* [PATCH 0/2] Misc vcpu_op() adjustments
@ 2019-04-24 18:10 ` Andrew Cooper
0 siblings, 0 replies; 12+ messages in thread
From: Andrew Cooper @ 2019-04-24 18:10 UTC (permalink / raw)
To: Xen-devel
Cc: Stefano Stabellini, Wei Liu, Andrew Cooper, Julien Grall,
Norbert Manthey, Jan Beulich, Roger Pau Monné
Andrew Cooper (2):
xen/domain: Block more speculative out-of-bound accesses
xen/arm: Misc improvements to do_common_cpu_on()
xen/arch/arm/vpsci.c | 8 +++-----
xen/common/compat/domain.c | 2 +-
2 files changed, 4 insertions(+), 6 deletions(-)
--
2.1.4
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Xen-devel] [PATCH 0/2] Misc vcpu_op() adjustments
@ 2019-04-24 18:10 ` Andrew Cooper
0 siblings, 0 replies; 12+ messages in thread
From: Andrew Cooper @ 2019-04-24 18:10 UTC (permalink / raw)
To: Xen-devel
Cc: Stefano Stabellini, Wei Liu, Andrew Cooper, Julien Grall,
Norbert Manthey, Jan Beulich, Roger Pau Monné
Andrew Cooper (2):
xen/domain: Block more speculative out-of-bound accesses
xen/arm: Misc improvements to do_common_cpu_on()
xen/arch/arm/vpsci.c | 8 +++-----
xen/common/compat/domain.c | 2 +-
2 files changed, 4 insertions(+), 6 deletions(-)
--
2.1.4
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
^ permalink raw reply [flat|nested] 12+ messages in thread
* [PATCH 1/2] xen/domain: Block more speculative out-of-bound accesses
@ 2019-04-24 18:10 ` Andrew Cooper
0 siblings, 0 replies; 12+ messages in thread
From: Andrew Cooper @ 2019-04-24 18:10 UTC (permalink / raw)
To: Xen-devel
Cc: Stefano Stabellini, Wei Liu, Andrew Cooper, Julien Grall,
Norbert Manthey, Jan Beulich, Roger Pau Monné
c/s f8303458 restricted speculative access for do_vcpu_op(), but neglected its
compat counterpart, which is reachable by guests using the 32bit ABI.
Make an identical adjustment.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
---
CC: Jan Beulich <JBeulich@suse.com>
CC: Wei Liu <wei.liu2@citrix.com>
CC: Roger Pau Monné <roger.pau@citrix.com>
CC: Stefano Stabellini <sstabellini@kernel.org>
CC: Julien Grall <julien.grall@arm.com>
CC: Norbert Manthey <nmanthey@amazon.de>
---
xen/common/compat/domain.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/xen/common/compat/domain.c b/xen/common/compat/domain.c
index 88bfdc8..39877b3 100644
--- a/xen/common/compat/domain.c
+++ b/xen/common/compat/domain.c
@@ -39,7 +39,7 @@ int compat_vcpu_op(int cmd, unsigned int vcpuid, XEN_GUEST_HANDLE_PARAM(void) ar
struct vcpu *v;
int rc = 0;
- if ( vcpuid >= d->max_vcpus || (v = d->vcpu[vcpuid]) == NULL )
+ if ( (v = domain_vcpu(d, vcpuid)) == NULL )
return -ENOENT;
switch ( cmd )
--
2.1.4
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [Xen-devel] [PATCH 1/2] xen/domain: Block more speculative out-of-bound accesses
@ 2019-04-24 18:10 ` Andrew Cooper
0 siblings, 0 replies; 12+ messages in thread
From: Andrew Cooper @ 2019-04-24 18:10 UTC (permalink / raw)
To: Xen-devel
Cc: Stefano Stabellini, Wei Liu, Andrew Cooper, Julien Grall,
Norbert Manthey, Jan Beulich, Roger Pau Monné
c/s f8303458 restricted speculative access for do_vcpu_op(), but neglected its
compat counterpart, which is reachable by guests using the 32bit ABI.
