[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 3/4] xen/arm, libxl: Revert XEN_DOMCTL_shadow_op; use p2m mempool hypercalls
- To: Jan Beulich <jbeulich@xxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>
- From: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>
- Date: Wed, 16 Nov 2022 23:41:37 +0000
- Accept-language: en-GB, en-US
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=5L0eP4LUzgRdHGLpOYPVmIL/y/XtitB74DVmbauyVJY=; b=JQ4I2pDVdjs4NrKkV++RsYXGYEYItpmZvnaiYyBYtAmpNf3EZ1YYTwSKEFVORrkVkGiwmTynyyv2+QGgDRiWuwUcchJvIeVYS7BngJ75lBHXcCYL0NSfdfdFfGwtyOeFHZMxl9wPK/uuKUhX0d8qY+0N7sBaKYub1H4KR+9n+I7GZQBau3N/PAzbx5/QNoY7TiUUA3vAJR6iapav8wtJXoJXFcSZThMo+T8Nee5lTpDP+i8k1P1IbZzvBQHBQsiYOah7PY2d/duaPyeXpGbA/UoH5EIzR3qEc4iCIIJAoZQTSIh5aopYCOeuIwXMB6w4J4QKphHOBDp9BR2nl6M0YA==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ggy0hrotj9r1ugSuoC7iOsrrekO7zEb3l4dHVO1iDFNj2wnCt+XhazkOuarNatMgIOQJOA9fPkeQBb2SvM981q6BpvOWJ6ofKli2b9kzl9P+jhrbcMOazf3y/xw2WCV48UA30ZUHX6OKyLAiqp1PSkzHTeIb6OPPLyjJwkIv8LMgScd/Xfm1fqYI9eazoaOiN5QTqtJDQpty/FK8Z5Gv+EOigu3ccBrspxLyq5EGo9u1wr8WmCe6vjh/zXuRCb2J8OZn5wozrygVEm6d9aIzP0lOFLBP5aUZl6dSXyNmCfLA7kNiVQsrj6ngz4F8hN8F/qP7OxVY38w3jQshl2g8EA==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
- Cc: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Xen Security Team <security@xxxxxxx>, Roger Pau Monne <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Julien Grall <julien@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Henry Wang <Henry.Wang@xxxxxxx>, Anthony Perard <anthony.perard@xxxxxxxxxx>
- Delivery-date: Wed, 16 Nov 2022 23:42:06 +0000
- Ironport-data: A9a23:WKSknakY1tJpzwsquXvB+4Ho5gwvJ0RdPkR7XQ2eYbSJt1+Wr1Gzt xIXUWqAbq2Ca2GjL4t3YYnk8B4CuMDQnYJkGgM/qSpkESMWpZLJC+rCIxarNUt+DCFhoGFPt JxCN4aafKjYaleG+39B55C49SEUOZmgH+a6U6icf3grHmeIcQ954Tp7gek1n4V0ttawBgKJq LvartbWfVSowFaYCEpNg064gE4p7aqaVA8w5ARkP6kS5QGGzBH5MbpETU2PByqgKmVrNrbSq 9brlNmR4m7f9hExPdKp+p6TnpoiG+O60aCm0xK6aoD66vRwjnVaPpUTbZLwXXx/mTSR9+2d/ f0W3XCGpaXFCYWX8AgVe0Ew/yiTpsSq8pefSZS0mZT7I0Er7xIAahihZa07FdRwxwp5PY1B3 foHCyIOfx6Tvbrs346hadBpm8QcPfC+aevzulk4pd3YJdAPZMmaBonvu5pf1jp2gd1SF/HDY cZfcSBocBnLfxxIPBEQFY46m+CrwHL4dlW0qnrM/fZxvzeVkVM3ieexWDbWUoXiqcF9t0CUv G/ZuU/+BQkXLoe3wjuZ6HO8wOTImEsXXapCSOXkp6Uw2DV/wEQ/NS0SBGWDhMWhoXThUNZhd G4ZyzUh+P1aGEuDC4OVsweDiHyOswMYWtFQO/Yn8wzLwa3Riy6CHXQNRDNFbN0gtec1SCYs2 1vPmMnmbRR/vbvQRX+D+7O8qTKpJTNTPWIEfTUDTwYO/5/kuo5bpgnCRct5EbKkps34H3f32 T/ihDc6r6Uei4gMzarT1VLahzOhoLDZQwhz4R/YNkqb6Qd+aJ+gdpafw1HR5vZdL66UVlCE+ nMDnqC25u0UEYuEkiDLRewXBayo/N6MKjiaillqd7EB+jK36jicdIZfyDhkIQFiNcNsRNPyS ErauAcU6JoNOnKvNPZze9joVJhsyrX8H9P4UPySdsBJfpV6aA6A+mdpeFKU2Gfu1kMrlMnTJ KumTCplNl5CYYwP8dZ8b751PWMDrszm+V7ueA==
- Ironport-hdrordr: A9a23:x5toxqtaWqNsNufEo2AeSDTN7skCXoAji2hC6mlwRA09TyXGra 2TdaUgvyMc1gx7ZJh5o6H6BEGBKUmslqKceeEqTPqftXrdyRGVxeZZnMffKlzbamfDH4tmuZ uIHJIOb+EYYWIasS++2njBLz9C+qjJzEnLv5a5854Fd2gDBM9dBkVCe3+m+yZNNWt77O8CZf 6hD7181l+dkBosDviTNz0gZazuttfLnJXpbVovAAMm0hCHiXeF+aP3CB+R2zYZSndqza05+W bIvgTl7uH72svLiyP05iv21dB7idHhwtxMCIiljdUUECzljkKFdZlsQLqLuREyuaWK5EwxmN fBjh88N4BY6m/XfEuyvRzxsjOQngoG2jvH8xu1kHHjqcv2SHYREMxan79UdRPf9g4JoMx8+L gj5RPbi7NnSTf72Ajt7dnBUB9n0mCup2A5rOIVh3tDFaMDdb5qq5AF9k89KuZDIMu60vFjLA BdNrCa2B9kSyLdU5kfhBg3/DWYZAV2Iv5BeDlbhiXa6UkMoJkz9Tpk+CVWpAZ9yHt6cegF2w 2MCNUXqFkFJPVmEp5VFaMPR9C6BXfKRg+JOGWOIU7/HKVCIH7VrYXriY9Frd1CVaZ4u6faoq 6xJm9wpCo3YQbjGMeO1JpE/lTER3i8Ry3kzoVb64JisrPxSbL3OWnbIWpe2PeIsrEaGInWSv yzMJVZD7vqKnbvA59A20n7V4NJIXcTXcUJspIwWk6IoMjMNor239arOMr7Nf7oC3IpS2n/Cn wMUHz6I9hB9FmiXjvijB3YSxrWCzjCFFJLYd3nFsQoufsw39d3w3koYHyCl7G2ACwHtLAqd0 1jJ76imr+npACNjBT101k=
