Xen project Mailing List

[PATCH v2 15/21] libs/guest: obtain a compatible cpu policy from two input ones

From: Roger Pau Monne <roger.pau@xxxxxxxxxx>

Date: Tue, 13 Apr 2021 16:01:33 +0200

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Dc+lsGkoLxXeZ9V8GLxDMIl6AZXl0djGMA3EPzv8W5U=; b=aXrjwAYxCXP8eATPEZNKVBZykfxtVTaeZW9mbzlElmpoX8YKrQKILNF6d00/nepdgSCoE4Beye1kmn0IxGMDPSrpvZWEOXgsi3JgAJkV9xRi++c1Py63/R5w83d9gWYSCzBRglvEQld+GHBtR+cZ0sBwnNPahge0XV3gwbDBfO6sTiHlyM6ssrULKhHq6+JaCM1tF424QQ4N6iZpinQ0F/UXaY9tzinC+61O8QfDe3hDN6h5pTPacFFl2/FSs3spP5FSMHpDpKk2RqmRHT4ReV43lCR8GEgxwPq3Q9uX4mR1AXFCakQu3pLpmCZhDiS/2c7mC4C1MwRlt/QrYK0NGA==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=eo2nELJLnbLtqD6I6ancgn3nd7+YlTZZVTaddpd9oxnERrmbPHy0ExxA/HImm8Csz3rwtzzi2lHHHDzHVn6MB+JdDOqylm5ioR/7J4O8++Lb6CiKgzG4mwyZmoM2Ou+mC+ga1VY5EgQYHHT/YiuZp0xgWWdQH5b/VgAroQErdN9maZ1XIs4WYKKVDpCYQSd9TLv3I0w46hh+h/0lFwEu6I+ZccWrpoNTHd3HGbopdoPEkv/3bnuKcKVcuJjWpQGbwMmseqSicMFQm/bFA6OKe3wIXtDKc/0c64uIfN2X17eRtMAfXruAvzrHWQBA8fyarOb5B6L3VCJYvdS6HnODeQ==

Authentication-results: esa6.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com

Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Roger Pau Monne <roger.pau@xxxxxxxxxx>, Ian Jackson <iwj@xxxxxxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>

Delivery-date: Tue, 13 Apr 2021 14:03:26 +0000

Ironport-hdrordr: A9a23:mdrh16o70XB3PVlHx5JIu4AaV5uuKtV00zAX/kB9WHVpW+SivY SHgOkb2RjoiDwYRXEnnpS6NLOdRG7HnKQb3aA4Bp3neAX9omOnIMVZ7YXkyyD9ACGWzIJg/I 9aWexFBNX0ZGIWse/T/BS4H9E8wNOO7aCvgqPkw21wSBxxApsA0y5SIG+gYylLbSNBAoc0E4 fZ29FOoCCudW9SQsOwAHQEWOarnay2qLvNZxkaCxk7rDSflD/A0s+GLzG0/Dc7FwlOz7Ar7H Tfn2XCiJmLnvmnxnbnpgnuxrtMnt+J8KogOOWtjYwvJizomkKUYu1aKsa/lRQUhM3q11owit nLpH4bTrROwlfcZHu8rxeo+ySI6kdW11bYxVWVgWTurKXCLVpQYaox5vMqTjLj50Utp9162q 5QtljpzaZ/Nh/cgD/7o+HBShACrDvEnVMZjeURg3ZDOLFuD4N5kIp3xjIxLL4wWAj+6IwhDd B0CtDd6Pt8YTqhHg7kl1gq79q2UnspGBCaBmAEp8yOyjBT2Et01k0C2aUk7zs93aN4b6MBy/ XPM6xumr0LZsgKbZhlDONEZcesEGTCTT/FLWr6GyWpKIg3f1b277Ln6rQ84++nPLYSyoEppZ jHWFRE8UYvZkPHE6S1rd122yGIZF/4cSXmy8lY6ZQ8kKb7XqDXPSqKT01ru9e8os8YHtbQV5 +ISdNrKs6mCVGrNZdC3gX4VZUXA2IZStcpttEyXE/LjdnMLqHsq+zHYNfeLLfgCl8fKyHCK0 pGeAK2CNRL70itVHO9qgPWQWnRdkv2+o81MKWyxZlX9KE9cql39iQFg1Ww4c+GbRdYtLYtQU d4KLT71oeypWy8+3f0/3xkUyAtSnp90fHFaTdntAUKO0T7ffIooNOEY11f23OBO1tZQ97JFh Vc43B647i+IZDV5S1KMaPoDkuqy18o4F6aRZYVnaOOoe3/fIkjM5ogUKttUSPRFxJ0ng5ugH xZaBANQ3LeEj+Gs9TnsLUkQMXkM/VsigaiJsBZ7VjFs1+HmM0pTnwHGwK1XdWvmgYoTTpMjl hX+6sS6YDw3gqHGC8auqAVIVdMYGOYDPZjAB6ebItZoLztZTp9VHyHnzCclhE1dFf77kl6vB 2TEQSkPdXwRnZNsHFR1ajntGl5cWiQZGpcQHF3u48VLxWMhl9DlcuwIoaj2WqYbVUPhtwHOD beeD0IP0dF3NasziOYnz6ECFQrzpgjJfbmEbwmar3fs0ndbrGgpOUjJbt57ZxlPNfhvqs3Su qZYRaSNy69JOUz2QCZz0xVThVcmT0Bq7fP1xLk5mTjgyJ6LvrWPVh8R7YUZ/ub9HPpQv6U0J N/yfI51NHARlnZW5qj8+XwaTUGFzb45UiRZMssoYpPva0zuKBodqOrGQfg5TVi5lEGMMzwlE kiW6x177DKB593c6UpCldk12tssO7KEVAivQP3CNIvZF0Bj3fUONWS/rrDwIBfdXGplU/VMV mb/zY1xYa8YwKzkZobAbk3O2JYdQwV72lj5vqLc+TreU+XXtAG2FqxKXmmdrBBDICDBLULtx 5/p/WFhfWeeSa9+Afeu1JAU+9z2lfiZcO5GwSXH+FUt/S8JFSXm6OvpPeJsw2fc0rzV20owa tfdUIRacxfij4tyK0PuxLCNZDfkwYCiFtR4TZui1j3/JOpiV2rRH17DQ==