Make an identical adjustment.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
---
CC: Jan Beulich <JBeulich@suse.com>
CC: Wei Liu <wei.liu2@citrix.com>
CC: Roger Pau Monné <roger.pau@citrix.com>
CC: Stefano Stabellini <sstabellini@kernel.org>
CC: Julien Grall <julien.grall@arm.com>
CC: Norbert Manthey <nmanthey@amazon.de>
---
xen/common/compat/domain.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/xen/common/compat/domain.c b/xen/common/compat/domain.c
index 88bfdc8..39877b3 100644
--- a/xen/common/compat/domain.c
+++ b/xen/common/compat/domain.c
@@ -39,7 +39,7 @@ int compat_vcpu_op(int cmd, unsigned int vcpuid, XEN_GUEST_HANDLE_PARAM(void) ar
struct vcpu *v;
int rc = 0;
- if ( vcpuid >= d->max_vcpus || (v = d->vcpu[vcpuid]) == NULL )
+ if ( (v = domain_vcpu(d, vcpuid)) == NULL )
return -ENOENT;
switch ( cmd )
--
2.1.4
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [PATCH 2/2] xen/arm: Misc improvements to do_common_cpu_on()
@ 2019-04-24 18:10 ` Andrew Cooper
0 siblings, 0 replies; 12+ messages in thread
From: Andrew Cooper @ 2019-04-24 18:10 UTC (permalink / raw)
To: Xen-devel; +Cc: Andrew Cooper, Julien Grall, Stefano Stabellini
* Use domain_vcpu() rather than opencoding the lookup. Amongst other things,
domain_vcpu() is spectre-v1-safe.
* Unlock the domain immediately after arch_set_info_guest() completes. There
is no need for free_vcpu_guest_context() to be within the critical region,
and moving the call simplifies the error case.
No practical change in functionaltiy.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
---
CC: Stefano Stabellini <sstabellini@kernel.org>
CC: Julien Grall <julien.grall@arm.com>
---
xen/arch/arm/vpsci.c | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/xen/arch/arm/vpsci.c b/xen/arch/arm/vpsci.c
index 9f4e5b8..c1e250b 100644
--- a/xen/arch/arm/vpsci.c
+++ b/xen/arch/arm/vpsci.c
@@ -33,7 +33,7 @@ static int do_common_cpu_on(register_t target_cpu, register_t entry_point,
vcpuid = vaffinity_to_vcpuid(target_cpu);
- if ( vcpuid >= d->max_vcpus || (v = d->vcpu[vcpuid]) == NULL )
+ if ( (v = domain_vcpu(d, vcpuid)) == NULL )
return PSCI_INVALID_PARAMETERS;
/* THUMB set is not allowed with 64-bit domain */
@@ -82,14 +82,12 @@ static int do_common_cpu_on(register_t target_cpu, register_t entry_point,
domain_lock(d);
rc = arch_set_info_guest(v, ctxt);
+ domain_unlock(d);
+
free_vcpu_guest_context(ctxt);
if ( rc < 0 )
- {
- domain_unlock(d);
return PSCI_DENIED;
- }
- domain_unlock(d);
vcpu_wake(v);
--
2.1.4
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [Xen-devel] [PATCH 2/2] xen/arm: Misc improvements to do_common_cpu_on()
@ 2019-04-24 18:10 ` Andrew Cooper
0 siblings, 0 replies; 12+ messages in thread
From: Andrew Cooper @ 2019-04-24 18:10 UTC (permalink / raw)
To: Xen-devel; +Cc: Andrew Cooper, Julien Grall, Stefano Stabellini
* Use domain_vcpu() rather than opencoding the lookup. Amongst other things,
domain_vcpu() is spectre-v1-safe.
* Unlock the domain immediately after arch_set_info_guest() completes. There
is no need for free_vcpu_guest_context() to be within the critical region,
and moving the call simplifies the error case.
No practical change in functionaltiy.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
---
CC: Stefano Stabellini <sstabellini@kernel.org>
CC: Julien Grall <julien.grall@arm.com>
---
xen/arch/arm/vpsci.c | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/xen/arch/arm/vpsci.c b/xen/arch/arm/vpsci.c
index 9f4e5b8..c1e250b 100644
--- a/xen/arch/arm/vpsci.c
+++ b/xen/arch/arm/vpsci.c
@@ -33,7 +33,7 @@ static int do_common_cpu_on(register_t target_cpu, register_t entry_point,
vcpuid = vaffinity_to_vcpuid(target_cpu);
- if ( vcpuid >= d->max_vcpus || (v = d->vcpu[vcpuid]) == NULL )
+ if ( (v = domain_vcpu(d, vcpuid)) == NULL )
return PSCI_INVALID_PARAMETERS;
/* THUMB set is not allowed with 64-bit domain */
@@ -82,14 +82,12 @@ static int do_common_cpu_on(register_t target_cpu, register_t entry_point,
domain_lock(d);
rc = arch_set_info_guest(v, ctxt);
+ domain_unlock(d);
+
free_vcpu_guest_context(ctxt);
if ( rc < 0 )
- {
- domain_unlock(d);
return PSCI_DENIED;
- }
- domain_unlock(d);
vcpu_wake(v);
--
2.1.4
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
^ permalink raw reply related [flat|nested] 12+ messages in thread
* Re: [PATCH 1/2] xen/domain: Block more speculative out-of-bound accesses
@ 2019-04-25 8:04 ` Norbert Manthey
0 siblings, 0 replies; 12+ messages in thread
From: Norbert Manthey @ 2019-04-25 8:04 UTC (permalink / raw)
To: Andrew Cooper, Xen-devel
Cc: Julien Grall, Stefano Stabellini, Wei Liu, Jan Beulich,
Roger Pau Monné
On 4/24/19 20:10, Andrew Cooper wrote:
> c/s f8303458 restricted speculative access for do_vcpu_op(), but neglected its
> compat counterpart, which is reachable by guests using the 32bit ABI.
