Xen project Mailing List

Re: [PATCH] x86/PV32: fix physdev_op_compat handling

To: Jan Beulich <jbeulich@xxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>

From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Date: Fri, 8 Oct 2021 18:47:09 +0100

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=t0KdzliHc2dA5QvYlsgTDGIQ7D6YE/u6JPG8M3eblIo=; b=lUMvxcEzHWdrBndbVfTjWtIkcPS6RoKPJ07S7GynmQR4SQ2j21ZsDYePCWWJ9Z9dr5/7EkdTB4x/e+r+dLv2fMipugxK+NBjveCx5QtnAue6pjjPP2oFZcAyf4V9mabALo7SyK9xbaeS1Fegw001cWzlZhIVK2wyncnvF2+MPL49/QzdUsa1VljoTu1eQMXQ7ksIqA2ZdSb5J1etc3WyHjLr6b6y3LMyhFDgsIstj8MKSTLlznZpMUruI04yZ0iyLB/y6qmUjPAJ2iIHG/YedCGr2DB0dt7FZkW7yCNIYDtwU3SdqA/R2Kuy86dMCTDsp324FkxZ15UBybCkKzP0nw==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=L0xe2+8FZB/IHamOkW0wfb4U1E5cHOpU1NOqwMs6kyP6B/z6dR+CPYjj3rBoi+E3kVSDe0qAQiAKr1xqbwtbOU1uDSK899bcGo/YMepoIXMAt7cefGH7d+5rn/Yya1VriM18sytOyPLhB3NXSvp+77RTUlfR7zrK0m3dMJTJ5NbOjEzM2ncZjvz7mftMmCUmDfQ8i49H0T3Ucq5NBGuaYMg0HFiOCAMjl3ggCD4GyYDi1KxZZSMZmFtj45MlQ0eTFJMDee4pGLA9shGnIbbsD13svD8Z21+qn4p2lz3lFLuPOS/i3CUk3MUrD8vO+XZBt82lwCoUgaBbMVfo2WexVg==

Authentication-results: esa6.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com

Cc: Wei Liu <wl@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>

Delivery-date: Fri, 08 Oct 2021 17:47:43 +0000

Ironport-data: A9a23:VgmbX6+OcYD2bOUb+6rmDrUDZnmTJUtcMsCJ2f8bNWPcYEJGY0x3y WIcC2DUO6ncZWX2eNxwaI+z8hlXucfWyYAxTVc+/3w8E34SpcT7XtnIdU2Y0wF+jyHgoOCLy +1EN7Es+ehtFie0Si9AttENlFEkvU2ybuOU5NXsZ2YhGGeIdA970Ug6wrZh0tYy6TSEK1jlV e3a8pW31GCNg1aYAkpMg05UgEoy1BhakGpwUm0WPZinjneH/5UmJMt3yZWKB2n5WuFp8tuSH I4v+l0bElTxpH/BAvv9+lryn9ZjrrT6ZWBigVIOM0Sub4QrSoXfHc/XOdJFAXq7hQllkPhx2 chUh7moGT42P5+ds8MAdwkJL3lhaPguFL/veRBTsOSWxkzCNXDt3+9vHAc9OohwFuRfWD8Us 6ZCcXZUM07F17neLLGTE4GAguwKKsXxMZxZkXZn1TzDVt4tQIzZQrWM7thdtNs1rp0SQqyCP pVGAdZpRDiQakFxHG4zM4sjv8S6iCTebhlK8E3A8MLb5ECMlVcsgdABKuH9eNaHWMFUlUawv X/d8iLyBRRyHMySz3+J/2yhgsfLnDjnQ8QCGbug7PlojVaPgGsJB3U+Sl+TsfS/zEmkVLpix 1c8o3R06/JorQryE4e7D0bQTGO4UgA0W8tNCt8f8FG01avmsi2+G0wUHwIZd4lz3CMpfgAC2 liMltLvIDVgtryJVH6QnoupQSOO1Ts9dzFbOn5dJecRy5yz+Nhs0kKnosNLSvbdszHjJd3nL 9lmRgAQgK8PxeoCyqm251zOhz/ESnPhFVVuvlS/so5I9GpEiG+Zi26AtQazARVodt/xory9U J4swJP2AAcmV8HlqcB1aL9RdIxFHt7cWNEmvXZhHoM66xOm8GO5cIZb7VlWfRkyaZhfI2SxM BaL42u9AaO/2lPxNsebhKrrW6wXIVXIT4y5Bpg4kPIUCnSOSON31H43PhPBt4wcuEMtjbs+K f+mnTWEVh4n5VBc5GPuHY81iOZzrghnnD+7bc2rnnyPjOvFDFbIGOhtDbd7Rr1ghE9yiF6Oq Ig32grj40g3bdASlQGOqdRNcgtQcSRibX00wuQOHtO+zsNdMDhJI9fawK87epwjmKJQl+zS+ Wq6VFMew1367UAr4y3TMhiPsZvjAsRyq2wVJyspMQr60nQve9/3vqwea4E2bf8s8+k6lax4S PwMesOhBPVTS2uYp2RBPMel9IEyJg62gQ+uPja+ZGRtdZBXWAGUqMTveRHi9XdSA3Pv59c+u bCpyijSXYEHG1Z5FM/TZf/2lwGxsHERlfhcRUzNJtUPKkzg/JIzc376j+MtItFKIhLGn2PI2 wGTCBYehO/Mv45qr4WZ2fHa99+kSrIsEFBbEm/X6aeNGRPbpmfzk5VdVOuofCzGUD+m8quVe ugIner3N+cKnQgWvtMkQapr1683+/Dmu6ReklZ/BHzOYlmmVuFgL32B0ZUdv6FB3OYE6w6/W 0bJ8dhGI7SZfsjiFQdJdgYia+2C09ASmyXTsqtpcBmruncv8erVS1hWMjmNlDdZfel8P44Sy Os8vNIbtl6kgR0wP9fa1i1Z+gxg9JDbv3nLYn3CPLLWtw==

