From: Tamas K Lengyel <tamas.lengyel@intel.com>
To: xen-devel@lists.xenproject.org
Cc: "Kevin Tian" <kevin.tian@intel.com>,
"Stefano Stabellini" <sstabellini@kernel.org>,
"Tamas K Lengyel" <tamas.lengyel@intel.com>,
"Jun Nakajima" <jun.nakajima@intel.com>, "Wei Liu" <wl@xen.org>,
"Andrew Cooper" <andrew.cooper3@citrix.com>,
"Ian Jackson" <ian.jackson@eu.citrix.com>,
"George Dunlap" <george.dunlap@citrix.com>,
"Tamas K Lengyel" <tamas@tklengyel.com>,
"Jan Beulich" <jbeulich@suse.com>,
"Julien Grall" <julien@xen.org>,
"Roger Pau Monné" <roger.pau@citrix.com>
Subject: [PATCH v2 for-4.14 1/2] x86/mem_sharing: block interrupt injection for forks
Date: Fri, 22 May 2020 09:33:52 -0700 [thread overview]
Message-ID: <adfececa3e29a46f5347459a629aa534d61625aa.1590165055.git.tamas.lengyel@intel.com> (raw)
When running shallow forks without device models it may be undesirable for Xen
to inject interrupts. With Windows forks we have observed the kernel going into
infinite loops when trying to process such interrupts, likely because it attempts
to interact with devices that are not responding without QEMU running. By
disabling interrupt injection the fuzzer can exercise the target code without
interference.
Forks & memory sharing are only available on Intel CPUs so this only applies
to vmx.
Signed-off-by: Tamas K Lengyel <tamas.lengyel@intel.com>
---
v2: prohibit => block
minor style adjustments
---
xen/arch/x86/hvm/vmx/intr.c | 6 ++++++
xen/arch/x86/mm/mem_sharing.c | 6 +++++-
xen/include/asm-x86/hvm/domain.h | 2 ++
xen/include/public/memory.h | 1 +
4 files changed, 14 insertions(+), 1 deletion(-)
diff --git a/xen/arch/x86/hvm/vmx/intr.c b/xen/arch/x86/hvm/vmx/intr.c
index 000e14af49..80bfbb4787 100644
--- a/xen/arch/x86/hvm/vmx/intr.c
+++ b/xen/arch/x86/hvm/vmx/intr.c
@@ -256,6 +256,12 @@ void vmx_intr_assist(void)
if ( unlikely(v->arch.vm_event) && v->arch.vm_event->sync_event )
return;
+#ifdef CONFIG_MEM_SHARING
+ /* Block event injection for VM fork if requested */
+ if ( unlikely(v->domain->arch.hvm.mem_sharing.block_interrupts) )
+ return;
+#endif
+
/* Crank the handle on interrupt state. */
pt_vector = pt_update_irq(v);
diff --git a/xen/arch/x86/mm/mem_sharing.c b/xen/arch/x86/mm/mem_sharing.c
index 7271e5c90b..0c45a8d67e 100644
--- a/xen/arch/x86/mm/mem_sharing.c
+++ b/xen/arch/x86/mm/mem_sharing.c
@@ -2106,7 +2106,8 @@ int mem_sharing_memop(XEN_GUEST_HANDLE_PARAM(xen_mem_sharing_op_t) arg)
rc = -EINVAL;
if ( mso.u.fork.pad )
goto out;
- if ( mso.u.fork.flags & ~XENMEM_FORK_WITH_IOMMU_ALLOWED )
+ if ( mso.u.fork.flags &
+ ~(XENMEM_FORK_WITH_IOMMU_ALLOWED | XENMEM_FORK_BLOCK_INTERRUPTS) )
goto out;
rc = rcu_lock_live_remote_domain_by_id(mso.u.fork.parent_domain,
@@ -2134,6 +2135,9 @@ int mem_sharing_memop(XEN_GUEST_HANDLE_PARAM(xen_mem_sharing_op_t) arg)
rc = hypercall_create_continuation(__HYPERVISOR_memory_op,
"lh", XENMEM_sharing_op,
arg);
+ else if ( !rc && (mso.u.fork.flags & XENMEM_FORK_BLOCK_INTERRUPTS) )
+ d->arch.hvm.mem_sharing.block_interrupts = true;
+
rcu_unlock_domain(pd);
break;
}
diff --git a/xen/include/asm-x86/hvm/domain.h b/xen/include/asm-x86/hvm/domain.h
index 95fe18cddc..37e494d234 100644
--- a/xen/include/asm-x86/hvm/domain.h
+++ b/xen/include/asm-x86/hvm/domain.h
@@ -74,6 +74,8 @@ struct mem_sharing_domain
* to resume the search.
*/
unsigned long next_shared_gfn_to_relinquish;
+
+ bool block_interrupts;
};
#endif
diff --git a/xen/include/public/memory.h b/xen/include/public/memory.h
index dbd35305df..1e4959638d 100644
--- a/xen/include/public/memory.h
+++ b/xen/include/public/memory.h
@@ -537,6 +537,7 @@ struct xen_mem_sharing_op {
struct mem_sharing_op_fork { /* OP_FORK */
domid_t parent_domain; /* IN: parent's domain id */
#define XENMEM_FORK_WITH_IOMMU_ALLOWED (1u << 0)
+#define XENMEM_FORK_BLOCK_INTERRUPTS (1u << 1)
uint16_t flags; /* IN: optional settings */
uint32_t pad; /* Must be set to 0 */
} fork;
--
2.25.1
next reply other threads:[~2020-05-22 16:34 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-22 16:33 Tamas K Lengyel [this message]
2020-05-22 16:33 ` [PATCH v2 for-4.14 2/2] tools/libxc: xc_memshr_fork with interrupts blocked Tamas K Lengyel
2020-05-25 2:33 ` [PATCH v2 for-4.14 1/2] x86/mem_sharing: block interrupt injection for forks Tian, Kevin
2020-05-25 3:34 ` Tamas K Lengyel
2020-05-25 6:05 ` Jan Beulich
2020-05-25 12:18 ` Tamas K Lengyel
2020-05-25 12:37 ` Tamas K Lengyel
2020-05-25 13:06 ` Jan Beulich
2020-05-25 13:46 ` Tamas K Lengyel
2020-05-25 14:06 ` Jan Beulich
2020-05-25 14:14 ` Tamas K Lengyel
2020-05-25 14:27 ` Tamas K Lengyel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=adfececa3e29a46f5347459a629aa534d61625aa.1590165055.git.tamas.lengyel@intel.com \
--to=tamas.lengyel@intel.com \
--cc=andrew.cooper3@citrix.com \
--cc=george.dunlap@citrix.com \
--cc=ian.jackson@eu.citrix.com \
--cc=jbeulich@suse.com \
--cc=julien@xen.org \
--cc=jun.nakajima@intel.com \
--cc=kevin.tian@intel.com \
--cc=roger.pau@citrix.com \
--cc=sstabellini@kernel.org \
--cc=tamas@tklengyel.com \
--cc=wl@xen.org \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.