>
> Make an identical adjustment.
>
> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Norbert Manthey <nmanthey@amazon.de>
> ---
> CC: Jan Beulich <JBeulich@suse.com>
> CC: Wei Liu <wei.liu2@citrix.com>
> CC: Roger Pau Monné <roger.pau@citrix.com>
> CC: Stefano Stabellini <sstabellini@kernel.org>
> CC: Julien Grall <julien.grall@arm.com>
> CC: Norbert Manthey <nmanthey@amazon.de>
> ---
> xen/common/compat/domain.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/xen/common/compat/domain.c b/xen/common/compat/domain.c
> index 88bfdc8..39877b3 100644
> --- a/xen/common/compat/domain.c
> +++ b/xen/common/compat/domain.c
> @@ -39,7 +39,7 @@ int compat_vcpu_op(int cmd, unsigned int vcpuid, XEN_GUEST_HANDLE_PARAM(void) ar
> struct vcpu *v;
> int rc = 0;
>
> - if ( vcpuid >= d->max_vcpus || (v = d->vcpu[vcpuid]) == NULL )
> + if ( (v = domain_vcpu(d, vcpuid)) == NULL )
> return -ENOENT;
>
> switch ( cmd )
Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrer: Christian Schlaeger, Ralf Herbrich
Ust-ID: DE 289 237 879
Eingetragen am Amtsgericht Charlottenburg HRB 149173 B
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [Xen-devel] [PATCH 1/2] xen/domain: Block more speculative out-of-bound accesses
@ 2019-04-25 8:04 ` Norbert Manthey
0 siblings, 0 replies; 12+ messages in thread
From: Norbert Manthey @ 2019-04-25 8:04 UTC (permalink / raw)
To: Andrew Cooper, Xen-devel
Cc: Julien Grall, Stefano Stabellini, Wei Liu, Jan Beulich,
Roger Pau Monné
On 4/24/19 20:10, Andrew Cooper wrote:
> c/s f8303458 restricted speculative access for do_vcpu_op(), but neglected its
> compat counterpart, which is reachable by guests using the 32bit ABI.
>
> Make an identical adjustment.
>
> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Norbert Manthey <nmanthey@amazon.de>
> ---
> CC: Jan Beulich <JBeulich@suse.com>
> CC: Wei Liu <wei.liu2@citrix.com>
> CC: Roger Pau Monné <roger.pau@citrix.com>
> CC: Stefano Stabellini <sstabellini@kernel.org>
> CC: Julien Grall <julien.grall@arm.com>
> CC: Norbert Manthey <nmanthey@amazon.de>
> ---
> xen/common/compat/domain.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/xen/common/compat/domain.c b/xen/common/compat/domain.c
> index 88bfdc8..39877b3 100644
> --- a/xen/common/compat/domain.c
> +++ b/xen/common/compat/domain.c
> @@ -39,7 +39,7 @@ int compat_vcpu_op(int cmd, unsigned int vcpuid, XEN_GUEST_HANDLE_PARAM(void) ar
> struct vcpu *v;
> int rc = 0;
>
> - if ( vcpuid >= d->max_vcpus || (v = d->vcpu[vcpuid]) == NULL )
> + if ( (v = domain_vcpu(d, vcpuid)) == NULL )
> return -ENOENT;
>
> switch ( cmd )
Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrer: Christian Schlaeger, Ralf Herbrich
Ust-ID: DE 289 237 879
Eingetragen am Amtsgericht Charlottenburg HRB 149173 B
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH 1/2] xen/domain: Block more speculative out-of-bound accesses
@ 2019-04-25 13:22 ` Jan Beulich
0 siblings, 0 replies; 12+ messages in thread
From: Jan Beulich @ 2019-04-25 13:22 UTC (permalink / raw)
To: Andrew Cooper
Cc: Stefano Stabellini, Wei Liu, Julien Grall, nmanthey, xen-devel,
Roger Pau Monne
>>> On 24.04.19 at 20:10, <andrew.cooper3@citrix.com> wrote:
> c/s f8303458 restricted speculative access for do_vcpu_op(), but neglected its
> compat counterpart, which is reachable by guests using the 32bit ABI.
