[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v3] x86/livepatch: Fix livepatch application when CET is active

  • To: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • Date: Tue, 18 Apr 2023 18:30:58 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=vbRp9Mx95LV5ej9oSFLZYhqDm13n7JL2CcAFETtf5rE=; b=izlvzej05pfxzfrtQobTTmzLM4lkYAG42cQsVwAhLOV+7eygQRcYNdta1z/rwfIlq5pR7q8OeJs/E7CsCyHEG4IsIHgb0Bm+GNO7KEohyDmH5IquDAP2hwHjJXliWm00Jj+BBUOekng/RfTS/QBDCFwrzTITjVyHCkTkfXeKlSPFTItzhYzO+Nk4uq1ziOm40LW33QFgQSJxbjEG4JeANKHIK0H8S3nwFEwwa5RodxRyJmcZcJ5Vtdwv2aazXE2CVjPSt7LTJ8kyLx7RcYBmW85rSNpX1fm4xiNqd+QBKWwbs0a2rTTc1M5btcI/QIC8QePKPFRnCjikUQ9/BMCjOw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WpzWBp2UoOVlVnUvaX6/QXVy1rLJjOjXMBgKF1ol1mjTl452hUcM9VOvGHYNEt8HafAJNs3Pj6QLSpoZYGetz/D633zWOds3ePo0VMVatjE9ALN4JyOQ0jk3jJO374ZaaHybghVGXyBA6aZz1Uu6JxC2Dx3CGYHxZVFRYBSDekIj84fCtSLEZb11Wq5Ht0i3GrgO6/e+nPbBwNK62HB4prN5Lg3uLZs1vf1Shd/ReS6PnBZxSD1er+xAWdkywzUWegqNss05cQJe/vUoE87/A8GdTINRpN2oAVyyg2wpMkbAqjzqCIdFHKxmuhlF7vSqVXdOf2tfUUOGE5Iupyo41A==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
  • Cc: Jan Beulich <jbeulich@xxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>, Ross Lagerwall <ross.lagerwall@xxxxxxxxxx>
  • Delivery-date: Tue, 18 Apr 2023 17:31:38 +0000
  • Ironport-data: A9a23:LsBDYqOaWOzGRWDvrR1glsFynXyQoLVcMsEvi/4bfWQNrUon12ADn zdNX2mEbP+MMTD1ft9yPYzk/RsGvcPXy4c3Hgto+SlhQUwRpJueD7x1DKtS0wC6dZSfER09v 63yTvGacajYm1eF/k/F3oDJ9CU6jufQAOKnUoYoAwgpLSd8UiAtlBl/rOAwh49skLCRDhiE/ Nj/uKUzAnf8s9JPGj9SuvPrRC9H5qyo42tE5wxmP5ingXeF/5UrJMNHTU2OByOQrrl8RoaSW +vFxbelyWLVlz9F5gSNy+uTnuUiG9Y+DCDW4pZkc/HKbitq/0Te5p0TJvsEAXq7vh3S9zxHJ HehgrTrIeshFvWkdO3wyHC0GQkmVUFN0OevzXRSLaV/ZqAJGpfh66wGMa04AWEX0vlTUWVkq /EjEjlTPxaondiR5eqnVvY506zPLOGzVG8ekldJ6GiASNwAEdXESaiM4sJE1jAtgMwIBezZe 8cSdTtoalLHfgFLPVAUTpk5mY9EhFGmK2Ee9A3T+PpxujaDpOBy+OGF3N79U9qGX8hK2G2fo XrL5T/RCRAGLt2PjzGC9xpAg8eWxX6gA9xNS+zQGvhCnXLI2HcTITstBF68n8S2h1aMBv90J BlBksYphe1onKCxdfHtUhv9rHOasxo0X9tLD/Z8+AyL0rDT4QuSGi4DVDEpQN4sudIyRDcq/ kSUhN6vDjtq2JWKTVqN+7HSqim9UQAWKmkYbCNCUgoB4PHkuog4ih+JRdFmeJNZlfXwEDD0h jqM/C43guxKidZRjvvru1fanziru57FCBYv4RnaVX6k6QU/Y5O5Y4uv6h7Q6vMowJulc2Rtd UMsw6C2hN3ix7nU/MBRaI3hxI2U2ss=
  • Ironport-hdrordr: A9a23:aZ6q+KHqD9gEYnnbpLqEzseALOsnbusQ8zAXPhZKOGZom+ij5r mTdZMgpHnJYVcqKRYdcLW7UpVoLkmslqKdjbNwAV7AZniDhILLFvAB0WK4+UyZJ8SWzIc0vp uIGJIObeEYY2Iase/KpCGlDtA6zMCD4MmT9JzjJrRWIT2CqZsM0+60MGmm+4RNKjV7OQ==
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 18/04/2023 12:10 pm, Andrew Cooper wrote:
> diff --git a/xen/arch/x86/mm.c b/xen/arch/x86/mm.c
> index 36a07ef77eae..98529215ddec 100644
> @@ -5879,6 +5880,75 @@ int destroy_xen_mappings(unsigned long s, unsigned 
> long e)
>      return modify_xen_mappings(s, e, _PAGE_NONE);
>  }
>  
> +/*
> + * Similar to modify_xen_mappings(), but used by the alternatives and
> + * livepatch in weird contexts.  All synchronization, TLB flushing, etc is 
> the
> + * responsibility of the caller, and *MUST* not be introduced here.
> + *
> + * Must be limited to XEN_VIRT_{START,END}, i.e. over l2_xenmap[].
> + * Must be called with present flags, and over present mappings.
> + * Must be called on leaf page boundaries, i.e. s and e must not be in the
> + * middle of a superpage.
> + */
> +void init_or_livepatch modify_xen_mappings_lite(
> +    unsigned long s, unsigned long e, unsigned int _nf)
> +{
> +    unsigned long v = s, fm, nf;
> +
> +    /* Set of valid PTE bits which may be altered. */
> +#define FLAGS_MASK 
> (_PAGE_NX|_PAGE_DIRTY|_PAGE_ACCESSED|_PAGE_RW|_PAGE_PRESENT)
> +    fm = put_pte_flags(FLAGS_MASK);
> +    nf = put_pte_flags(_nf & FLAGS_MASK);
> +#undef FLAGS_MASK
> +
> +    ASSERT(nf & _PAGE_PRESENT);
> +    ASSERT(IS_ALIGNED(s, PAGE_SIZE) && s >= XEN_VIRT_START);
> +    ASSERT(IS_ALIGNED(e, PAGE_SIZE) && e <= XEN_VIRT_END);
> +
> +    while ( v < e )
> +    {
> +        l2_pgentry_t *pl2e = &l2_xenmap[l2_table_offset(v)];
> +        l2_pgentry_t l2e = l2e_read_atomic(pl2e);
> +        unsigned int l2f = l2e_get_flags(l2e);
> +
> +        ASSERT(l2f & _PAGE_PRESENT);
> +
> +        if ( l2e_get_flags(l2e) & _PAGE_PSE )
> +        {
> +            ASSERT(l1_table_offset(v) == 0);
> +            ASSERT(e - v >= (1UL << L2_PAGETABLE_SHIFT));

On second thoughts, no.  This has just triggered in my final sanity
testing before pushing.

Currently debugging.

~Andrew

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.