device model, re-enabling it would lead to stale data being
-     * seen by the guest.
-     */
-    if ( s->cache != STDVGA_CACHE_UNINITIALIZED )
-        return;
-
-    gdprintk(XENLOG_INFO, "entering caching mode\n");
-    s->cache = STDVGA_CACHE_ENABLED;
-}
-
-static void stdvga_cache_disable(struct hvm_hw_stdvga *s)
-{
-    if ( s->cache != STDVGA_CACHE_ENABLED )
-        return;
-
-    gdprintk(XENLOG_INFO, "leaving caching mode\n");
-    s->cache = STDVGA_CACHE_DISABLED;
-}
-
-static bool_t stdvga_cache_is_enabled(const struct hvm_hw_stdvga *s)
-{
-    return s->cache == STDVGA_CACHE_ENABLED;
-}
-
 static int stdvga_outb(uint64_t addr, uint8_t val)
 {
     struct hvm_hw_stdvga *s = &current->domain->arch.hvm.stdvga;
@@ -170,7 +139,6 @@ static int stdvga_outb(uint64_t addr, uint8_t val)
     if ( !prev_stdvga && s->stdvga )
     {
         gdprintk(XENLOG_INFO, "entering stdvga mode\n");
-        stdvga_try_cache_enable(s);
     }
     else if ( prev_stdvga && !s->stdvga )
     {
@@ -468,7 +436,7 @@ static int cf_check stdvga_mem_write(
     };
     struct ioreq_server *srv;
 
-    if ( !stdvga_cache_is_enabled(s) || !s->stdvga )
+    if ( true || !s->stdvga )
         goto done;
 
     /* Intercept mmio write */
@@ -536,18 +504,12 @@ static bool cf_check stdvga_mem_accept(
          * We cannot return X86EMUL_UNHANDLEABLE on anything other then the
          * first cycle of an I/O. So, since we cannot guarantee to always be
          * able to send buffered writes, we have to reject any multi-cycle
-         * or "indirect" I/O and, since we are rejecting an I/O, we must
-         * invalidate the cache.
-         * Single-cycle write transactions are accepted even if the cache is
-         * not active since we can assert, when in stdvga mode, that writes
-         * to VRAM have no side effect and thus we can try to buffer them.
+         * or "indirect" I/O.
          */
-        stdvga_cache_disable(s);
-
         goto reject;
     }
     else if ( p->dir == IOREQ_READ &&
-              (!stdvga_cache_is_enabled(s) || !s->stdvga) )
+              (true || !s->stdvga) )
         goto reject;
 
     /* s->lock intentionally held */
diff --git a/xen/arch/x86/include/asm/hvm/io.h 
b/xen/arch/x86/include/asm/hvm/io.h
index e5225e75ef..1abe1ab67b 100644
--- a/xen/arch/x86/include/asm/hvm/io.h
+++ b/xen/arch/x86/include/asm/hvm/io.h
@@ -110,19 +110,12 @@ struct vpci_arch_msix_entry {
     int pirq;
 };
 
-enum stdvga_cache_state {
-    STDVGA_CACHE_UNINITIALIZED,
-    STDVGA_CACHE_ENABLED,
-    STDVGA_CACHE_DISABLED
-};
-
 struct hvm_hw_stdvga {
     uint8_t sr_index;
     uint8_t sr[8];
     uint8_t gr_index;
     uint8_t gr[9];
     bool_t stdvga;
-    enum stdvga_cache_state cache;
     uint32_t latch;
     struct page_info *vram_page[64];  /* shadow of 0xa0000-0xaffff */
     spinlock_t lock;
--
generated by git-patchbot for /home/xen/git/xen.git#stable-4.18



 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.