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
- Thread-index: AQHY6SSlXP4isouqyE+BbtcNRl5Xnq5A5cGAgAAC9ICAAANygIAAbOuAgAD+lIA=
- Thread-topic: [PATCH 3/4] xen/arm, libxl: Revert XEN_DOMCTL_shadow_op; use p2m mempool hypercalls
On 16/11/2022 08:30, Jan Beulich wrote:
> On 16.11.2022 03:00, Stefano Stabellini wrote:
>> On Wed, 16 Nov 2022, Andrew Cooper wrote:
>>> On 16/11/2022 01:37, Stefano Stabellini wrote:
>>>> On Wed, 26 Oct 2022, Andrew Cooper wrote:
>>>>> This reverts most of commit cf2a68d2ffbc3ce95e01449d46180bddb10d24a0, and
>>>>> bits
>>>>> of cbea5a1149ca7fd4b7cdbfa3ec2e4f109b601ff7.
>>>>>
>>>>> First of all, with ARM borrowing x86's implementation, the logic to set
>>>>> the
>>>>> pool size should have been common, not duplicated. Introduce
>>>>> libxl__domain_set_p2m_pool_size() as a shared implementation, and use it
>>>>> from
>>>>> the ARM and x86 paths. It is left as an exercise to the reader to judge
>>>>> how
>>>>> libxl/xl can reasonably function without the ability to query the pool
>>>>> size...
>>>>>
>>>>> Remove ARM's p2m_domctl() infrastructure now the functioanlity has been
>>>>> replaced with a working and unit tested interface.
>>>>>
>>>>> This is part of XSA-409 / CVE-2022-33747.
>>>> Genuine question: I can see this patch removes the implementation of
>>>> XEN_DOMCTL_SHADOW_OP_SET_ALLOCATION on ARM. It also switches libxl (both
>>>> ARM and x86) to the new hypercall.
>>>>
>>>> Why keep the old hypercall (XEN_DOMCTL_shadow_op and
>>>> XEN_DOMCTL_SHADOW_OP_SET_ALLOCATION) implementation on x86 (not on ARM)?
>>>>
>>>> Is that because it was only recently implemented? And not actually
>>>> present in any past Xen release?
>>>>
>>>> If so, please add a note about this in the commit message. Also, if that
>>>> is the case, I think this patch series should go in 4.17. If it is too
>>>> late to get it in before the release, then we should backport it to 4.17
>>>> as soon as possible. That's because ideally we want to keep the
>>>> hypercall interface changes down to a minimum.
>>> On ARM, the hypercall has existed for a little over 4 weeks, and isn't
>>> in any released version of Xen (yet).
>>>
>>> On x86, the hypercall has existed for more than a decade, and has known
>>> out-of-tree users. It needs to be deprecated properly, which in this
>>> case means "phased out in the 4.18 cycle once known callers have been
>>> adapted to the new hypercall".
>> Understoon. Then I am in favor of getting all 4 patches in 4.17, either
>> before the release or via backports.
> Removing something from the domctl interface generally requires bumping
> the interface version, so some extra care may need applying if such an
> interface change was to be backported to any stable branch.
To be clear, I have no plans to remove the x86 "older" interface in this
patch series. It will definitely break out of tree users.
In the 4.18 timeframe, we can see about retiring the older hypercalls,
but as a non-backportable change.
~Andrew
|
