[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH for-4.17] xen/arm: Support properly __ro_after_init on Arm


  • To: Julien Grall <julien@xxxxxxx>
  • From: Bertrand Marquis <Bertrand.Marquis@xxxxxxx>
  • Date: Thu, 18 Aug 2022 14:06:34 +0000
  • Accept-language: en-GB, en-US
  • Arc-authentication-results: i=2; mx.microsoft.com 1; spf=pass (sender ip is 63.35.35.123) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=arm.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com; arc=pass (0 oda=1 ltdi=1 spf=[1,1,smtp.mailfrom=arm.com] dkim=[1,1,header.d=arm.com] dmarc=[1,1,header.from=arm.com])
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
  • Arc-message-signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=kfEsx0CoCSYejg7wT6eqq9IcVm8OT4Q7U0D/wEJVpl0=; b=ixSM8MpAE+QJxUcx5IcX5mqWTRc2eNL3bT3cmnqBoLI6eQB0bl+7GIFImRw0jfduhMlucoFQA/+AJpgvHcqu27/8xqx8aV/bboEy/eB3SWcrm8Iuhwj9TLIugyLMmk+igbsZfwMW8r4yrpN9tFHxnZibm5XAPHoihyPUI2zQJrHvlX2DgYbzVd01WOL6HmpCU11ScCuT7EyCXol/JNHyHcc/0urO3iEE43XlZt3c3n9PuB63afgUCvS6oFZqJR1bFNC4FCZeB4u/6r/+gyFXdjK+Cw5TzkncaqM4DqGsIWJrnjFra7AUYu26MkFHDqgLRadNpnjsGsQQZ+CjO+jZJg==
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=kfEsx0CoCSYejg7wT6eqq9IcVm8OT4Q7U0D/wEJVpl0=; b=BQaVa2KDh+r/qqvwD3Uy6P/7c+oymrUFSVY+8XosgKFPJUkblNkZ/pk1HQLVQIcPc/hePUdpQT78ath7C/XU81c6kxazmIoVbVpPkWbSNhd94fxzf+xos6uLntDV9zi9/rRHBCzZb5dAsEe/HaWEHsiOA7jIo6v1efJ8XFZiI0W5rGp4YHeY76+vUdXYYyOriCBfB3vnhDXFrd2hWfZhxOoNSUAnlndjKSJ4ks4sAfCDdk5heveZdPTkX7CSmVdeiXzQSFixAcLINVHlhKCBJJyaOG/ra5d5zj9odNMKUVFGnLTfdmZeNn/H/0fNwCIBBFwE50fWerbyOFK/ZQijFg==
  • Arc-seal: i=2; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=pass; b=Q7ahKy0HgSuOxpk6uKABqsmLmqpA5f3saAM3jgbZ7Dfp2VQT6kZyActpr31eipVdbEKM3ieJpuGXgEUFlGLK606HwDbgDpWgI6Nl2RN7/kpQSjNvGuYhUWiB9r0uEaqNVQUs1BMZFKZQfcvFmnGQDgdbmBOvWt8B4oMRAdWae6nKXsYr54b0gpoJ8s7wsMgln26NSpsIS8sLCrxwY2GyQzAFbTctBeM1Xyji6EFo2s6bQEgUgbEEB3VLx+qjNQ05gM3Tc9J7hJAMqaw++c9t1ya55Rt3HEEbXGIiSrYWyajSvfE2dYhtnIraRblFBSDrL5ErUOk6UKj9C1XklrPS3w==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MvZgv0S+MuBbkV8/DDGxFZ7pweXRJtsDhi580sZp7oZevZ1btKzl6wtts1AY5dju04ztZRk9qClLPU1DG/nXWVfdxucDTfGL2C9IACw1Ga+v2SmscF71ePPq/63uwgrqwBVFXyYvNp8zMcRGzwV0FyWuuVDnTQydiGsKWaYexjh3PK16yHH22PTYyD9D15lkqmcpMgGk+stVQTkwVLBBOWYvcd8J7DuIWlRp3/nXf0cDcKpeyCQ4qabciCc9Ou31otVir8UPJYec8v/irM1t08nxKeQerEOga4GYafC1a1NnjuPmffXbiKGtPMVwCKbsmI8X8ZDgsn3g9nHPUCj5dg==
  • Authentication-results-original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
  • Cc: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Julien Grall <jgrall@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>
  • Delivery-date: Thu, 18 Aug 2022 14:06:49 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Nodisclaimer: true
  • Original-authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
  • Thread-index: AQHYsaJm36MHcf45GkO6ALJzQ7Il0a20tC0A
  • Thread-topic: [PATCH for-4.17] xen/arm: Support properly __ro_after_init on Arm