Ironport-sdr: ReybT6KogXa0ELTILVm6G9a/Bu3uI0d3wWk4nXoA8A2cATtw0F9x3mOa/1VsVKZhl/gBI73nty 8HoGnVC/MZDz5vZ4IiviSZ87My8OcMveOk7G217r/9ToWVkjRYKnN9K6DIfpFYD/j1gNVPHe9Z 8jgH7gx6op+vAQ+vwf30NXc9+pq4IHAzNB74PUoH2atceXRWpCEh9Zk6qt4ulssXyk+j503UjK kJgixf5l3Jc8l1kI+b1JaAdA5T/R99l+5lHlZmKc9QMqWgMF8FKN+irXTQN6dw1iOtHxPcc4me oCw=

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Introduce a helper to obtain a compatible cpu policy based on two input cpu policies. Currently this is done by and'ing all CPUID leaves and MSR entries, except for MSR_ARCH_CAPABILITIES which has the RSBA bit or'ed. The _AC macro is pulled from libxl_internal.h into xen-tools/libs.h since it's required in order to use the msr-index.h header. Note there's no need to place this helper in libx86, since the calculation of a compatible policy shouldn't be done from the hypervisor. No callers of the interface introduced. Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx> --- Changes since v1: - Only AND the feature parts of cpuid. - Use a binary search to find the matching leaves and msr entries. - Remove default case from MSR level function. --- tools/include/xen-tools/libs.h | 5 ++ tools/include/xenctrl.h | 4 + tools/libs/guest/xg_cpuid_x86.c | 128 ++++++++++++++++++++++++++++++ tools/libs/light/libxl_internal.h | 2 - 4 files changed, 137 insertions(+), 2 deletions(-) diff --git a/tools/include/xen-tools/libs.h b/tools/include/xen-tools/libs.h index a16e0c38070..b9e89f9a711 100644 --- a/tools/include/xen-tools/libs.h +++ b/tools/include/xen-tools/libs.h @@ -63,4 +63,9 @@ #define ROUNDUP(_x,_w) (((unsigned long)(_x)+(1UL<<(_w))-1) & ~((1UL<<(_w))-1)) #endif +#ifndef _AC +#define __AC(X,Y) (X##Y) +#define _AC(X,Y) __AC(X,Y) +#endif + #endif /* __XEN_TOOLS_LIBS__ */ diff --git a/tools/include/xenctrl.h b/tools/include/xenctrl.h index 5f699c09509..c41d794683c 100644 --- a/tools/include/xenctrl.h +++ b/tools/include/xenctrl.h @@ -2622,6 +2622,10 @@ int xc_cpu_policy_update_msrs(xc_interface *xch, xc_cpu_policy_t policy, /* Compatibility calculations. */ bool xc_cpu_policy_is_compatible(xc_interface *xch, const xc_cpu_policy_t host, const xc_cpu_policy_t guest); +int xc_cpu_policy_calc_compatible(xc_interface *xch, + const xc_cpu_policy_t p1, + const xc_cpu_policy_t p2, + xc_cpu_policy_t out); int xc_get_cpu_levelling_caps(xc_interface *xch, uint32_t *caps); int xc_get_cpu_featureset(xc_interface *xch, uint32_t index, diff --git a/tools/libs/guest/xg_cpuid_x86.c b/tools/libs/guest/xg_cpuid_x86.c index bd2f31dd87f..6cfa4cb39d1 100644 --- a/tools/libs/guest/xg_cpuid_x86.c +++ b/tools/libs/guest/xg_cpuid_x86.c @@ -32,6 +32,7 @@ enum { #include <xen/arch-x86/cpufeatureset.h> }; +#include <xen/asm/msr-index.h> #include <xen/asm/x86-vendors.h> #include <xen/lib/x86/cpu-policy.h> @@ -944,3 +945,130 @@ bool xc_cpu_policy_is_compatible(xc_interface *xch, const xc_cpu_policy_t host, return false; } + +static uint64_t level_msr(unsigned int index, uint64_t val1, uint64_t