[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH] xen: make VMAP support in MMU system only


  • To: <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Ayan Kumar Halder <ayan.kumar.halder@xxxxxxx>
  • Date: Wed, 21 Aug 2024 13:25:03 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0)
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=3qR+j28zT01ixWDL3qZTBCcQC9zkoG5HXJead8PRpjI=; b=g9WqkLpVQnmUmlpqByNztJwHBux1iwX3GOctPodUUtpHDg8P6iPMvaGS7vpBB3N6bOpBCJv2v7yGVzMjYMSOB8EpgiSCx6s2/LNW+s7ws4pIpS7gRoPtgFIrQmKhbKNb5Q7GUfQSF3TIcvWOlFWSNvri7l2jV422fcgFPtytX69oBpB1RJmdMUaBL8frcRKht/tSX/ojqQhDp9k+qB5nbG4vd4/pddXrRC/yJw0+8hcQUGemCqe2C4t5oo7vpXKQWb+HFarrg6x2P1myqpz8i68wx3wqsLOW+Q6cV3EWPtJSJzAiNaCi9hz0sY1i24zg+ms/qAXV47yD/VNPQ5QQQw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=oudwCcprACAl0tUB4KWWBiBMhqr1PW9mBLxwggayDPkUnYZ/WX7kEy/fKl/P2s1Kq7ovvspxAp4NMbILjCkFuu5WYbW6mUooklom3INTeBN8OxE62kxe96Nsc9eWpXYLNx3xHTB5IhIE1jT4YS+HnuVhJ7cb/qA5lWYIi8Kxxm8J2XfA3svPjZe+iKGg5BCROqBwyoht0miUeLjLzuRirn0VlcMaRD9pBzN6agr72ziWfXpoxcwFi6aAYfIQ1TKffwQIMJNr9toNfKe0MGhALlfN+/8CYrUBfVgmKqs9SS20N7XoHimdnNRzNTJaqhewoqBN1C73Px+5pQXa8mzWhg==
  • Cc: Penny Zheng <penny.zheng@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, "Volodymyr Babchuk" <Volodymyr_Babchuk@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Shawn Anastasio <sanastasio@xxxxxxxxxxxxxxxxxxxxx>, Alistair Francis <alistair.francis@xxxxxxx>, Bob Eshleman <bobbyeshleman@xxxxxxxxx>, "Connor Davis" <connojdavis@xxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Chen <wei.chen@xxxxxxx>, Ayan Kumar Halder <ayan.kumar.halder@xxxxxxx>
  • Delivery-date: Wed, 21 Aug 2024 12:25:34 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

From: Penny Zheng <penny.zheng@xxxxxxx>

Introduce CONFIG_VMAP which is selected by the architectures that use
MMU. vm_init() does not do anything if CONFIG_VMAP is not enabled.

VMAP is widely used in ALTERNATIVE feature to remap a range of memory
with new memory attributes. Since this is highly dependent on virtual
address translation, we choose to fold VMAP in MMU system.

In this patch, we introduce a new Kconfig CONFIG_HAS_VMAP, and make it
only support in MMU system on ARM architecture. And ALTERNATIVE now
depends on VMAP.

HARDEN_BRANCH_PREDICTOR is now gated on MMU as speculative
attacks are not possible on non MMU based systems (ie Cortex-R52, R82).
See 
https://developer.arm.com/Arm%20Security%20Center/Speculative%20Processor%20Vulnerability.

Also took the opportunity to remove "#ifdef VMAP_VIRT_START .. endif"
from vmap.c. Instead vmap.c is compiled when HAS_VMAP is enabled. Thus,
HAS_VMAP is now enabled from x86, ppc and riscv architectures as all of
them use MMU and has VMAP_VIRT_START defined.

Signed-off-by: Penny Zheng <penny.zheng@xxxxxxx>
Signed-off-by: Wei Chen <wei.chen@xxxxxxx>
Signed-off-by: Ayan Kumar Halder <ayan.kumar.halder@xxxxxxx>
---
Changes from :-

v1 - 1. HARDEN_BRANCH_PREDICTOR is now gated on HAS_VMAP.
2. cpuerrata.c is not gated on HAS_VMAP.

v2 - 1. Introduced CONFIG_VMAP in common/Kconfig.
2. Architectures using MMU select this config.
3. vm_init() now uses CONFIG_VMAP.

v3 - 1. HARDEN_BRANCH_PREDICTOR is now gated on MMU.
2. vmap.c is compiled when CONFIG_HAS_VMAP is enabled.
3. HAS_VMAP is enabled from x86, ppc and riscv architectures. 

 xen/arch/arm/Kconfig   | 4 +++-
 xen/arch/arm/setup.c   | 2 ++
 xen/arch/ppc/Kconfig   | 1 +
 xen/arch/riscv/Kconfig | 1 +
 xen/arch/x86/Kconfig   | 1 +
 xen/common/Kconfig     | 3 +++
 xen/common/Makefile    | 2 +-
 xen/common/vmap.c      | 2 --
 xen/include/xen/vmap.h | 2 ++
 9 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/xen/arch/arm/Kconfig b/xen/arch/arm/Kconfig
index 21d03d9f44..323c967361 100644
--- a/xen/arch/arm/Kconfig
+++ b/xen/arch/arm/Kconfig
@@ -12,7 +12,7 @@ config ARM_64
 config ARM
        def_bool y
        select FUNCTION_ALIGNMENT_4B
-       select HAS_ALTERNATIVE
+       select HAS_ALTERNATIVE if HAS_VMAP
        select HAS_DEVICE_TREE
        select HAS_PASSTHROUGH
        select HAS_UBSAN
@@ -61,6 +61,7 @@ config PADDR_BITS
 config MMU
        def_bool y
        select HAS_PMAP
+       select HAS_VMAP
 
 source "arch/Kconfig"
 
