Xen project Mailing List

Re: [PATCH v3] x86/CPUID: shrink max_{,sub}leaf fields according to actual leaf contents

From: Roger Pau Monné <roger.pau@xxxxxxxxxx>

Date: Mon, 19 Apr 2021 11:16:22 +0200

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6PLY0aKOfIuDgUiZ8ThRy7y/O7VBHTAieLUwYA6ba14=; b=oMgBGZW6wOQebqolBItz4K+3g/fnegTLDG5xPFyssjHy88ojov8SBCSkbtPrQGeCOidmloOW4RXiZyijdY0iRsAYWb8NGED+QVwk0/c97bGEp169fcrG8CTDYBZdrnClVyUR+CsfDu77Z1QZ6zdopevmpVrOCDHE2OjU6yIuu+40pNRfFw1Bp6qjYxUqQ7Y4ie/8pxFrua97FuZTaFxAF3og2Cu6ZKJrazpASgDivdAHMLQ/QWh9Vo7M0Sr4Jc51khyOYn5UPjpUv2TLc0z2HqQwW4SJy8eVvPLURJN+6QKhM3YCcDfHwLSpvihxDpO0ngul/6RW9YF06F0rFzkV7g==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RT18DcPMLPQFayN/O4ekb8HxsBXjvF7Zsa/4gDyE+gNcyJ4O4UkQSY3LNK2KtoOKh5Wp/yWfR4WMa48B3c/BI0zYPObOCraCPHQOTWTN9MgqItbx67gKkgq8FY2m9J1YfUdKGWK9MXW3ljIIfs3pJxmQr6wMM4XsCLHw5IugFpHEDlg2K62ZW3y04yQuEw58KViO5zNXRBEKwWsZtHhBF0nPS9w+3xobKftLvwQE28YuKJhTGMS2zH7yCB8aLYe0uls/YeQyw793mg8a04dvSQ5KF89hvgvvpPmbKVS3ly+bb8qy4f00l1p0cyQUCUk1hKOkdNeD/5rXAvzHs3E4cQ==

Authentication-results: esa3.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com

Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, "Andrew Cooper" <andrew.cooper3@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Paul Durrant <paul@xxxxxxx>

Delivery-date: Mon, 19 Apr 2021 09:16:35 +0000

Ironport-hdrordr: A9a23:a5htuqzOAU4gtFMvsWj4KrPx/uskLtp033Aq2lEZdDV8btGYm8 eynP4SyB/zj3IrVGs9nM2bUZPsfVr3//dOgbU5F7GkQQXgpS+UPJhvhLGSpwHINg/f0qpm1a lme7VjE9GYNzJHpOvz/QXQKbkd6fad9qTAv4nj5lNMaS0vVK169Qd+DW+gYyhLbS1LH4AwGp bZxucvnUvCRV0tYs62BmYIUoH4zrWmqLvcbQMbHBli0QGSjFqTg4LSKQSS3RsVTlp0sNUf2F XC+jaZ2oyT98uV5zWZ/G/V4pRQlrLau6Z+Lf3JsOc5AHHBjg6pYa5oRrGNuiskydvflGoCoZ 33jDoLe+h19nPNbkG5yCGdpDXI4XIVxFLJjX+enHf5rsTySFsBerR8rLMcSDT1wQ4EnrhHoc V29lPcjbV7J1f8uR64wN7yWxRjhiOP0AEfuN9WtVNze88jcrNLxLZvmn99IdM7Mw/RzpsoK+ VqBNG03octTXqqK0rUuWRi27WXLw0ONybDRkADv/qc2CRNkEZ4yFMFxNcekm1ozuNEd6V5

Ironport-sdr: MX7KVcCsGh5U0FRapQiRICjmg3Tc5tUhf3H7vHz6cKqE3h/s+0NlWr4HBFv6HzJKMggbtHddl5 wHfwzulkov3oQ2+rW27hn38DoOdQANw1z3QsdVi5mEM8Bcwh/xEBUPgYkKLmodRnAAOLw8D3pE NkJDTMDLr82dm2df76qgJPXLWyxkyhlHssk+0Xeub6O8xPi7qGDRTS8HL51EZ7nPDLuA4L1IeX dIa96SSEzNRh0rSHluehWWY285QUXIMwRoAjXinoHwVpE+KtEO7jzS7xmrPgUBroLHwQzio3Ru /Z4=

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Adding Paul also for the Viridian part. On Fri, Apr 16, 2021 at 03:16:41PM +0200, Jan Beulich wrote: > Zapping leaf data for out of range leaves is just one half of it: To > avoid guests (bogusly or worse) inferring information from mere leaf > presence, also shrink maximum indicators such that the respective > trailing entry is not all blank (unless of course it's the initial > subleaf of a leaf that's not the final one). > > This is also in preparation of bumping the maximum basic leaf we > support, to ensure guests not getting exposed related features won't > observe a change in behavior. > > Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> > --- > v3: Record the actual non-empty subleaf in p->basic.raw[0x7], rather > than subleaf 0. Re-base over Viridian leaf 40000005 addition. > v2: New. > > --- a/tools/tests/cpu-policy/test-cpu-policy.c > +++ b/tools/tests/cpu-policy/test-cpu-policy.c > @@ -8,10 +8,13 @@ > #include <err.h> > > #include <xen-tools/libs.h> > +#include <xen/asm/x86-defns.h> > #include <xen/asm/x86-vendors.h> > #include <xen/lib/x86/cpu-policy.h> > #include <xen/domctl.h> > > +#define XSTATE_FP_SSE (X86_XCR0_FP | X86_XCR0_SSE) > + > static unsigned int nr_failures; > #define fail(fmt, ...) \ > ({ \ > @@ -553,6 +556,103 @@ static void test_cpuid_out_of_range_clea > } > } > > +static void test_cpuid_maximum_leaf_shrinking(void) > +{ > + static const struct test { > + const char *name; > + struct cpuid_policy p; > + } tests[] = { > + { > + .name = "basic", > + .p = { > + /* Very basic information only. */ > + .basic.max_leaf = 1, > + .basic.raw_fms = 0xc2, > + }, > + }, > + { > + .name = "cache", > + .p = { > + /* Cache subleaves present. */ > + .basic.max_leaf = 4, > + .cache.subleaf[0].type = 1, On a private conversation with Andrew he raised the issue that the shrinking might be overly simplistic. For example if the x2APIC feature bit in leaf 1 is set then the max leaf should be at least 0xb in order to be able to fetch the x2APIC ID, even if it's 0. I also wonder if we are shrinking the leaves too much, for example we should always report up to 0x40000000 (or 0x40000100) plus the Xen leaves, as we never hide those and it's also documented in the public headers? Thanks, Roger.

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.