val2) +{ + uint64_t val = val1 & val2;; + + switch ( index ) + { + case MSR_ARCH_CAPABILITIES: + /* + * Set RSBA if present on any of the input values to notice the guest + * might run on vulnerable hardware at some point. + */ + val |= (val1 | val2) & ARCH_CAPS_RSBA; + break; + } + + return val; +} + +static bool level_leaf(xen_cpuid_leaf_t *l1, xen_cpuid_leaf_t *l2, + xen_cpuid_leaf_t *out) +{ + *out = (xen_cpuid_leaf_t){ }; + + switch ( l1->leaf ) + { + case 0x1: + case 0x80000001: + out->c = l1->c & l2->c; + out->d = l1->d & l2->d; + return true; + + case 0xd: + if ( l1->subleaf != 1 ) + break; + out->a = l1->a & l2->a; + return true; + + case 0x7: + switch ( l1->subleaf ) + { + case 0: + out->b = l1->b & l2->b; + out->c = l1->c & l2->c; + out->d = l1->d & l2->d; + return true; + + case 1: + out->a = l1->a & l2->a; + return true; + } + break; + + case 0x80000007: + out->d = l1->d & l2->d; + return true; + + case 0x80000008: + out->b = l1->b & l2->b; + return true; + } + + return false; +} + +int xc_cpu_policy_calc_compatible(xc_interface *xch, + const xc_cpu_policy_t p1, + const xc_cpu_policy_t p2, + xc_cpu_policy_t out) +{ + unsigned int nr_leaves, nr_msrs, i, index; + unsigned int p1_nr_leaves, p2_nr_leaves; + unsigned int p1_nr_entries, p2_nr_entries; + int rc; + + p1_nr_leaves = p2_nr_leaves = ARRAY_SIZE(p1->leaves); + p1_nr_entries = p2_nr_entries = ARRAY_SIZE(p1->entries); + + rc = xc_cpu_policy_serialise(xch, p1, p1->leaves, &p1_nr_leaves, + p1->entries, &p1_nr_entries); + if ( rc ) + return rc; + rc = xc_cpu_policy_serialise(xch, p2, p2->leaves, &p2_nr_leaves, + p2->entries, &p2_nr_entries); + if ( rc ) + return rc; + + index = 0; + for ( i = 0; i < p1_nr_leaves; i++ ) + { + xen_cpuid_leaf_t *l1 = &p1->leaves[i]; + xen_cpuid_leaf_t *l2 = find_leaf(p2->leaves, p2_nr_leaves, + l1->leaf, l1->subleaf); + + if ( l2 && level_leaf(&out->leaves[index], l1, l2) ) + { + out->leaves[index].leaf = l1->leaf; + out->leaves[index].subleaf = l1->subleaf; + index++; + } + } + nr_leaves = index; + + index = 0; + for ( i = 0; i < p1_nr_entries; i++ ) + { + xen_msr_entry_t *l1 = &p1->entries[i]; + xen_msr_entry_t *l2 = find_entry(p2->entries, p2_nr_entries, l1->idx); + + if ( !l2 ) + continue; + + out->entries[index].idx = l1->idx; + out->entries[index].val = level_msr(l1->idx, l1->val, l2->val); + index++; + } + nr_msrs = index; + + rc = deserialize_policy(xch, out, nr_leaves, nr_msrs); + if ( rc ) + { + errno = -rc; + rc = -1; + } + + return rc; +} diff --git a/tools/libs/light/libxl_internal.h b/tools/libs/light/libxl_internal.h index 44a2f3c8fe3..5709bcb93fa 100644 --- a/tools/libs/light/libxl_internal.h +++ b/tools/libs/light/libxl_internal.h @@ -126,8 +126,6 @@ #define PVSHIM_CMDLINE "pv-shim console=xen,pv" /* Size macros. */ -#define __AC(X,Y) (X##Y) -#define _AC(X,Y) __AC(X,Y) #define MB(_mb) (_AC(_mb, ULL) << 20) #define GB(_gb) (_AC(_gb, ULL) << 30) -- 2.30.1

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.