Xen project Mailing List

Re: [PATCH] x86/hvm/dom0: fix PVH initrd and metadata placement

To: Xenia Ragiadakou <xenia.ragiadakou@xxxxxxx>

Date: Thu, 26 Oct 2023 10:45:27 +0200

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=HeL4Ujpyh0Z5eCSBCO4lfs1Cmksi/7P3y4PYo7YxKak=; b=jaToB0oe+QA64JPD/39vYVcwciG4Va+mb1XIW8IrwFUc3I0l5K7CQ+IX9kHeMklMCubmoDJrg3NCNNZ7DAyH0I0s+CxKhZtVf01tKMn8YCkfKdPUkOd/llAzUJuIHCeLViCrI5/Ga5imat1m6wy8yfnrwcT0VsphvS2NLOIrfCAeNzjnydYksc5MGAXWdQdaoeZGqvjly6HiYZj/QsilkQWZtxk928AT86kSkfme/hmW92j7Ti+qXkmNbjqnX7e88Bp4D9jRnKKZ8Sy7SvFG3Tq4T/4ZfikQJnRlKAErF15zdidsHYqJ8TLjH0O9ab960mEvHdfoeBhAy6YntkRgKQ==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=LFMZGRj4bS4uma+aWeIr+An32lUz3mZD2iotzgEcwt94VbI2fjdn0C5qbjYY40grfcl+hQV31fsaX3ZFl5ZHsNdnNO9xBCPWp1of27k7SDLVjcdPkB5tYu3AqnfxUkp7F0qbjq/O7zTJAWm8NMqcROIQRfsHkwDfDGxbnb/gChK7ydcGZq3nxcOABwUG/anISgW9xLF9x6LPNB6TNnlEbvyPlUAdTF7g/dNp84s9eX9NqrM3C8/Ms8DC8uVC8HOosv+jORLE47EXaX3E98EtfPp+14TesiCJmRANE3vruG0o3t6YX2SdoqPNZsaR2bKVULPFCBvmMo8ZRWzI/ZBi5A==

Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;

Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx

Delivery-date: Thu, 26 Oct 2023 08:45:44 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 26.10.2023 10:34, Xenia Ragiadakou wrote: > On 26/10/23 10:35, Jan Beulich wrote: >> On 26.10.2023 08:45, Xenia Ragiadakou wrote: >>> Given that start < kernel_end and end > kernel_start, the logic that >>> determines the best placement for dom0 initrd and metadata, does not >>> take into account the two cases below: >>> (1) start > kernel_start && end > kernel_end >>> (2) start < kernel_start && end < kernel_end >>> >>> In case (1), the evaluation will result in end = kernel_start >>> i.e. end < start, and will load initrd in the middle of the kernel. >>> In case (2), the evaluation will result in start = kernel_end >>> i.e. end < start, and will load initrd at kernel_end, that is out >>> of the memory region under evaluation. >> I agree there is a problem if the kernel range overlaps but is not fully >> contained in the E820 range under inspection. I'd like to ask though >> under what conditions that can happen, as it seems suspicious for the >> kernel range to span multiple E820 ranges. > > We tried to boot Zephyr as pvh dom0 and its load address was under 1MB. > > I know ... that maybe shouldn't have been permitted at all, but > nevertheless we hit this issue. How can they expect to have a contiguous, large enough range there? >>> This patch rephrases the if condition to include the above two cases >>> without affecting the behaviour for the case where >>> start < kernel_start && end > kernel_end >>> >>> Fixes: 73b47eea2104 ('x86/dom0: improve PVH initrd and metadata placement') >>> Signed-off-by: Xenia Ragiadakou<xenia.ragiadakou@xxxxxxx> >>> --- >>> xen/arch/x86/hvm/dom0_build.c | 2 +- >>> 1 file changed, 1 insertion(+), 1 deletion(-) >>> >>> diff --git a/xen/arch/x86/hvm/dom0_build.c b/xen/arch/x86/hvm/dom0_build.c >>> index c7d47d0d4c..5fc2c12f3a 100644 >>> --- a/xen/arch/x86/hvm/dom0_build.c >>> +++ b/xen/arch/x86/hvm/dom0_build.c >>> @@ -518,7 +518,7 @@ static paddr_t __init find_memory( >>> if ( end <= kernel_start || start >= kernel_end ) >>> ; /* No overlap, nothing to do. */ >>> /* Deal with the kernel already being loaded in the region. */ >>> - else if ( kernel_start - start > end - kernel_end ) >>> + else if ( kernel_start + kernel_end > start + end ) >> What meaning has the sum of the start and end of either range? I can't >> figure how comparing those two values will be generally correct / useful. >> If the partial-overlap case needs handling in the first place, I think >> new conditionals need adding (and the existing one needs constraining to >> "kernel range fully contained") to use >> - as before, the larger of the non-overlapping ranges at start and end >> if the kernel range is fully contained, >> - the tail of the range when the overlap is at the start, >> - the head of the range when the overlap is at the end. > > Yes it is not quite straight forward to understand and is based on the > assumption that end > kernel_start and start < kernel_end, due to > the first condition failing. > > Both cases: > (start < kernel_start && end < kernel_end) and > (kernel_start - start > end - kernel_end) > fall into the condition ( kernel_start + kernel_end > start + end ) > > And both the cases: > (start > kernel_start && end > kernel_end) and > (end - kernel_end > kernel_start - start) > fall into the condition ( kernel_start + kernel_end < start + end ) > > ... unless of course I miss a case Well, mathematically (i.e. ignoring the potential for overflow) the original expression and your replacement are identical anyway. But overflow needs to be taken into consideration, and hence there is a (theoretical only at this point) risk with the replacement expression as well. As a result I still think that ... >> That said, in the "kernel range fully contained" case it may want >> considering to use the tail range if it is large enough, rather than >> the larger of the two ranges. In fact when switching to that model, we >> ought to be able to get away with one less conditional, as then the >> "kernel range fully contained" case doesn't need treating specially. ... this alternative approach may want considering (provided we need to make a change in the first place, which I continue to be unconvinced of). Jan

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.