xen-devel.lists.xenproject.org archive mirror
 help / color / mirror / Atom feed
From: Julien Grall <julien.grall@arm.com>
To: Shanker Donthineni <shankerd@codeaurora.org>,
	Stefano Stabellini <stefano.stabellini@eu.citrix.com>,
	xen-devel@lists.xensource.com
Cc: Vikram Sethi <vikrams@codeaurora.org>,
	Philip Elcan <pelcan@codeaurora.org>,
	Ian Campbell <ian.campbell@citrix.com>,
	Jan Beulich <jbeulich@suse.com>
Subject: Re: [PATCH] xen: arm: zero EL2 pagetable pages before use
Date: Mon, 14 Mar 2016 07:37:08 +0000	[thread overview]
Message-ID: <56E66A24.3090104@arm.com> (raw)
In-Reply-To: <1457647206-9436-1-git-send-email-shankerd@codeaurora.org>

Hi Shanker,

On 11/03/2016 05:00, Shanker Donthineni wrote:
> From: Vikram Sethi <vikrams@codeaurora.org>
>
> arch/arm/mm.c has 2 uses of alloc_boot_pages which are used for
> pagetables, but the allocated pages are not zeroed. This can cause
> crashes on CPUs with aggressive prefetching when they find 'valid'
> entries in the page tables but which are really uninitialized.
> Memset the allocated pages before use.

I first thought the problem was related to break-before-make mandate by 
the ARM architecture (see D4-1732 in ARM DDI 0487A.i) when the page 
tables are modified in a certain way, but neither the frame table noor 
the xen heap are used before the TLBs are nuked.

I would like to see more details in the commit message about the crash 
and why (based on the spec) clearing the page is the right solution.

Note that I think clearing the page is good to avoid polluting the TLBs 
with bogus entries and get better crash log.

> Change-Id: I517ca45ca240766dfbf1d6884c044c377babab7d

What this line for?

> Signed-off-by: Vikram Sethi <vikrams@codeaurora.org>
> Signed-off-by: Shanker Donthineni <shankerd@codeaurora.org>
> ---
>   xen/arch/arm/mm.c | 2 ++
>   1 file changed, 2 insertions(+)
>
> diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c
> index 81f9e2e..215ec93 100644
> --- a/xen/arch/arm/mm.c
> +++ b/xen/arch/arm/mm.c
> @@ -730,6 +730,7 @@ void __init setup_xenheap_mappings(unsigned long base_mfn,
>           else
>           {
>               unsigned long first_mfn = alloc_boot_pages(1, 1);
> +            memset(mfn_to_virt(first_mfn), 0, PAGE_SIZE);

You can move "first = mfn_to_virt(first_mfn)" earlier and re-use first here.

>               pte = mfn_to_xen_entry(first_mfn, WRITEALLOC);
>               pte.pt.table = 1;
>               write_pte(p, pte);
> @@ -771,6 +772,7 @@ void __init setup_frametable_mappings(paddr_t ps, paddr_t pe)
>       nr_second = frametable_size >> SECOND_SHIFT;
>       second_base = alloc_boot_pages(nr_second, 1);
>       second = mfn_to_virt(second_base);
> +    memset(second, 0, nr_second * PAGE_SIZE);
>       for ( i = 0; i < nr_second; i++ )
>       {
>           pte = mfn_to_xen_entry(second_base + i, WRITEALLOC);
>

Regards,

-- 
Julien Grall

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

      parent reply	other threads:[~2016-03-14  7:37 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-03-10 22:00 [PATCH] xen: arm: zero EL2 pagetable pages before use Shanker Donthineni
2016-03-11 11:29 ` Jan Beulich
2016-03-11 12:56   ` Andrew Cooper
2016-03-11 13:13     ` Jan Beulich
2016-03-11 13:24       ` Andrew Cooper
2016-03-12 16:03         ` Julien Grall
2016-03-14 17:18           ` Shanker Donthineni
2016-03-15 17:37             ` Julien Grall
2016-03-12 14:32   ` Julien Grall
2016-03-14  7:37 ` Julien Grall [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=56E66A24.3090104@arm.com \
    --to=julien.grall@arm.com \
    --cc=ian.campbell@citrix.com \
    --cc=jbeulich@suse.com \
    --cc=pelcan@codeaurora.org \
    --cc=shankerd@codeaurora.org \
    --cc=stefano.stabellini@eu.citrix.com \
    --cc=vikrams@codeaurora.org \
    --cc=xen-devel@lists.xensource.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).