Xen project Mailing List

Re: [PATCH for-4.18 v2] x86/pvh: fix identity mapping of low 1MB

To: Roger Pau Monné <roger.pau@xxxxxxxxxx>

Date: Mon, 16 Oct 2023 16:07:22 +0200

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=DC/iZACq1IhtCC9ycmUVHwFInpLVgtKuBqW7FqktnrU=; b=U4M+iR+Rd2pcWmCNzgLdZndeb/iGuf4Vbn5gQxp9CUbrWpS1VwkHTEqEqhkklyii+GJz/tWSnzxN4u3NBW7de+0GSH4fzmQsyefTmrorR/TE3I1N0XZsf0p7KMKqZl1SU/7IT1qfK2C/CfSfKQ3Jq/qT3oqpG7oSmdC7ETkFrr8dPOKL8p1V8eh75nYAtx3sNd2iYnEEgXCI3o9RsuRgHDATrxUCblynIJSE7sq1FiycpxTkqQlw3mlhmJGfSnqSnufrtdONx2Tv26YaN4JOnvnj6KMcOL088teb7uxRN5InCJt4hvxuozf8mz+rLfcN2K4rRWohgCrko+TXyZszOA==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dFpWuq9uh5Q7rzkdfW+hgy+gVBdft7OtKzG3qLUvw1fPSeejFzQrOZXa+UBP3DGlACYIODSveF8mKOaQHaqcEDVJ9Br65XxRnwPFmXghdR4MTd8Ft+6IkffTPJ0kfTjr7lo0n8zMJguLYD0f+wBC05LkMTD+ZgvJI++1sKB0pe0Cm5RRkDo/weXdB9rmn5oTOnAA1O3zVQvMcf+ap92752ZSkDaGW/U9cxjTySPVpaozncadegTU7aX8bmz5lqxym2fH7CR34elzrDDRpYiLoNPRVMM+tJ4RU3z9sT7LI6fgKOAleI70xMf8mnpoxt/BzpW47AVSCAQ7cF9aEBZwVg==

Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;

Cc: Henry Wang <Henry.Wang@xxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Paul Durrant <paul@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx

Delivery-date: Mon, 16 Oct 2023 14:07:29 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 16.10.2023 15:51, Roger Pau Monné wrote: > On Mon, Oct 16, 2023 at 03:32:54PM +0200, Jan Beulich wrote: >> On 13.10.2023 10:56, Roger Pau Monne wrote: >>> The mapping of memory regions below the 1MB mark was all done by the PVH >>> dom0 >>> builder code, causing the region to be avoided by the arch specific IOMMU >>> hardware domain initialization code. That lead to the IOMMU being enabled >>> without reserved regions in the low 1MB identity mapped in the p2m for PVH >>> hardware domains. Firmware which happens to be missing RMRR/IVMD ranges >>> describing E820 reserved regions in the low 1MB would transiently trigger >>> IOMMU >>> faults until the p2m is populated by the PVH dom0 builder: >>> >>> AMD-Vi: IO_PAGE_FAULT: 0000:00:13.1 d0 addr 00000000000eb380 flags 0x20 RW >>> AMD-Vi: IO_PAGE_FAULT: 0000:00:13.1 d0 addr 00000000000eb340 flags 0 >>> AMD-Vi: IO_PAGE_FAULT: 0000:00:13.2 d0 addr 00000000000ea1c0 flags 0 >>> AMD-Vi: IO_PAGE_FAULT: 0000:00:14.5 d0 addr 00000000000eb480 flags 0x20 RW >>> AMD-Vi: IO_PAGE_FAULT: 0000:00:12.0 d0 addr 00000000000eb080 flags 0x20 RW >>> AMD-Vi: IO_PAGE_FAULT: 0000:00:14.5 d0 addr 00000000000eb400 flags 0 >>> AMD-Vi: IO_PAGE_FAULT: 0000:00:12.0 d0 addr 00000000000eb040 flags 0 >>> >>> Those errors have been observed on the osstest pinot{0,1} boxes (AMD Fam15h >>> Opteron(tm) Processor 3350 HE). >>> >>> Mostly remove the special handling of the low 1MB done by the PVH dom0 >>> builder, >>> leaving just the data copy between RAM regions. Otherwise rely on the IOMMU >>> arch init code to create any identity mappings for reserved regions in that >>> range (like it already does for reserved regions elsewhere). >>> >>> Note there's a small difference in behavior, as holes in the low 1MB will no >>> longer be identity mapped to the p2m. >> >> I certainly like the simplification, but I'm concerned by this: The BDA >> is not normally reserved, yet may want accessing by Dom0 (to see the real >> machine contents). We do access that first page of memory ourselves, so >> I expect OSes may do so as well (even if the specific aspect I'm thinking >> of - the warm/cold reboot field - is under Xen's control). > > The BDA on the systems I've checked falls into a RAM area on the > memory map, but if you think it can be problematic I could arrange for > arch_iommu_hwdom_init() to also identity map holes in the low 1MB. Hmm, this again is a case where I'd wish CPU and IOMMU mappings could be different. I don't see reasons to try I/O to such holes, but I can see reasons for CPU accesses (of more or less probing kind). > Keep in mind this is only for PVH, it won't affect PV. Of course. Jan

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.