From 25668e883fee5098785b1492455468bfdbad58f7 Mon Sep 17 00:00:00 2001 From: Ed White Date: Wed, 1 Jul 2015 11:09:32 -0700 Subject: [PATCH] x86/altp2m: add control of suppress_ve. The existing ept_set_entry() and ept_get_entry() routines are extended to optionally set/get suppress_ve. Passing -1 will set suppress_ve on new p2m entries, or retain suppress_ve flag on existing entries. Signed-off-by: Ed White Signed-off-by: George Dunlap --- xen/arch/x86/mm/mem_sharing.c | 5 +++-- xen/arch/x86/mm/p2m-ept.c | 18 ++++++++++++---- xen/arch/x86/mm/p2m-pod.c | 12 +++++------ xen/arch/x86/mm/p2m-pt.c | 5 +++-- xen/arch/x86/mm/p2m.c | 50 ++++++++++++++++++++++--------------------- xen/include/asm-x86/p2m.h | 24 +++++++++++---------- 6 files changed, 65 insertions(+), 49 deletions(-) diff --git a/xen/arch/x86/mm/mem_sharing.c b/xen/arch/x86/mm/mem_sharing.c index 16e329e..5780a26 100644 --- a/xen/arch/x86/mm/mem_sharing.c +++ b/xen/arch/x86/mm/mem_sharing.c @@ -1257,10 +1257,11 @@ int relinquish_shared_pages(struct domain *d) p2m_type_t t; mfn_t mfn; int set_rc; + bool_t sve; if ( atomic_read(&d->shr_pages) == 0 ) break; - mfn = p2m->get_entry(p2m, gfn, &t, &a, 0, NULL); + mfn = p2m->get_entry(p2m, gfn, &t, &a, 0, NULL, &sve); if ( mfn_valid(mfn) && (t == p2m_ram_shared) ) { /* Does not fail with ENOMEM given the DESTROY flag */ @@ -1270,7 +1271,7 @@ int relinquish_shared_pages(struct domain *d) * unshare. Must succeed: we just read the old entry and * we hold the p2m lock. */ set_rc = p2m->set_entry(p2m, gfn, _mfn(0), PAGE_ORDER_4K, - p2m_invalid, p2m_access_rwx); + p2m_invalid, p2m_access_rwx, sve); ASSERT(set_rc == 0); count += 0x10; } diff --git a/xen/arch/x86/mm/p2m-ept.c b/xen/arch/x86/mm/p2m-ept.c index 15c010b..595bbe5 100644 --- a/xen/arch/x86/mm/p2m-ept.c +++ b/xen/arch/x86/mm/p2m-ept.c @@ -658,7 +658,8 @@ bool_t ept_handle_misconfig(uint64_t gpa) */ static int ept_set_entry(struct p2m_domain *p2m, unsigned long gfn, mfn_t mfn, - unsigned int order, p2m_type_t p2mt, p2m_access_t p2ma) + unsigned int order, p2m_type_t p2mt, p2m_access_t p2ma, + int sve) { ept_entry_t *table, *ept_entry = NULL; unsigned long gfn_remainder = gfn; @@ -804,7 +805,11 @@ ept_set_entry(struct p2m_domain *p2m, unsigned long gfn, mfn_t mfn, ept_p2m_type_to_flags(p2m, &new_entry, p2mt, p2ma); } - new_entry.suppress_ve = 1; + if ( sve != -1 ) + new_entry.suppress_ve = !!sve; + else + new_entry.suppress_ve = is_epte_valid(&old_entry) ? + old_entry.suppress_ve : 1; rc = atomic_write_ept_entry(ept_entry, new_entry, target); if ( unlikely(rc) ) @@ -851,8 +856,9 @@ out: /* Read ept p2m entries */ static mfn_t ept_get_entry(struct p2m_domain *p2m, - unsigned long gfn, p2m_type_t *t, p2m_access_t* a, - p2m_query_t q, unsigned int *page_order) + unsigned long gfn, p2m_type_t *t, p2m_access_t* a, + p2m_query_t q, unsigned int *page_order, + bool_t *sve) { ept_entry_t *table = map_domain_page(pagetable_get_pfn(p2m_get_pagetable(p2m))); unsigned long gfn_remainder = gfn; @@ -866,6 +872,8 @@ static mfn_t ept_get_entry(struct p2m_domain *p2m, *t = p2m_mmio_dm; *a = p2m_access_n; + if ( sve ) + *sve = 1; /* This pfn is higher than the highest the p2m map currently holds */ if ( gfn > p2m->max_mapped_pfn ) @@ -931,6 +939,8 @@ static mfn_t ept_get_entry(struct p2m_domain *p2m, else *t = ept_entry->sa_p2mt; *a = ept_entry->access; + if ( sve ) + *sve = ept_entry->suppress_ve; mfn = _mfn(ept_entry->mfn); if ( i ) diff --git a/xen/arch/x86/mm/p2m-pod.c b/xen/arch/x86/mm/p2m-pod.c index 0679f00..a2f6d02 100644 --- a/xen/arch/x86/mm/p2m-pod.c +++ b/xen/arch/x86/mm/p2m-pod.c @@ -536,7 +536,7 @@ recount: p2m_access_t a; p2m_type_t t; - (void)p2m->get_entry(p2m, gpfn + i, &t, &a, 0, NULL); + (void)p2m->get_entry(p2m, gpfn + i, &t, &a, 0, NULL, NULL); if ( t == p2m_populate_on_demand ) pod++; @@ -587,7 +587,7 @@ recount: p2m_type_t t; p2m_access_t a; - mfn = p2m->get_entry(p2m, gpfn + i, &t, &a, 0, NULL); + mfn = p2m->get_entry(p2m, gpfn + i, &t, &a, 0, NULL, NULL); if ( t == p2m_populate_on_demand ) { p2m_set_entry(p2m, gpfn + i, _mfn(INVALID_MFN), 0, p2m_invalid, @@ -676,7 +676,7 @@ p2m_pod_zero_check_superpage(struct p2m_domain *p2m, unsigned long gfn) for ( i=0; iget_entry(p2m, gfn + i, &type, &a, 0, NULL); + mfn = p2m->get_entry(p2m, gfn + i, &type, &a, 0, NULL, NULL); if ( i == 0 ) { @@ -808,7 +808,7 @@ p2m_pod_zero_check(struct p2m_domain *p2m, unsigned long *gfns, int count) for ( i=0; iget_entry(p2m, gfns[i], types + i, &a, 0, NULL); + mfns[i] = p2m->get_entry(p2m, gfns[i], types + i, &a, 0, NULL, NULL); /* If this is ram, and not a pagetable or from the xen heap, and probably not mapped elsewhere, map it; otherwise, skip. */ if ( p2m_is_ram(types[i]) @@ -947,7 +947,7 @@ p2m_pod_emergency_sweep(struct p2m_domain *p2m) for ( i=p2m->pod.reclaim_single; i > 0 ; i-- ) { p2m_access_t a; - (void)p2m->get_entry(p2m, i, &t, &a, 0, NULL); + (void)p2m->get_entry(p2m, i, &t, &a, 0, NULL, NULL); if ( p2m_is_ram(t) ) { gfns[j] = i; @@ -1135,7 +1135,7 @@ guest_physmap_mark_populate_on_demand(struct domain *d, unsigned long gfn, for ( i = 0; i < (1UL << order); i++ ) { p2m_access_t a; - omfn = p2m->get_entry(p2m, gfn + i, &ot, &a, 0, NULL); + omfn = p2m->get_entry(p2m, gfn + i, &ot, &a, 0, NULL, NULL); if ( p2m_is_ram(ot) ) { P2M_DEBUG("gfn_to_mfn returned type %d!\n", ot); diff --git a/xen/arch/x86/mm/p2m-pt.c b/xen/arch/x86/mm/p2m-pt.c index e50b6fa..37eef38 100644 --- a/xen/arch/x86/mm/p2m-pt.c +++ b/xen/arch/x86/mm/p2m-pt.c @@ -482,7 +482,8 @@ int p2m_pt_handle_deferred_changes(uint64_t gpa) /* Returns: 0 for success, -errno for failure */ static int p2m_pt_set_entry(struct p2m_domain *p2m, unsigned long gfn, mfn_t mfn, - unsigned int page_order, p2m_type_t p2mt, p2m_access_t p2ma) + unsigned int page_order, p2m_type_t p2mt, p2m_access_t p2ma, + int sve) { /* XXX -- this might be able to be faster iff current->domain == d */ void *table; @@ -689,7 +690,7 @@ static inline p2m_type_t recalc_type(bool_t recalc, p2m_type_t t, static mfn_t p2m_pt_get_entry(struct p2m_domain *p2m, unsigned long gfn, p2m_type_t *t, p2m_access_t *a, p2m_query_t q, - unsigned int *page_order) + unsigned int *page_order, bool_t *sve) { mfn_t mfn; paddr_t addr = ((paddr_t)gfn) << PAGE_SHIFT; diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c index 4360689..6e1a50c 100644 --- a/xen/arch/x86/mm/p2m.c +++ b/xen/arch/x86/mm/p2m.c @@ -342,7 +342,7 @@ mfn_t __get_gfn_type_access(struct p2m_domain *p2m, unsigned long gfn, /* Grab the lock here, don't release until put_gfn */ gfn_lock(p2m, gfn, 0); - mfn = p2m->get_entry(p2m, gfn, t, a, q, page_order); + mfn = p2m->get_entry(p2m, gfn, t, a, q, page_order, NULL); if ( (q & P2M_UNSHARE) && p2m_is_shared(*t) ) { @@ -351,7 +351,7 @@ mfn_t __get_gfn_type_access(struct p2m_domain *p2m, unsigned long gfn, * sleeping. */ if ( mem_sharing_unshare_page(p2m->domain, gfn, 0) < 0 ) (void)mem_sharing_notify_enomem(p2m->domain, gfn, 0); - mfn = p2m->get_entry(p2m, gfn, t, a, q, page_order); + mfn = p2m->get_entry(p2m, gfn, t, a, q, page_order, NULL); } if (unlikely((p2m_is_broken(*t)))) @@ -455,7 +455,7 @@ int p2m_set_entry(struct p2m_domain *p2m, unsigned long gfn, mfn_t mfn, else order = 0; - set_rc = p2m->set_entry(p2m, gfn, mfn, order, p2mt, p2ma); + set_rc = p2m->set_entry(p2m, gfn, mfn, order, p2mt, p2ma, -1); if ( set_rc ) rc = set_rc; @@ -619,7 +619,7 @@ p2m_remove_page(struct p2m_domain *p2m, unsigned long gfn, unsigned long mfn, { for ( i = 0; i < (1UL << page_order); i++ ) { - mfn_return = p2m->get_entry(p2m, gfn + i, &t, &a, 0, NULL); + mfn_return = p2m->get_entry(p2m, gfn + i, &t, &a, 0, NULL, NULL); if ( !p2m_is_grant(t) && !p2m_is_shared(t) && !p2m_is_foreign(t) ) set_gpfn_from_mfn(mfn+i, INVALID_M2P_ENTRY); ASSERT( !p2m_is_valid(t) || mfn + i == mfn_x(mfn_return) ); @@ -682,7 +682,7 @@ guest_physmap_add_entry(struct domain *d, unsigned long gfn, /* First, remove m->p mappings for existing p->m mappings */ for ( i = 0; i < (1UL << page_order); i++ ) { - omfn = p2m->get_entry(p2m, gfn + i, &ot, &a, 0, NULL); + omfn = p2m->get_entry(p2m, gfn + i, &ot, &a, 0, NULL, NULL); if ( p2m_is_shared(ot) ) { /* Do an unshare to cleanly take care of all corner @@ -706,7 +706,7 @@ guest_physmap_add_entry(struct domain *d, unsigned long gfn, (void)mem_sharing_notify_enomem(p2m->domain, gfn + i, 0); return rc; } - omfn = p2m->get_entry(p2m, gfn + i, &ot, &a, 0, NULL); + omfn = p2m->get_entry(p2m, gfn + i, &ot, &a, 0, NULL, NULL); ASSERT(!p2m_is_shared(ot)); } if ( p2m_is_grant(ot) || p2m_is_foreign(ot) ) @@ -754,7 +754,7 @@ guest_physmap_add_entry(struct domain *d, unsigned long gfn, * address */ P2M_DEBUG("aliased! mfn=%#lx, old gfn=%#lx, new gfn=%#lx\n", mfn + i, ogfn, gfn + i); - omfn = p2m->get_entry(p2m, ogfn, &ot, &a, 0, NULL); + omfn = p2m->get_entry(p2m, ogfn, &ot, &a, 0, NULL, NULL); if ( p2m_is_ram(ot) && !p2m_is_paged(ot) ) { ASSERT(mfn_valid(omfn)); @@ -821,7 +821,7 @@ int p2m_change_type_one(struct domain *d, unsigned long gfn, gfn_lock(p2m, gfn, 0); - mfn = p2m->get_entry(p2m, gfn, &pt, &a, 0, NULL); + mfn = p2m->get_entry(p2m, gfn, &pt, &a, 0, NULL, NULL); rc = likely(pt == ot) ? p2m_set_entry(p2m, gfn, mfn, PAGE_ORDER_4K, nt, p2m->default_access) @@ -905,7 +905,7 @@ static int set_typed_p2m_entry(struct domain *d, unsigned long gfn, mfn_t mfn, return -EIO; gfn_lock(p2m, gfn, 0); - omfn = p2m->get_entry(p2m, gfn, &ot, &a, 0, NULL); + omfn = p2m->get_entry(p2m, gfn, &ot, &a, 0, NULL, NULL); if ( p2m_is_grant(ot) || p2m_is_foreign(ot) ) { p2m_unlock(p2m); @@ -956,7 +956,7 @@ int clear_mmio_p2m_entry(struct domain *d, unsigned long gfn, mfn_t mfn) return -EIO; gfn_lock(p2m, gfn, 0); - actual_mfn = p2m->get_entry(p2m, gfn, &t, &a, 0, NULL); + actual_mfn = p2m->get_entry(p2m, gfn, &t, &a, 0, NULL, NULL); /* Do not use mfn_valid() here as it will usually fail for MMIO pages. */ if ( (INVALID_MFN == mfn_x(actual_mfn)) || (t != p2m_mmio_direct) ) @@ -992,7 +992,7 @@ int set_shared_p2m_entry(struct domain *d, unsigned long gfn, mfn_t mfn) return -EIO; gfn_lock(p2m, gfn, 0); - omfn = p2m->get_entry(p2m, gfn, &ot, &a, 0, NULL); + omfn = p2m->get_entry(p2m, gfn, &ot, &a, 0, NULL, NULL); /* At the moment we only allow p2m change if gfn has already been made * sharable first */ ASSERT(p2m_is_shared(ot)); @@ -1044,7 +1044,7 @@ int p2m_mem_paging_nominate(struct domain *d, unsigned long gfn) gfn_lock(p2m, gfn, 0); - mfn = p2m->get_entry(p2m, gfn, &p2mt, &a, 0, NULL); + mfn = p2m->get_entry(p2m, gfn, &p2mt, &a, 0, NULL, NULL); /* Check if mfn is valid */ if ( !mfn_valid(mfn) ) @@ -1106,7 +1106,7 @@ int p2m_mem_paging_evict(struct domain *d, unsigned long gfn) gfn_lock(p2m, gfn, 0); /* Get mfn */ - mfn = p2m->get_entry(p2m, gfn, &p2mt, &a, 0, NULL); + mfn = p2m->get_entry(p2m, gfn, &p2mt, &a, 0, NULL, NULL); if ( unlikely(!mfn_valid(mfn)) ) goto out; @@ -1238,7 +1238,7 @@ void p2m_mem_paging_populate(struct domain *d, unsigned long gfn) /* Fix p2m mapping */ gfn_lock(p2m, gfn, 0); - mfn = p2m->get_entry(p2m, gfn, &p2mt, &a, 0, NULL); + mfn = p2m->get_entry(p2m, gfn, &p2mt, &a, 0, NULL, NULL); /* Allow only nominated or evicted pages to enter page-in path */ if ( p2mt == p2m_ram_paging_out || p2mt == p2m_ram_paged ) { @@ -1300,7 +1300,7 @@ int p2m_mem_paging_prep(struct domain *d, unsigned long gfn, uint64_t buffer) gfn_lock(p2m, gfn, 0); - mfn = p2m->get_entry(p2m, gfn, &p2mt, &a, 0, NULL); + mfn = p2m->get_entry(p2m, gfn, &p2mt, &a, 0, NULL, NULL); ret = -ENOENT; /* Allow missing pages */ @@ -1388,7 +1388,7 @@ void p2m_mem_paging_resume(struct domain *d, vm_event_response_t *rsp) unsigned long gfn = rsp->u.mem_access.gfn; gfn_lock(p2m, gfn, 0); - mfn = p2m->get_entry(p2m, gfn, &p2mt, &a, 0, NULL); + mfn = p2m->get_entry(p2m, gfn, &p2mt, &a, 0, NULL, NULL); /* * Allow only pages which were prepared properly, or pages which * were nominated but not evicted. @@ -1528,16 +1528,17 @@ bool_t p2m_mem_access_check(paddr_t gpa, unsigned long gla, vm_event_request_t *req; int rc; unsigned long eip = guest_cpu_user_regs()->eip; + bool_t sve; /* First, handle rx2rw conversion automatically. * These calls to p2m->set_entry() must succeed: we have the gfn * locked and just did a successful get_entry(). */ gfn_lock(p2m, gfn, 0); - mfn = p2m->get_entry(p2m, gfn, &p2mt, &p2ma, 0, NULL); + mfn = p2m->get_entry(p2m, gfn, &p2mt, &p2ma, 0, NULL, &sve); if ( npfec.write_access && p2ma == p2m_access_rx2rw ) { - rc = p2m->set_entry(p2m, gfn, mfn, PAGE_ORDER_4K, p2mt, p2m_access_rw); + rc = p2m->set_entry(p2m, gfn, mfn, PAGE_ORDER_4K, p2mt, p2m_access_rw, sve); ASSERT(rc == 0); gfn_unlock(p2m, gfn, 0); return 1; @@ -1546,7 +1547,7 @@ bool_t p2m_mem_access_check(paddr_t gpa, unsigned long gla, { ASSERT(npfec.write_access || npfec.read_access || npfec.insn_fetch); rc = p2m->set_entry(p2m, gfn, mfn, PAGE_ORDER_4K, - p2mt, p2m_access_rwx); + p2mt, p2m_access_rwx, -1); ASSERT(rc == 0); } gfn_unlock(p2m, gfn, 0); @@ -1566,14 +1567,14 @@ bool_t p2m_mem_access_check(paddr_t gpa, unsigned long gla, else { gfn_lock(p2m, gfn, 0); - mfn = p2m->get_entry(p2m, gfn, &p2mt, &p2ma, 0, NULL); + mfn = p2m->get_entry(p2m, gfn, &p2mt, &p2ma, 0, NULL, &sve); if ( p2ma != p2m_access_n2rwx ) { /* A listener is not required, so clear the access * restrictions. This set must succeed: we have the * gfn locked and just did a successful get_entry(). */ rc = p2m->set_entry(p2m, gfn, mfn, PAGE_ORDER_4K, - p2mt, p2m_access_rwx); + p2mt, p2m_access_rwx, sve); ASSERT(rc == 0); } gfn_unlock(p2m, gfn, 0); @@ -1652,6 +1653,7 @@ long p2m_set_mem_access(struct domain *d, unsigned long pfn, uint32_t nr, { struct p2m_domain *p2m = p2m_get_hostp2m(d); p2m_access_t a, _a; + bool_t sve; p2m_type_t t; mfn_t mfn; long rc = 0; @@ -1693,8 +1695,8 @@ long p2m_set_mem_access(struct domain *d, unsigned long pfn, uint32_t nr, p2m_lock(p2m); for ( pfn += start; nr > start; ++pfn ) { - mfn = p2m->get_entry(p2m, pfn, &t, &_a, 0, NULL); - rc = p2m->set_entry(p2m, pfn, mfn, PAGE_ORDER_4K, t, a); + mfn = p2m->get_entry(p2m, pfn, &t, &_a, 0, NULL, &sve); + rc = p2m->set_entry(p2m, pfn, mfn, PAGE_ORDER_4K, t, a, sve); if ( rc ) break; @@ -1742,7 +1744,7 @@ int p2m_get_mem_access(struct domain *d, unsigned long pfn, } gfn_lock(p2m, gfn, 0); - mfn = p2m->get_entry(p2m, pfn, &t, &a, 0, NULL); + mfn = p2m->get_entry(p2m, pfn, &t, &a, 0, NULL, NULL); gfn_unlock(p2m, gfn, 0); if ( mfn_x(mfn) == INVALID_MFN ) diff --git a/xen/include/asm-x86/p2m.h b/xen/include/asm-x86/p2m.h index 079a298..0a172e0 100644 --- a/xen/include/asm-x86/p2m.h +++ b/xen/include/asm-x86/p2m.h @@ -226,17 +226,19 @@ struct p2m_domain { /* Pages used to construct the p2m */ struct page_list_head pages; - int (*set_entry )(struct p2m_domain *p2m, - unsigned long gfn, - mfn_t mfn, unsigned int page_order, - p2m_type_t p2mt, - p2m_access_t p2ma); - mfn_t (*get_entry )(struct p2m_domain *p2m, - unsigned long gfn, - p2m_type_t *p2mt, - p2m_access_t *p2ma, - p2m_query_t q, - unsigned int *page_order); + int (*set_entry)(struct p2m_domain *p2m, + unsigned long gfn, + mfn_t mfn, unsigned int page_order, + p2m_type_t p2mt, + p2m_access_t p2ma, + int sve); + mfn_t (*get_entry)(struct p2m_domain *p2m, + unsigned long gfn, + p2m_type_t *p2mt, + p2m_access_t *p2ma, + p2m_query_t q, + unsigned int *page_order, + bool_t *sve); void (*enable_hardware_log_dirty)(struct p2m_domain *p2m); void (*disable_hardware_log_dirty)(struct p2m_domain *p2m); void (*flush_hardware_cached_dirty)(struct p2m_domain *p2m); -- 1.9.1