From: Oleksandr Tyshchenko <olekstysh@gmail.com>
To: xen-devel@lists.xenproject.org
Cc: Oleksandr Tyshchenko <oleksandr_tyshchenko@epam.com>,
Stefano Stabellini <sstabellini@kernel.org>,
Julien Grall <julien@xen.org>,
Volodymyr Babchuk <Volodymyr_Babchuk@epam.com>,
Paul Durrant <paul@xen.org>, Julien Grall <julien.grall@arm.com>
Subject: [PATCH V2 13/23] xen/ioreq: Use guest_cmpxchg64() instead of cmpxchg()
Date: Thu, 15 Oct 2020 19:44:24 +0300 [thread overview]
Message-ID: <1602780274-29141-14-git-send-email-olekstysh@gmail.com> (raw)
In-Reply-To: <1602780274-29141-1-git-send-email-olekstysh@gmail.com>
From: Oleksandr Tyshchenko <oleksandr_tyshchenko@epam.com>
The cmpxchg() in hvm_send_buffered_ioreq() operates on memory shared
with the emulator domain (and the target domain if the legacy
interface is used).
In order to be on the safe side we need to switch
to guest_cmpxchg64() to prevent a domain to DoS Xen on Arm.
As there is no plan to support the legacy interface on Arm,
we will have a page to be mapped in a single domain at the time,
so we can use s->emulator in guest_cmpxchg64() safely.
Thankfully the only user of the legacy interface is x86 so far
and there is not concern regarding the atomics operations.
Please note, that the legacy interface *must* not be used on Arm
without revisiting the code.
Signed-off-by: Oleksandr Tyshchenko <oleksandr_tyshchenko@epam.com>
CC: Julien Grall <julien.grall@arm.com>
---
Please note, this is a split/cleanup/hardening of Julien's PoC:
"Add support for Guest IO forwarding to a device emulator"
Changes RFC -> V1:
- new patch
Changes V1 -> V2:
- move earlier to avoid breaking arm32 compilation
- add an explanation to commit description and hvm_allow_set_param()
- pass s->emulator
---
xen/arch/arm/hvm.c | 4 ++++
xen/common/ioreq.c | 3 ++-
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/xen/arch/arm/hvm.c b/xen/arch/arm/hvm.c
index 8951b34..9694e5a 100644
--- a/xen/arch/arm/hvm.c
+++ b/xen/arch/arm/hvm.c
@@ -31,6 +31,10 @@
#include <asm/hypercall.h>
+/*
+ * The legacy interface (which involves magic IOREQ pages) *must* not be used
+ * without revisiting the code.
+ */
static int hvm_allow_set_param(const struct domain *d, unsigned int param)
{
switch ( param )
diff --git a/xen/common/ioreq.c b/xen/common/ioreq.c
index 98fffae..8612159 100644
--- a/xen/common/ioreq.c
+++ b/xen/common/ioreq.c
@@ -28,6 +28,7 @@
#include <xen/trace.h>
#include <xen/vpci.h>
+#include <asm/guest_atomics.h>
#include <asm/hvm/ioreq.h>
#include <public/hvm/ioreq.h>
@@ -1317,7 +1318,7 @@ static int send_buffered_ioreq(struct ioreq_server *s, ioreq_t *p)
new.read_pointer = old.read_pointer - n * IOREQ_BUFFER_SLOT_NUM;
new.write_pointer = old.write_pointer - n * IOREQ_BUFFER_SLOT_NUM;
- cmpxchg(&pg->ptrs.full, old.full, new.full);
+ guest_cmpxchg64(s->emulator, &pg->ptrs.full, old.full, new.full);
}
notify_via_xen_event_channel(d, s->bufioreq_evtchn);
