[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 1/2] x86/boot: Clear XD_DISABLE from the early boot path


  • To: Alejandro Vallejo <alejandro.vallejo@xxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • Date: Fri, 16 Jun 2023 20:43:14 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=tDaYED4IRlGS3YbCLDGiQK3+y0vatorHAbYvkdhSWeM=; b=M7uS2dzkbBdjat5cefhRsTUuUqHrg/Q6xZWj5t+PSewwFmxHVBXGZHRIPlXMN4I3ebZ5tDL8sbosSg/bNU+VDrAquhWWy9NJsRcD6BkCDDCwovyL6yop2Ob7hWWXDULY3gHie8cQ1CgMTcHsvaRoIPKftzROydvv8m4FstxNMGMZJbqkT86YSF188C1JbSTLWk3TrWzGKHRt9qANRgwdhDvTfvs2a3ux+wk9tiNUWlJ6nty7FKwADTgglvWySA2Mi3LL3AiOsu0Y17pq+AM77KWfWn3FXIiKweWGcFE2o28K77iq7VlLq3YKXm4/Zksx/YozsJu9hnQEp8UEExQvJQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Pg/navPRWRw1A5GYtim9/yIOjQ6VQit7PMaqA8e//3F1e9Yt42mAbXlwJ0YGhk03Zp0bMWHpIb546zKkKiHb3p2CXZNjyvO/AfXl1Fzikn/r+gk7QLmY9E8HkRlDVuJghVhxTQjhbIzXCDhV3h3KR3JMDz9ib7wh+FXsSYTO0p4HVkb5IQO0c5apZCXkUQngYCLlexdtz/Eymzbqu1IWvu0XlEcQz7iO+FV4thmq/aAkPgCopMm6nETPNJdb0W0nv5VH5kltXT9zVaP5a7ShU01dPhaU3usTBOSafaGI0juu4yIyFEWNdThMt5g5eMmWmsu3yXQKDPKa64pRRrU5cQ==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
  • Cc: Jan Beulich <jbeulich@xxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>
  • Delivery-date: Fri, 16 Jun 2023 19:43:35 +0000
  • Ironport-data: A9a23:GGSD7KBV4DabnBVW/+niw5YqxClBgxIJ4kV8jS/XYbTApD520GZUy 2YXXTjUbPreYGqnKd0gbty08E9S7J+Hm95lQQY4rX1jcSlH+JHPbTi7wuUcHAvJd5GeExg3h yk6QoOdRCzhZiaE/n9BCpC48T8nk/nOHuGmYAL9EngZbRd+Tys8gg5Ulec8g4p56fC0GArIs t7pyyHlEAbNNwVcbCRMs8pvlDs15K6p4G1B4ARlDRx2lAS2e0c9Xcp3yZ6ZdxMUcqEMdsamS uDKyq2O/2+x13/B3fv8z94X2mVTKlLjFVDmZkh+AsBOsTAbzsAG6Y4pNeJ0VKtio27hc+ada jl6ncfYpQ8BZsUgkQmGOvVSO3kW0aZuoNcrLZUj2CA6IoKvn3bEmp1T4E8K0YIw2u17AkVz8 90hIxMjNhucn8WfybaKRbw57igjBJGD0II3nFhFlGmcIdN4BJfJTuPN+MNS2yo2ioZWB/HCa sEFaD1pKhPdfxlIPVRRA5U79AuqriCnL3sE9xTI9exuuzW7IA9ZidABNPL8fNCQSNoTtUGfv m/cpEzyAw0ANczZwj2Amp6prraWxn6iCd5KT9VU8NY3o0KpnlIfAydMUACfoNCoi3SPWeBmf hl8Fi0G6PJaGFaQZtD5Uh+xpnKeuVgCUt5UHu89wAqJzbfYpQ2eAwAsXjNHLdArqsIybTgrz UOS2cPkAyR1t7+YQm7b8a2bxRuwMyUIKW4JZQcfUBAIpdLkpekbkRbnXttlVqmvgbXI9SrYx jmLqG0ygusVhMtSj6Gjpwmf3nSru4TDSRMz6kPPRGW54whlZYmjIYu19Vzc6vUGJ4GcJrWcg EU5dwGlxLhmJfmweOalGY3hwJnBCy65DQDh
  • Ironport-hdrordr: A9a23:z3Kd/Kgfe4ebgyqgOkUg90UlvXBQXh4ji2hC6mlwRA09TyX5ra 2TdZUgpHrJYVMqMk3I9uruBEDtex3hHP1OkOss1NWZPDUO0VHARO1fBOPZqAEIcBeOldK1u5 0AT0B/YueAd2STj6zBkXSF+wBL+qj6zEiq792usEuEVWtRGsVdB58SMHfiLqVxLjM2YqYRJd 6nyedsgSGvQngTZtTTPAh/YwCSz+e78q4PeHQ9dmca1DU=
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 15/06/2023 4:31 pm, Alejandro Vallejo wrote:
> diff --git a/xen/arch/x86/boot/head.S b/xen/arch/x86/boot/head.S
> index 09bebf8635..ce62eae6f3 100644
> --- a/xen/arch/x86/boot/head.S
> +++ b/xen/arch/x86/boot/head.S
> @@ -142,8 +142,8 @@ efi_platform:
>  
>          .section .init.text, "ax", @progbits
>  
> -bad_cpu:
> -        add     $sym_offs(.Lbad_cpu_msg),%esi   # Error message
> +.Lbad_cpu:
> +        add     $sym_offs(.Lbad_cpu_msg),%esi
>          jmp     .Lget_vtb
>  not_multiboot:
>          add     $sym_offs(.Lbad_ldr_msg),%esi   # Error message
> @@ -647,15 +647,59 @@ trampoline_setup:
>          cpuid
>  1:      mov     %edx, CPUINFO_FEATURE_OFFSET(X86_FEATURE_LM) + 
> sym_esi(boot_cpu_data)
>  
> -        /* Check for NX. Adjust EFER setting if available. */
> +        /* Check for availability of long mode. */
> +        bt      $cpufeat_bit(X86_FEATURE_LM),%edx
> +        jnc     .Lbad_cpu
> +
> +        /* Check for NX */
>          bt      $cpufeat_bit(X86_FEATURE_NX), %edx
> +        jc     .Lhas_nx_bit