Ironport-hdrordr: A9a23:3M8m16A3AZuIpMvlHeglsceALOsnbusQ8zAXPh9KJyC9I/b2qy nxppgmPH/P6Ar4WBkb6LS90dq7MA3hHPlOkPYs1NaZLXXbUQ6TTb2KgrGSuAEIdxeOkNK1kJ 0QDpSWa+eAfmSS7/yKmDVQeuxIqLLsndHK9IWuvUuFDzsaDJ2Ihz0JejpzeXcGPTWua6BJca Z0qvA33QZJLh8sH7WG7zQ+Lqf+juyOsKijTQ8NBhYh5gXLpTS06ITiGxzd+hsFSTtAzZor7G CAymXCl+SemsD+7iWZ+37Y7pxQltek4txfBPaUgsxQDjn3kA6naKloRrXHljEop+OE7kosjb D30lkdFvU2z0mUUnC+oBPr1QWl+DEy60X6wVvdunfnqdyRfkNxN+NxwaZiNjfJ4Uspu99xlI hR2XiCipZRBRTc2Azg+tnhTXhR5wiJiEtntdRWo21UUIMYZrMUh5cY5llpHJAJGz+/wJw7Ed NpENrX6J9tABCnhkjizy1SKeGXLzMO9k/seDlFhiXV6UkXoJlB9Tpc+CRF9U1wra7USPF/lq /52+pT5elzpmJ/V9MKOA47e7rCNoX6e2OFDIujGyWTKEg5AQO7l3fW2sR52Aj4Qu1F8HMN8K 6xGW+w81RCIH7TNQ==

Ironport-sdr: sn36cWkJVwc8Vatuu2bFiiC6Bk6FSbpxRdG90zom02Tr4vm/RYmffrRkAzq8+qnS+rTYXegfoM Pzlex8Xcm8bHK1qIDAuEwP5oojyon9lf7rMTANi40eGaW3Ddf72q2zx4hQSmxy7CgoTMA0s+z+ MKxD9e+jW+rOst0sj2rZRAiXNsk+RZwYZzG0huwVT1azeZ3iL9vANlAbbBrk7vnXs+vQ4ktkuL c6qVsfcCV8aE8oM/laOXZNr4pBxCHkVEZsFbrvAadomklQ+JEK3/973W12bpektuCoONxXRp0c iFq2Iqif1rsKxG/fqD/DzYs3

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 08/10/2021 11:47, Jan Beulich wrote: > The conversion of the original code failed to recognize that the 32-bit > compat variant of this (sorry, two different meanings of "compat" here) > needs to continue to invoke the compat handler, not the native one. > Arrange for this and also remove the one #define that hasn't been > necessary anymore as of that change. > > Affected functions (having existed prior to the introduction of the new > hypercall) are PHYSDEVOP_set_iobitmap and PHYSDEVOP_apic_{read,write}. > For all others the operand struct layout doesn't differ. :-/ Neither of those ABI breakages would be subtle. But why didn't XTF notice? Edit: It appears as if my PHYSDEVOP_set_iobitmap tests never got completed. > > Fixes: 1252e2823117 ("x86/pv: Export pv_hypercall_table[] rather than working > around it in several ways") > Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> > --- > Additionally the XSA-344 fix causes guest register corruption afaict, > when EVTCHNOP_reset gets called through the compat function and needs a > continuation. While guests shouldn't invoke that function this way, I > think we would better have forced all pre-3.2-unavailable functions into > an error path, rather than forwarding them to the actual handler. I'm > not sure though how relevant we consider it to fix this (one way or > another). EVTCHNOP_reset{,_cont} are -ENOSYS'd in do_event_channel_op_compat() without being forwarded. I can't see a problem. But yes - we'd have problems if any pre-3.2-available functions needed to become continuable. We ought to consider dropping compatibility for guests that obsolete... > > --- a/xen/arch/x86/x86_64/compat.c > +++ b/xen/arch/x86/x86_64/compat.c > @@ -10,8 +10,8 @@ EMIT_FILE; > > #define physdev_op compat_physdev_op > #define physdev_op_t physdev_op_compat_t > -#define do_physdev_op compat_physdev_op This is still needed, technically. It impacts the typeof() expression: typeof(do_physdev_op) *fn = (void *)pv_hypercall_table[__HYPERVISOR_physdev_op].native; and the reason why everything compiles is because {do,compat}_physdev_op() have identical types. ~Andrew > #define do_physdev_op_compat(x) compat_physdev_op_compat(_##x) > +#define native compat > > #define COMPAT > #define _XEN_GUEST_HANDLE(t) XEN_GUEST_HANDLE(t) >

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.