Hi Julien,

> On 16 Aug 2022, at 19:59, Julien Grall <julien@xxxxxxx> wrote:
> 
> From: Julien Grall <jgrall@xxxxxxxxxx>
> 
> __ro_after_init was introduced recently to prevent modifying
> some variables after init.
> 
> At the moment, on Arm, the variables will still be accessible
> because the region permission is not updated.
> 
> Address that, but moving the sections .data.ro_after_init

Typo here s/but/by/ and remove ,

> out of .data and then mark the region read-only once we finish
> to boot.

I would s/mark/map/

> 
> Signed-off-by: Julien Grall <jgrall@xxxxxxxxxx>
Reviewed-by: Bertrand Marquis <bertrand.marquis@xxxxxxx>

(Commit message can be fixed on commit)

Cheers
Bertrand

> 
> ---
> 
> This patch is targeting Xen 4.17. There are quite a few arm
> specific variables that could be switch to use __ro_after_init.
> 
> This is not addressed by the commit. We could consider to switch
> some of them for Xen 4.17. So the benefits for now is any common
> variables using __ro_after_init.
> ---
> xen/arch/arm/include/asm/setup.h |  2 ++
> xen/arch/arm/setup.c             | 14 ++++++++++++++
> xen/arch/arm/xen.lds.S           |  7 +++++++
> 3 files changed, 23 insertions(+)
> 
> diff --git a/xen/arch/arm/include/asm/setup.h 
> b/xen/arch/arm/include/asm/setup.h
> index 2bb01ecfa88f..5815ccf8c5cc 100644
> --- a/xen/arch/arm/include/asm/setup.h
> +++ b/xen/arch/arm/include/asm/setup.h
> @@ -137,6 +137,8 @@ u32 device_tree_get_u32(const void *fdt, int node,
> int map_range_to_domain(const struct dt_device_node *dev,
>                         u64 addr, u64 len, void *data);
> 
> +extern const char __ro_after_init_start[], __ro_after_init_end[];
> +
> #endif
> /*
>  * Local variables:
> diff --git a/xen/arch/arm/setup.c b/xen/arch/arm/setup.c
> index 500307edc08d..5bde321b9d07 100644
> --- a/xen/arch/arm/setup.c
> +++ b/xen/arch/arm/setup.c
> @@ -75,10 +75,24 @@ domid_t __read_mostly max_init_domid;
> 
> static __used void init_done(void)
> {
> +    int rc;
> +
>     /* Must be done past setting system_state. */
>     unregister_init_virtual_region();
> 
>     free_init_memory();
> +
> +    /*
> +     * We have finished to boot. Mark the section .data.ro_after_init
> +     * read-only.
> +     */
> +    rc = modify_xen_mappings((unsigned long)&__ro_after_init_start,
> +                             (unsigned long)&__ro_after_init_end,
> +                             PAGE_HYPERVISOR_RO);
> +    if ( rc )
> +        panic("Unable to mark the .data.ro_after_init section read-only (rc 
> = %d)\n",
> +              rc);
> +
>     startup_cpu_idle_loop();
> }
> 
> diff --git a/xen/arch/arm/xen.lds.S b/xen/arch/arm/xen.lds.S
> index 1e986e211f68..92c298405259 100644
> --- a/xen/arch/arm/xen.lds.S
> +++ b/xen/arch/arm/xen.lds.S
> @@ -83,6 +83,13 @@ SECTIONS
>   _erodata = .;                /* End of read-only data */
> 
>   . = ALIGN(PAGE_SIZE);
> +  .data.ro_after_init : {
> +      __ro_after_init_start = .;
> +      *(.data.ro_after_init)
> +      . = ALIGN(PAGE_SIZE);
> +      __ro_after_init_end = .;
> +  } : text
> +
>   .data.read_mostly : {
>        /* Exception table */
>        __start___ex_table = .;
> -- 
> 2.37.1
> 




 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.