>
> Make an identical adjustment.
>
> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [Xen-devel] [PATCH 1/2] xen/domain: Block more speculative out-of-bound accesses
@ 2019-04-25 13:22 ` Jan Beulich
0 siblings, 0 replies; 12+ messages in thread
From: Jan Beulich @ 2019-04-25 13:22 UTC (permalink / raw)
To: Andrew Cooper
Cc: Stefano Stabellini, Wei Liu, Julien Grall, nmanthey, xen-devel,
Roger Pau Monne
>>> On 24.04.19 at 20:10, <andrew.cooper3@citrix.com> wrote:
> c/s f8303458 restricted speculative access for do_vcpu_op(), but neglected its
> compat counterpart, which is reachable by guests using the 32bit ABI.
>
> Make an identical adjustment.
>
> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH 2/2] xen/arm: Misc improvements to do_common_cpu_on()
@ 2019-05-08 15:46 ` Julien Grall
0 siblings, 0 replies; 12+ messages in thread
From: Julien Grall @ 2019-05-08 15:46 UTC (permalink / raw)
To: Andrew Cooper, Xen-devel; +Cc: Stefano Stabellini
Hi Andrew,
On 24/04/2019 19:10, Andrew Cooper wrote:
> * Use domain_vcpu() rather than opencoding the lookup. Amongst other things,
> domain_vcpu() is spectre-v1-safe.
> * Unlock the domain immediately after arch_set_info_guest() completes. There
> is no need for free_vcpu_guest_context() to be within the critical region,
> and moving the call simplifies the error case.
>
> No practical change in functionaltiy.
s/functionaltiy/functionality/
>
> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Julien Grall <julien.grall@arm.com>
I will fix up the typo and queue it in my next-4.13 branch.
Cheers,
--
Julien Grall
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [Xen-devel] [PATCH 2/2] xen/arm: Misc improvements to do_common_cpu_on()
@ 2019-05-08 15:46 ` Julien Grall
0 siblings, 0 replies; 12+ messages in thread
From: Julien Grall @ 2019-05-08 15:46 UTC (permalink / raw)
To: Andrew Cooper, Xen-devel; +Cc: Stefano Stabellini
Hi Andrew,
On 24/04/2019 19:10, Andrew Cooper wrote:
> * Use domain_vcpu() rather than opencoding the lookup. Amongst other things,
> domain_vcpu() is spectre-v1-safe.
> * Unlock the domain immediately after arch_set_info_guest() completes. There
> is no need for free_vcpu_guest_context() to be within the critical region,
> and moving the call simplifies the error case.
>
> No practical change in functionaltiy.
s/functionaltiy/functionality/
>
> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Julien Grall <julien.grall@arm.com>
I will fix up the typo and queue it in my next-4.13 branch.
Cheers,
--
Julien Grall
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
^ permalink raw reply [flat|nested] 12+ messages in thread
end of thread, other threads:[~2019-05-08 15:46 UTC | newest]
Thread overview: 12+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-04-24 18:10 [PATCH 0/2] Misc vcpu_op() adjustments Andrew Cooper
2019-04-24 18:10 ` [Xen-devel] " Andrew Cooper
2019-04-24 18:10 ` [PATCH 1/2] xen/domain: Block more speculative out-of-bound accesses Andrew Cooper
2019-04-24 18:10 ` [Xen-devel] " Andrew Cooper
2019-04-25 8:04 ` Norbert Manthey
2019-04-25 8:04 ` [Xen-devel] " Norbert Manthey
2019-04-25 13:22 ` Jan Beulich
2019-04-25 13:22 ` [Xen-devel] " Jan Beulich
2019-04-24 18:10 ` [PATCH 2/2] xen/arm: Misc improvements to do_common_cpu_on() Andrew Cooper
2019-04-24 18:10 ` [Xen-devel] " Andrew Cooper
2019-05-08 15:46 ` Julien Grall
2019-05-08 15:46 ` [Xen-devel] " Julien Grall
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.