[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v3 2/4] xen: make VMAP only support in MMU system

To: Jan Beulich <jbeulich@xxxxxxxx>, Ayan Kumar Halder <ayan.kumar.halder@xxxxxxx>
From: Ayan Kumar Halder <ayankuma@xxxxxxx>
Date: Wed, 14 Aug 2024 11:55:10 +0100
Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none
Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=IZ6aYQCSSeWAEmnwaJqeYdqgFbYEQBBfmwZFCKA+SJg=; b=SEt2uI1fpaq2xC6l8uJDYqMxJZdSkdPoWDwmroM8yECWq6I5vyQG+qYzucKHBCmjLKdCCf81Qpr6v6aULKS8XPBq6vBiP4dTCzFdybOCC2pC/DoV92vOjSt/7Eys5C8dZwzTIEiqh2qwPdZj16Tedd2waeG6NOK8Bg1yLw8yGGK6IPKWowJXMwLk3i3F5kzRzGnRPw+0FhC2JfnCdICNeFJm9k+TTcJXzgqTT//CZQTS50rvvGON5XjW8/wphkVoD5/A6buWUuRgOaSAvueOi300bhJ9We4tFRaX2g8YOso47XIiJeIkwFB1PmFr5GLyRjlSgHUy28CKmdhngWGihQ==
Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=CZwC/WLiZg8pcapwRDK1mpCgq7Fq7LP8NLkBmqe8qpoEirNc/e4VOlqmVJJkjYXQnq/umJkFWhTaq2o4IOlPlzfnL1iG79jxktEaMu34JX0Xt90n8qcYDCn0PJygivt8U1VNqZNQFD+7NJRGwPNVH4w+ef1qUHsS50rXy4aREDSH/b5wVJadVph4OzB/gQNxP2DuSKZDoInxMy7PB7kOwl/kcTzBUGZ0K1ADQcQdslEDBdgbHgkAHf1GuelgfMGz8d1NIrLSby6aUMIC9te2LH90pimTVqCpybF5LP92x8A3vSn432w7Au5jmw5AC40TELZZk9jP40Vi8COr6I04qw==
Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=amd.com;
Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx, Penny Zheng <penny.zheng@xxxxxxx>, Wei Chen <wei.chen@xxxxxxx>, sstabellini@xxxxxxxxxx, bertrand.marquis@xxxxxxx, michal.orzel@xxxxxxx, Volodymyr_Babchuk@xxxxxxxx, julien@xxxxxxx
Delivery-date: Wed, 14 Aug 2024 10:55:34 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Hi Jan,

On 14/08/2024 07:37, Jan Beulich wrote:

On 13.08.2024 19:13, Ayan Kumar Halder wrote:

From: Penny Zheng <penny.zheng@xxxxxxx>

Introduced CONFIG_VMAP which is selected by the architectures that use
MMU. vm_init() does not do anything if CONFIG_VMAP is not enabled.

VMAP is widely used in ALTERNATIVE feature to remap a range of memory
with new memory attributes. Since this is highly dependent on virtual
address translation, we choose to fold VMAP in MMU system.

In this patch, we introduce a new Kconfig CONFIG_HAS_VMAP, and make it
only support in MMU system on ARM architecture. And ALTERNATIVE now
depends on VMAP.

HARDEN_BRANCH_PREDICTOR is now gated on HAS_VMAP as speculative
attacks are not possible on non MMU based systems (ie Cortex-R52, R82).
See 
https://developer.arm.com/Arm%20Security%20Center/Speculative%20Processor%20Vulnerability.

While I'm not an Arm expert and hence I'm likely missing aspects, I question
the one (Spectre-BHB) vulnerability there to be sufficient to draw a
conclusion towards the usefulness of branch hardening. I would advise
against encoding such a connection in the Kconfig dependencies.

AFAIU, to address 'Spectre' like vulnerabilities 'branch hardening' wasadded.


See https://lore.kernel.org/all/E1fNadD-0000fz-9r@xxxxxxxxxxxxxxxxxxxxxx/

And fromhttps://lists.linaro.org/archives/list/linux-stable-mirror@xxxxxxxxxxxxxxxx/message/F4MGL4WT2R7T54NLRDGKFRQNSXF3DZGD/


Spectre is valid on MMU based systems.

Thus, I would make 'branch hardenining' valid on MMU based systems only.

Let me know your thoughts.

--- a/xen/arch/x86/Kconfig
+++ b/xen/arch/x86/Kconfig
@@ -1,6 +1,7 @@
  config X86_64
        def_bool y
        select 64BIT
+       select HAS_VMAP

config X86

        def_bool y
@@ -31,6 +32,7 @@ config X86
        select HAS_UBSAN
        select HAS_VPCI if HVM
        select NEEDS_LIBELF
+       select HAS_VMAP

Why in two places? Also please respect alphabetic sorting here (if this
hunk is kept, which may be the more consistent approach) ...

My mistake. I initially thought user could select one of the two.However, "vm_init()" is invoked only from xen/arch/x86/setup.c.


Thus, keeping 'HAS_VMAP' under 'config X86' is dufficient.

I agree that HAS_VMAP needs to go before HAS_VPCI.

--- a/xen/common/Kconfig
+++ b/xen/common/Kconfig
@@ -77,6 +77,9 @@ config HAS_PIRQ
  config HAS_PMAP
        bool

+config HAS_VMAP

+       bool
+
  config HAS_SCHED_GRANULARITY
        bool

... and here.


Yes, it needs to go after HAS_UBSAN.

- Ayan

Jan

Follow-Ups:
- Re: [PATCH v3 2/4] xen: make VMAP only support in MMU system
  - From: Jan Beulich

References:
- [PATCH v3 0/4] xen: arm: Split MMU code in preparation for MPU work (part 2)
  - From: Ayan Kumar Halder
- [PATCH v3 2/4] xen: make VMAP only support in MMU system
  - From: Ayan Kumar Halder
- Re: [PATCH v3 2/4] xen: make VMAP only support in MMU system
  - From: Jan Beulich

Prev by Date: Re: [PATCH 08/22] x86/mm: avoid passing a domain parameter to L4 init function
Next by Date: Re: [PATCH v3 2/4] xen: make VMAP only support in MMU system
Previous by thread: Re: [PATCH v3 2/4] xen: make VMAP only support in MMU system
Next by thread: Re: [PATCH v3 2/4] xen: make VMAP only support in MMU system
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.