Xen project Mailing List

Re: [Xen-devel] [PATCH V1 1/2] x86/altp2m: Add hypercall to set a range of sve bits

To: George Dunlap <george.dunlap@xxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>

From: Alexandru Stefan ISAILA <aisaila@xxxxxxxxxxxxxxx>

Date: Tue, 5 Nov 2019 15:40:48 +0000

Accept-language: en-US

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=bitdefender.com; dmarc=pass action=none header.from=bitdefender.com; dkim=pass header.d=bitdefender.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=4Ipnvk6eo7wJDE6C8vXsPBewCDWtearPjoWScaUMwtQ=; b=jWsEDJEeUkGajXpTzyFAsgBDGSrpWHDSTSGoaQUdmnU64TFabdqoqJi+2sc63ycucYtA0Qr4LTf3SIWxe7JkCtq7Nz9vMP8rvyf/rk3gqtaYhTxYo8aukMa7gbCekk/4dj037AfklOmzizxHFl27yGf8DyQ2i901JHnu581uBbjlUbbumZIPFDUh/ejMTZxGzX/ZvcokQDQezUhZs35wH2gJf+0gtAC4uKXIRxBzIwDMIgxbuJyrc94kV9DVhTAgjXWRf8lPLJB6aFM1bef1DUFgIwxq7gFV8vMZ1Aajds19J3GJEbKftYZLrEFgDBzFMDk5Rs0+tFI5rjHkkuhiYQ==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mtH15xxwqaUgTjUgpKDtvDsVlj7evrUQ/+WeqmFOfPqgKVGaT18k4GF4PdKLC+vS08eEZo4ADJsL481ywB0bw/Kg6Ftkih4xKtvUGSSB005SbvKY6mgzCSDmg4OrK8Y5fUTBkN9AeOcd5mJlp8skjpHEAwcURH/3wGof0JAZTZ3HGkWVdV7JVzLhEtFw2mosegVT7d1SpLwvJm3PSb1vTeHYe90ORIdXi43INhE1UAOQfGe8fWcX1sstnw3jt/mR6IGnsZvSlbHO60tjVzz7mkkc8OSuAm59p9He7Q8fbUHOtb42vbf53ysAZMAN0G+QbbC4Hqnt7ypNmjarKStaqw==

Authentication-results: spf=none (sender IP is ) smtp.mailfrom=aisaila@xxxxxxxxxxxxxxx;

Cc: Petre Ovidiu PIRCALABU <ppircalabu@xxxxxxxxxxxxxxx>, "sstabellini@xxxxxxxxxx" <sstabellini@xxxxxxxxxx>, "julien@xxxxxxx" <julien@xxxxxxx>, Razvan COJOCARU <rcojocaru@xxxxxxxxxxxxxxx>, "wl@xxxxxxx" <wl@xxxxxxx>, "konrad.wilk@xxxxxxxxxx" <konrad.wilk@xxxxxxxxxx>, "George.Dunlap@xxxxxxxxxxxxx" <George.Dunlap@xxxxxxxxxxxxx>, "andrew.cooper3@xxxxxxxxxx" <andrew.cooper3@xxxxxxxxxx>, "ian.jackson@xxxxxxxxxxxxx" <ian.jackson@xxxxxxxxxxxxx>, "tamas@xxxxxxxxxxxxx" <tamas@xxxxxxxxxxxxx>, "jbeulich@xxxxxxxx" <jbeulich@xxxxxxxx>, "roger.pau@xxxxxxxxxx" <roger.pau@xxxxxxxxxx>

Delivery-date: Tue, 05 Nov 2019 15:41:17 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Thread-index: AQHVk9ao9wGZEUCF0UWADMZln2TA+qd8tdEAgAABSQA=

Thread-topic: [PATCH V1 1/2] x86/altp2m: Add hypercall to set a range of sve bits

>> >> +/* >> + * Set/clear the #VE suppress bit for multiple pages. Only available on >> VMX. >> + */ >> +long p2m_set_suppress_ve_multi(struct domain *d, uint32_t start, uint32_t >> nr, >> + bool suppress_ve, unsigned int altp2m_idx) >> +{ >> + struct p2m_domain *host_p2m = p2m_get_hostp2m(d); >> + struct p2m_domain *ap2m = NULL; >> + struct p2m_domain *p2m; >> + long rc = 0; >> + >> + if ( altp2m_idx > 0 ) >> + { >> + if ( altp2m_idx >= MAX_ALTP2M || >> + d->arch.altp2m_eptp[altp2m_idx] == mfn_x(INVALID_MFN) ) >> + return -EINVAL; >> + >> + p2m = ap2m = d->arch.altp2m_p2m[altp2m_idx]; >> + } >> + else >> + p2m = host_p2m; >> + >> + p2m_lock(host_p2m); >> + >> + if ( ap2m ) >> + p2m_lock(ap2m); >> + >> + >> + while ( start < nr ) >> + { >> + p2m_access_t a; >> + p2m_type_t t; >> + mfn_t mfn; >> + >> + rc = altp2m_get_effective_entry(p2m, _gfn(start), &mfn, &t, &a, >> AP2MGET_query); >> + >> + if ( rc ) >> + a = p2m->default_access; >> + >> + rc = p2m->set_entry(p2m, _gfn(start), mfn, PAGE_ORDER_4K, t, a, >> suppress_ve); >> + >> + /* Try best effort for setting the whole range. */ >> + if ( rc ) >> + continue; >> + >> + /* Check for continuation if it's not the last iteration. */ >> + if ( nr > ++start && hypercall_preempt_check() ) >> + { >> + rc = start; >> + break; >> + } > > What's the point of the "if ( rc ) continue;"? All it's doing is > preventing the loop from being preempted at that point; but there > doesn't seem to be a good reason for that. In fact, if an attacker > could engineer a situation where large swaths could fail, it could use > this to lock up the cpu for an unreasonable amount of time. Yes, that could be an issue. It will go in v2 > > Everything else looks OK to me. > If the changes requested by Tamas are also ok with you then I will have them all go in v2. Alex _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.