This part of the diff is far more legible when rebased over the 0.5/2
patch I've just emailed out.  I've got the rebase locally if you want it.

Although I'd suggest that this label name be .Lgot_nx.

> +
> +        /*
> +         * NX appears to be unsupported, but it might be hidden.
> +         *
> +         * Intel CPUs (may) implement MSR_IA32_MISC_ENABLE. Among other
> +         * things this MSR has a bit that artificially hides NX support in
> +         * CPUID. Xen _really_ wants that feature enabled if present, so we
> +         * have to determine if (a) the MSR exists and if so (b) clear the
> +         * bit.
> +         *
> +         * For native boots this is perfectly fine because the MSR was
> +         * introduced before Netburst, which was the first family to
> +         * provide 64bit support. So we're safe simply accessing it as long
> +         * as long mode support has already been checked.
> +         *
> +         * For the virtualized case the MSR might not be emulated though,
> +         * so we make sure to do an initial check for NX in order to bypass
> +         * this MSR read

I'd suggest reordering this a bit, and swapping some what for why.  How
about:

---
NX appears to be unsupported, but it might be hidden.

The feature is part of the AMD64 spec, but the very first Intel 64bit
CPUs lacked the feature, and thereafter there was a firmware knob to
disable the feature.  Undo the disable if possible.

All 64bit Intel CPUs support this MSR.  If virtualised, expect the
hypervisor to either emulate the MSR or give us NX.
---

> +         */
> +        xor     %eax,%eax
> +        cpuid
> +        cmpl    $X86_VENDOR_INTEL_EBX,%ebx

Where possible, spaces after commas and without size suffixes (the l on
cmpl here).  While not relevant here

> +        jnz     .Lno_nx_bit

The "_bit" is still redundant.  Simply .Lno_nx will do.

> +        cmpl    $X86_VENDOR_INTEL_EDX,%edx
> +        jnz     .Lno_nx_bit
> +        cmpl    $X86_VENDOR_INTEL_ECX,%ecx
> +        jnz     .Lno_nx_bit
> +
> +        /* Clear the XD_DISABLE bit */
> +        movl    $MSR_IA32_MISC_ENABLE, %ecx
> +        rdmsr
> +        btrl    $2, %edx

It's unfortunate that we don't have an asm-safe ilog2().  Oh well.

>          jnc     1f
> -        orb     $EFER_NXE >> 8, 1 + sym_esi(trampoline_efer)
> -1:
> +        wrmsr
> +        orb     $MSR_IA32_MISC_ENABLE_XD_DISABLE >> 32, 4 + 
> sym_esi(trampoline_misc_enable_off)
>  
> -        /* Check for availability of long mode. */
> -        bt      $cpufeat_bit(X86_FEATURE_LM),%edx
> -        jnc     bad_cpu
> +1:      /* Check again for NX */

Failing to clear XD_DISABLE wants to go to .Lno_nx, not to re-scan CPUID
having done nothing to the MSR.

> +        mov     $0x80000001,%eax
> +        cpuid
> +        bt      $cpufeat_bit(X86_FEATURE_NX), %edx
> +        jnc     .Lno_nx_bit
> +
> +.Lhas_nx_bit:
> +        /* Adjust EFER is NX is present */

"Adjust EFER, given that NX is present".

> diff --git a/xen/arch/x86/cpu/intel.c b/xen/arch/x86/cpu/intel.c
> index 168cd58f36..46b0cd8dbb 100644
> --- a/xen/arch/x86/cpu/intel.c
> +++ b/xen/arch/x86/cpu/intel.c
> @@ -305,23 +305,23 @@ static void cf_check early_init_intel(struct 
> cpuinfo_x86 *c)
>               c->x86_cache_alignment = 128;
>  
>       /* Unmask CPUID levels and NX if masked: */
> -     rdmsrl(MSR_IA32_MISC_ENABLE, misc_enable);
> -
> -     disable = misc_enable & (MSR_IA32_MISC_ENABLE_LIMIT_CPUID |
> -                              MSR_IA32_MISC_ENABLE_XD_DISABLE);
> -     if (disable) {
> -             wrmsrl(MSR_IA32_MISC_ENABLE, misc_enable & ~disable);
> -             bootsym(trampoline_misc_enable_off) |= disable;
> -             bootsym(trampoline_efer) |= EFER_NXE;
> -     }
> +     if (rdmsr_safe(MSR_IA32_MISC_ENABLE, misc_enable) == 0) {

There's no need to change rdmsrl() to rdmsr_safe(), and not doing so
will shrink this diff a lot.

The only thing you need to alter the re-enable NX printk(), which
probably wants to move ahead of the "if (disable)" and source itself
from bootsym(trampoline_misc_enable_off) instead.

~Andrew



 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.