@@ -171,6 +172,7 @@ config ARM_SSBD
 
 config HARDEN_BRANCH_PREDICTOR
        bool "Harden the branch predictor against aliasing attacks" if EXPERT
+       depends on MMU
        default y
        help
          Speculation attacks against some high-performance processors rely on
diff --git a/xen/arch/arm/setup.c b/xen/arch/arm/setup.c
index cb2c0a16b8..7f686d2cca 100644
--- a/xen/arch/arm/setup.c
+++ b/xen/arch/arm/setup.c
@@ -447,7 +447,9 @@ void asmlinkage __init start_xen(unsigned long 
boot_phys_offset,
      * It needs to be called after do_initcalls to be able to use
      * stop_machine (tasklets initialized via an initcall).
      */
+#ifdef CONFIG_HAS_ALTERNATIVE
     apply_alternatives_all();
+#endif
     enable_errata_workarounds();
     enable_cpu_features();
 
diff --git a/xen/arch/ppc/Kconfig b/xen/arch/ppc/Kconfig
index f6a77a8200..6db575a48d 100644
--- a/xen/arch/ppc/Kconfig
+++ b/xen/arch/ppc/Kconfig
@@ -2,6 +2,7 @@ config PPC
        def_bool y
        select FUNCTION_ALIGNMENT_4B
        select HAS_DEVICE_TREE
+       select HAS_VMAP
 
 config PPC64
        def_bool y
diff --git a/xen/arch/riscv/Kconfig b/xen/arch/riscv/Kconfig
index 259eea8d3b..7a113c7774 100644
--- a/xen/arch/riscv/Kconfig
+++ b/xen/arch/riscv/Kconfig
@@ -3,6 +3,7 @@ config RISCV
        select FUNCTION_ALIGNMENT_16B
        select GENERIC_BUG_FRAME
        select HAS_DEVICE_TREE
+       select HAS_VMAP
 
 config RISCV_64
        def_bool y
diff --git a/xen/arch/x86/Kconfig b/xen/arch/x86/Kconfig
index 7ef5c8bc48..1784f01aad 100644
--- a/xen/arch/x86/Kconfig
+++ b/xen/arch/x86/Kconfig
@@ -29,6 +29,7 @@ config X86
        select HAS_PIRQ
        select HAS_SCHED_GRANULARITY
        select HAS_UBSAN
+       select HAS_VMAP
        select HAS_VPCI if HVM
        select NEEDS_LIBELF
 
diff --git a/xen/common/Kconfig b/xen/common/Kconfig
index 565ceda741..90268d9249 100644
--- a/xen/common/Kconfig
+++ b/xen/common/Kconfig
@@ -83,6 +83,9 @@ config HAS_SCHED_GRANULARITY
 config HAS_UBSAN
        bool
 
+config HAS_VMAP
+       bool
+
 config MEM_ACCESS_ALWAYS_ON
        bool
 
diff --git a/xen/common/Makefile b/xen/common/Makefile
index 7e66802a9e..fc52e0857d 100644
--- a/xen/common/Makefile
+++ b/xen/common/Makefile
@@ -52,7 +52,7 @@ obj-$(CONFIG_TRACEBUFFER) += trace.o
 obj-y += version.o
 obj-y += virtual_region.o
 obj-y += vm_event.o
-obj-y += vmap.o
+obj-$(CONFIG_HAS_VMAP) += vmap.o
 obj-y += vsprintf.o
 obj-y += wait.o
 obj-bin-y += warning.init.o
diff --git a/xen/common/vmap.c b/xen/common/vmap.c
index ced9cbf26f..47225fecc0 100644
--- a/xen/common/vmap.c
+++ b/xen/common/vmap.c
@@ -1,4 +1,3 @@
-#ifdef VMAP_VIRT_START
 #include <xen/bitmap.h>
 #include <xen/sections.h>
 #include <xen/init.h>
@@ -427,4 +426,3 @@ void *_xvrealloc(void *va, size_t size, unsigned int align)
 
     return ptr;
 }
-#endif
diff --git a/xen/include/xen/vmap.h b/xen/include/xen/vmap.h
index fdae37e950..c1dd7ac22f 100644
--- a/xen/include/xen/vmap.h
+++ b/xen/include/xen/vmap.h
@@ -141,7 +141,9 @@ void *arch_vmap_virt_end(void);
 /* Initialises the VMAP_DEFAULT virtual range */
 static inline void vm_init(void)
 {
+#ifdef CONFIG_HAS_VMAP
     vm_init_type(VMAP_DEFAULT, (void *)VMAP_VIRT_START, arch_vmap_virt_end());
+#endif
 }
 
 #endif /* __XEN_VMAP_H__ */
-- 
2.25.1




 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.