--
2.7.4
next prev parent reply other threads:[~2020-10-15 16:53 UTC|newest]
Thread overview: 109+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-15 16:44 [PATCH V2 00/23] IOREQ feature (+ virtio-mmio) on Arm Oleksandr Tyshchenko
2020-10-15 16:44 ` [PATCH V2 01/23] x86/ioreq: Prepare IOREQ feature for making it common Oleksandr Tyshchenko
2020-10-20 7:13 ` Paul Durrant
2020-11-04 9:06 ` Oleksandr
2020-11-04 9:59 ` Paul Durrant
2020-11-12 10:58 ` Jan Beulich
2020-11-13 11:09 ` Oleksandr
2020-11-13 11:20 ` Jan Beulich
2020-11-13 12:45 ` Oleksandr
2020-11-13 14:31 ` Jan Beulich
2020-10-15 16:44 ` [PATCH V2 02/23] xen/ioreq: Make x86's IOREQ feature common Oleksandr Tyshchenko
2020-10-20 7:57 ` Paul Durrant
2020-11-10 16:45 ` Oleksandr
2020-11-17 14:47 ` Oleksandr
2020-11-17 15:29 ` Paul Durrant
2020-11-17 16:29 ` Oleksandr
2020-11-17 19:43 ` Paul Durrant
2020-11-12 11:11 ` Jan Beulich
2020-11-13 13:11 ` Oleksandr
2020-10-15 16:44 ` [PATCH V2 03/23] xen/ioreq: Make x86's hvm_ioreq_needs_completion() common Oleksandr Tyshchenko
2020-10-20 7:59 ` Paul Durrant
2020-10-15 16:44 ` [PATCH V2 04/23] xen/ioreq: Provide alias for the handle_mmio() Oleksandr Tyshchenko
2020-10-20 9:14 ` Paul Durrant
2020-10-20 10:05 ` Jan Beulich
2020-10-20 10:38 ` Paul Durrant
2020-11-10 19:44 ` Oleksandr
2020-11-11 7:27 ` Jan Beulich
2020-11-11 8:09 ` Oleksandr
2020-11-11 8:16 ` Jan Beulich
2020-10-15 16:44 ` [PATCH V2 05/23] xen/ioreq: Make x86's hvm_mmio_first(last)_byte() common Oleksandr Tyshchenko
2020-10-20 9:15 ` Paul Durrant
2020-10-15 16:44 ` [PATCH V2 06/23] xen/ioreq: Make x86's hvm_ioreq_(page/vcpu/server) structs common Oleksandr Tyshchenko
2020-10-15 16:44 ` [PATCH V2 07/23] xen/ioreq: Move x86's ioreq_gfn(server) to struct domain Oleksandr Tyshchenko
2020-11-12 11:21 ` Jan Beulich
2020-11-13 14:05 ` Oleksandr
2020-11-18 12:09 ` Oleksandr
2020-11-18 12:29 ` Paul Durrant
2020-10-15 16:44 ` [PATCH V2 08/23] xen/ioreq: Introduce ioreq_params to abstract accesses to arch.hvm.params Oleksandr Tyshchenko
2020-10-20 10:41 ` Paul Durrant
2020-11-10 20:00 ` Oleksandr
2020-10-15 16:44 ` [PATCH V2 09/23] xen/dm: Make x86's DM feature common Oleksandr Tyshchenko
2020-11-12 11:32 ` Jan Beulich
2020-11-13 14:28 ` Oleksandr
2020-10-15 16:44 ` [PATCH V2 10/23] xen/mm: Make x86's XENMEM_resource_ioreq_server handling common Oleksandr Tyshchenko
2020-11-12 11:40 ` Jan Beulich
2020-11-13 15:00 ` Oleksandr
2020-10-15 16:44 ` [PATCH V2 11/23] xen/ioreq: Move x86's io_completion/io_req fields to struct vcpu Oleksandr Tyshchenko
2020-10-20 10:55 ` Paul Durrant
2020-11-10 20:59 ` Oleksandr
2020-11-11 8:04 ` Jan Beulich
2020-11-11 8:14 ` Oleksandr
2020-10-15 16:44 ` [PATCH V2 12/23] xen/ioreq: Remove "hvm" prefixes from involved function names Oleksandr Tyshchenko
2020-11-12 11:45 ` Jan Beulich
2020-11-12 12:14 ` Paul Durrant
2020-11-13 15:53 ` Oleksandr
2020-11-23 14:39 ` Oleksandr
