From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Xen-devel <xen-devel@lists.xen.org>
Cc: Andrew Cooper <andrew.cooper3@citrix.com>,
Jan Beulich <JBeulich@suse.com>
Subject: [PATCH 6/8] xen/x86: Calculate PV CR4 masks at boot
Date: Wed, 24 Jun 2015 17:31:38 +0100 [thread overview]
Message-ID: <1435163500-10589-7-git-send-email-andrew.cooper3@citrix.com> (raw)
In-Reply-To: <1435163500-10589-1-git-send-email-andrew.cooper3@citrix.com>
... rather than on every time a guest sets CR4.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
CC: Jan Beulich <JBeulich@suse.com>
---
xen/arch/x86/domain.c | 41 ++++++++++++++++++++++++++++++++---------
1 file changed, 32 insertions(+), 9 deletions(-)
diff --git a/xen/arch/x86/domain.c b/xen/arch/x86/domain.c
index ba28f38..f805724 100644
--- a/xen/arch/x86/domain.c
+++ b/xen/arch/x86/domain.c
@@ -682,24 +682,47 @@ void arch_domain_unpause(struct domain *d)
viridian_time_ref_count_thaw(d);
}
-unsigned long pv_guest_cr4_fixup(const struct vcpu *v, unsigned long guest_cr4)
+/*
+ * These are the masks of CR4 bits (subject to hardware availability) which a
+ * PV guest may not legitimiately attempt to modify.
+ */
+static unsigned long __read_mostly pv_cr4_mask, compat_pv_cr4_mask;
+
+static int __init init_pv_cr4_masks(void)
{
- unsigned long hv_cr4_mask, hv_cr4 = real_cr4_to_pv_guest_cr4(read_cr4());
+ unsigned long common_mask = ~X86_CR4_TSD;
- hv_cr4_mask = ~X86_CR4_TSD;
+ /*
+ * All PV guests may attempt to modify TSD, DE and OSXSAVE.
+ */
if ( cpu_has_de )
- hv_cr4_mask &= ~X86_CR4_DE;
- if ( cpu_has_fsgsbase && !is_pv_32bit_domain(v->domain) )
- hv_cr4_mask &= ~X86_CR4_FSGSBASE;
+ common_mask &= ~X86_CR4_DE;
if ( cpu_has_xsave )
- hv_cr4_mask &= ~X86_CR4_OSXSAVE;
+ common_mask &= ~X86_CR4_OSXSAVE;
+
+ pv_cr4_mask = compat_pv_cr4_mask = common_mask;
+
+ /*
+ * 64bit PV guests may attempt to modify FSGSBASE.
+ */
+ if ( cpu_has_fsgsbase )
+ pv_cr4_mask &= ~X86_CR4_FSGSBASE;
+
+ return 0;
+}
+__initcall(init_pv_cr4_masks);
+
+unsigned long pv_guest_cr4_fixup(const struct vcpu *v, unsigned long guest_cr4)
+{
+ unsigned long hv_cr4 = real_cr4_to_pv_guest_cr4(read_cr4());
+ unsigned long mask = is_pv_32bit_vcpu(v) ? compat_pv_cr4_mask : pv_cr4_mask;
- if ( (guest_cr4 & hv_cr4_mask) != (hv_cr4 & hv_cr4_mask) )
+ if ( (guest_cr4 & mask) != (hv_cr4 & mask) )
printk(XENLOG_G_WARNING
"d%d attempted to change %pv's CR4 flags %08lx -> %08lx\n",
current->domain->domain_id, v, hv_cr4, guest_cr4);
- return (hv_cr4 & hv_cr4_mask) | (guest_cr4 & ~hv_cr4_mask);
+ return (hv_cr4 & mask) | (guest_cr4 & ~mask);
}
#define xen_vcpu_guest_context vcpu_guest_context
--
1.7.10.4
next prev parent reply other threads:[~2015-06-24 16:31 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-06-24 16:31 [PATCH 0/8] [RFC] SMAP handling improvements for 32bit PV guests on Andrew Cooper
2015-06-24 16:31 ` [PATCH 1/8] common/vsprintf: Special-case DOMID_IDLE handling for %pv Andrew Cooper
2015-06-24 16:31 ` [PATCH 2/8] x86/traps: Avoid using current too early on boot Andrew Cooper
2015-06-24 16:31 ` [PATCH 3/8] x86/setup: Initialise CR4 before creating idle_vcpu[0] Andrew Cooper
2015-06-24 16:31 ` [PATCH 4/8] xen/x86: Clean up CR4 definitions Andrew Cooper
2015-06-24 16:31 ` [PATCH 5/8] xen/x86: Drop PSE from XEN_MINIMAL_CR4 Andrew Cooper
2015-06-24 16:31 ` Andrew Cooper [this message]
2015-06-25 13:08 ` [PATCH 6/8] xen/x86: Calculate PV CR4 masks at boot Jan Beulich
2015-06-25 13:31 ` Andrew Cooper
2015-06-25 13:40 ` Jan Beulich
2015-06-25 13:43 ` Andrew Cooper
2015-06-24 16:31 ` [PATCH 7/8] xen/x86: Rework CR4 handling for PV guests Andrew Cooper
2015-06-25 14:41 ` Jan Beulich
2015-06-25 16:22 ` Andrew Cooper
2015-06-26 6:22 ` Jan Beulich
2015-06-26 8:10 ` Andrew Cooper
2015-06-26 8:50 ` Jan Beulich
2015-06-24 16:31 ` [PATCH 8/8] xen/x86: Additional SMAP modes to work around buggy 32bit " Andrew Cooper
2015-06-25 11:18 ` David Vrabel
2015-06-25 11:53 ` Andrew Cooper
2015-06-25 15:12 ` Jan Beulich
2015-06-25 16:31 ` Andrew Cooper
2015-06-26 6:33 ` Jan Beulich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1435163500-10589-7-git-send-email-andrew.cooper3@citrix.com \
--to=andrew.cooper3@citrix.com \
--cc=JBeulich@suse.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.