2020-11-23 14:56 ` Jan Beulich
2020-11-23 15:47 ` Oleksandr
2020-11-23 15:54 ` Paul Durrant
2020-11-23 16:36 ` Oleksandr
2020-10-15 16:44 ` Oleksandr Tyshchenko [this message]
2020-10-15 16:44 ` [PATCH V2 14/23] arm/ioreq: Introduce arch specific bits for IOREQ/DM features Oleksandr Tyshchenko
2020-11-12 11:48 ` Jan Beulich
2020-11-13 15:48 ` Oleksandr
2020-10-15 16:44 ` [PATCH V2 15/23] xen/arm: Stick around in leave_hypervisor_to_guest until I/O has completed Oleksandr Tyshchenko
2020-10-15 16:44 ` [PATCH V2 16/23] xen/mm: Handle properly reference in set_foreign_p2m_entry() on Arm Oleksandr Tyshchenko
2020-11-12 12:18 ` Jan Beulich
2020-11-13 17:00 ` Oleksandr
2020-10-15 16:44 ` [PATCH V2 17/23] xen/ioreq: Introduce domain_has_ioreq_server() Oleksandr Tyshchenko
2020-10-20 10:51 ` Paul Durrant
2020-11-10 20:53 ` Oleksandr
2020-11-11 8:08 ` Jan Beulich
2020-11-11 8:41 ` Oleksandr
2020-11-11 13:27 ` Jan Beulich
2020-11-11 16:28 ` Paul Durrant
2020-11-11 17:33 ` Oleksandr
2020-11-11 17:31 ` Oleksandr
2020-10-15 16:44 ` [PATCH V2 18/23] xen/dm: Introduce xendevicemodel_set_irq_level DM op Oleksandr Tyshchenko
2020-10-15 16:44 ` [PATCH V2 19/23] xen/arm: io: Abstract sign-extension Oleksandr Tyshchenko
2020-10-15 16:44 ` [PATCH V2 20/23] xen/ioreq: Make x86's send_invalidate_req() common Oleksandr Tyshchenko
2020-11-12 11:55 ` Jan Beulich
2020-11-13 16:03 ` Oleksandr
2020-10-15 16:44 ` [PATCH V2 21/23] xen/arm: Add mapcache invalidation handling Oleksandr Tyshchenko
2020-10-16 6:29 ` Jan Beulich
2020-10-16 8:41 ` Julien Grall
2020-10-16 8:56 ` Jan Beulich
2020-11-11 0:03 ` Oleksandr
2020-11-11 19:27 ` Julien Grall
2020-11-11 19:42 ` Oleksandr
2020-10-15 16:44 ` [PATCH V2 22/23] libxl: Introduce basic virtio-mmio support on Arm Oleksandr Tyshchenko
2020-10-15 16:44 ` [PATCH V2 23/23] [RFC] libxl: Add support for virtio-disk configuration Oleksandr Tyshchenko
2020-11-09 6:45 ` Wei Chen
2020-11-11 0:53 ` Oleksandr
2020-11-11 4:28 ` Wei Chen
2020-11-13 17:38 ` Oleksandr
2020-10-29 7:41 ` [PATCH V2 00/23] IOREQ feature (+ virtio-mmio) on Arm Masami Hiramatsu
2020-10-29 18:48 ` Oleksandr Tyshchenko
2020-10-29 19:53 ` Stefano Stabellini
2020-10-29 21:13 ` Oleksandr Tyshchenko
2020-10-29 21:34 ` Stefano Stabellini
2020-10-30 11:34 ` Masami Hiramatsu
2020-10-31 21:10 ` Oleksandr Tyshchenko
2020-11-02 7:23 ` Wei Chen
2020-11-02 18:05 ` Oleksandr
2020-11-03 14:30 ` Masami Hiramatsu
2020-11-03 21:09 ` Oleksandr
2020-10-29 20:03 ` Alex Bennée
2020-10-29 20:10 ` Stefano Stabellini
2020-10-29 22:06 ` Oleksandr Tyshchenko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1602780274-29141-14-git-send-email-olekstysh@gmail.com \
--to=olekstysh@gmail.com \
--cc=Volodymyr_Babchuk@epam.com \
--cc=julien.grall@arm.com \
--cc=julien@xen.org \
--cc=oleksandr_tyshchenko@epam.com \
--cc=paul@xen.org \
--cc=sstabellini@kernel.org \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).