From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Jan Beulich" Subject: [PATCH v3 3/4] x86: use optimal NOPs to fill the SMEP/SMAP placeholders Date: Thu, 17 Mar 2016 02:03:50 -0600 Message-ID: <56EA72F602000078000DD933@prv-mh.provo.novell.com> References: <56D97AC102000078000D9537@prv-mh.provo.novell.com> <56E14FF502000078000DB232@prv-mh.provo.novell.com> <56E9A0DB02000078000DD54C@prv-mh.provo.novell.com> <56EA6FDF02000078000DD8FB@prv-mh.provo.novell.com> <56EA6FDF02000078000DD8FB@prv-mh.provo.novell.com> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=__Part4671F7F6.2__=" Return-path: Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1agSuR-0004Oj-FI for xen-devel@lists.xenproject.org; Thu, 17 Mar 2016 08:03:55 +0000 In-Reply-To: <56EA6FDF02000078000DD8FB@prv-mh.provo.novell.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xen.org Sender: "Xen-devel" To: xen-devel Cc: Andrew Cooper , Keir Fraser , Feng Wu List-Id: xen-devel@lists.xenproject.org This is a MIME message. If you are reading this text, you may want to consider changing to a mail reader or gateway that understands how to properly handle MIME multipart messages. --=__Part4671F7F6.2__= Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Alternatives patching code picks the most suitable NOPs for the running system, so simply use it to replace the pre-populated ones. Use an arbitrary, always available feature to key off from, but hide this behind the new X86_FEATURE_ALWAYS. Signed-off-by: Jan Beulich --- v3: Re-base. v2: Introduce and use X86_FEATURE_ALWAYS. --- a/xen/arch/x86/x86_64/compat/entry.S +++ b/xen/arch/x86/x86_64/compat/entry.S @@ -175,12 +175,7 @@ compat_bad_hypercall: ENTRY(compat_restore_all_guest) ASSERT_INTERRUPTS_DISABLED .Lcr4_orig: - ASM_NOP8 /* testb $3,UREGS_cs(%rsp) */ - ASM_NOP2 /* jpe .Lcr4_alt_end */ - ASM_NOP8 /* mov CPUINFO_cr4...(%rsp), %rax */ - ASM_NOP6 /* and $..., %rax */ - ASM_NOP8 /* mov %rax, CPUINFO_cr4...(%rsp) */ - ASM_NOP3 /* mov %rax, %cr4 */ + .skip (.Lcr4_alt_end - .Lcr4_alt) - (. - .Lcr4_orig), 0x90 .Lcr4_orig_end: .pushsection .altinstr_replacement, "ax" .Lcr4_alt: @@ -192,6 +187,7 @@ ENTRY(compat_restore_all_guest) mov %rax, %cr4 .Lcr4_alt_end: .section .altinstructions, "a" + altinstruction_entry .Lcr4_orig, .Lcr4_orig, X86_FEATURE_ALWAYS, = 12, 0 altinstruction_entry .Lcr4_orig, .Lcr4_alt, X86_FEATURE_SMEP, \ (.Lcr4_orig_end - .Lcr4_orig), \ (.Lcr4_alt_end - .Lcr4_alt) --- a/xen/include/asm-x86/asm_defns.h +++ b/xen/include/asm-x86/asm_defns.h @@ -204,6 +204,7 @@ void ret_from_intr(void); 662: __ASM_##op; \ .popsection; \ .pushsection .altinstructions, "a"; \ + altinstruction_entry 661b, 661b, X86_FEATURE_ALWAYS, 3, 0; \ altinstruction_entry 661b, 662b, X86_FEATURE_SMAP, 3, 3; \ .popsection =20 @@ -215,6 +216,7 @@ void ret_from_intr(void); .pushsection .altinstr_replacement, "ax"; \ 668: call cr4_pv32_restore; \ .section .altinstructions, "a"; \ + altinstruction_entry 667b, 667b, X86_FEATURE_ALWAYS, 5, 0; \ altinstruction_entry 667b, 668b, X86_FEATURE_SMEP, 5, 5; \ altinstruction_entry 667b, 668b, X86_FEATURE_SMAP, 5, 5; \ .popsection --- a/xen/include/asm-x86/cpufeature.h +++ b/xen/include/asm-x86/cpufeature.h @@ -162,6 +162,9 @@ #define cpufeat_bit(idx) ((idx) % 32) #define cpufeat_mask(idx) (_AC(1, U) << cpufeat_bit(idx)) =20 +/* An alias of a feature we know is always going to be present. */ +#define X86_FEATURE_ALWAYS X86_FEATURE_LM + #if !defined(__ASSEMBLY__) && !defined(X86_FEATURES_ONLY) #include =20 --=__Part4671F7F6.2__= Content-Type: text/plain; name="x86-SMEP-SMAP-NOPs.patch" Content-Transfer-Encoding: quoted-printable Content-Disposition: attachment; filename="x86-SMEP-SMAP-NOPs.patch" x86: use optimal NOPs to fill the SMEP/SMAP placeholders=0A=0AAlternatives = patching code picks the most suitable NOPs for the=0Arunning system, so = simply use it to replace the pre-populated ones.=0A=0AUse an arbitrary, = always available feature to key off from, but=0Ahide this behind the new = X86_FEATURE_ALWAYS.=0A=0ASigned-off-by: Jan Beulich =0A-= --=0Av3: Re-base.=0Av2: Introduce and use X86_FEATURE_ALWAYS.=0A=0A--- = a/xen/arch/x86/x86_64/compat/entry.S=0A+++ b/xen/arch/x86/x86_64/compat/ent= ry.S=0A@@ -175,12 +175,7 @@ compat_bad_hypercall:=0A ENTRY(compat_restore_a= ll_guest)=0A ASSERT_INTERRUPTS_DISABLED=0A .Lcr4_orig:=0A- = ASM_NOP8 /* testb $3,UREGS_cs(%rsp) */=0A- ASM_NOP2 /* jpe = .Lcr4_alt_end */=0A- ASM_NOP8 /* mov CPUINFO_cr4...(%rsp), %rax = */=0A- ASM_NOP6 /* and $..., %rax */=0A- ASM_NOP8 /* mov = %rax, CPUINFO_cr4...(%rsp) */=0A- ASM_NOP3 /* mov %rax, %cr4 = */=0A+ .skip (.Lcr4_alt_end - .Lcr4_alt) - (. - .Lcr4_orig), = 0x90=0A .Lcr4_orig_end:=0A .pushsection .altinstr_replacement, = "ax"=0A .Lcr4_alt:=0A@@ -192,6 +187,7 @@ ENTRY(compat_restore_all_guest)=0A= mov %rax, %cr4=0A .Lcr4_alt_end:=0A .section .altinstruc= tions, "a"=0A+ altinstruction_entry .Lcr4_orig, .Lcr4_orig, = X86_FEATURE_ALWAYS, 12, 0=0A altinstruction_entry .Lcr4_orig, = .Lcr4_alt, X86_FEATURE_SMEP, \=0A (.Lcr4_orig_= end - .Lcr4_orig), \=0A (.Lcr4_alt_end - = .Lcr4_alt)=0A--- a/xen/include/asm-x86/asm_defns.h=0A+++ b/xen/include/asm-= x86/asm_defns.h=0A@@ -204,6 +204,7 @@ void ret_from_intr(void);=0A = 662: __ASM_##op; \=0A = .popsection; \=0A = .pushsection .altinstructions, "a"; \=0A+ = altinstruction_entry 661b, 661b, X86_FEATURE_ALWAYS, 3, 0; \=0A = altinstruction_entry 661b, 662b, X86_FEATURE_SMAP, 3, 3; \=0A = .popsection=0A =0A@@ -215,6 +216,7 @@ void ret_from_intr(void);=0A = .pushsection .altinstr_replacement, "ax"; \=0A = 668: call cr4_pv32_restore; \=0A = .section .altinstructions, "a"; \=0A+ = altinstruction_entry 667b, 667b, X86_FEATURE_ALWAYS, 5, 0; \=0A = altinstruction_entry 667b, 668b, X86_FEATURE_SMEP, 5, 5; \=0A = altinstruction_entry 667b, 668b, X86_FEATURE_SMAP, 5, 5; \=0A = .popsection=0A--- a/xen/include/asm-x86/cpufeature.h=0A+++ b/xen/include/as= m-x86/cpufeature.h=0A@@ -162,6 +162,9 @@=0A #define cpufeat_bit(idx) = ((idx) % 32)=0A #define cpufeat_mask(idx) (_AC(1, U) << cpufeat_bit(i= dx))=0A =0A+/* An alias of a feature we know is always going to be = present. */=0A+#define X86_FEATURE_ALWAYS X86_FEATURE_LM=0A+=0A #if = !defined(__ASSEMBLY__) && !defined(X86_FEATURES_ONLY)=0A #include = =0A =0A --=__Part4671F7F6.2__= Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KWGVuLWRldmVs IG1haWxpbmcgbGlzdApYZW4tZGV2ZWxAbGlzdHMueGVuLm9yZwpodHRwOi8vbGlzdHMueGVuLm9y Zy94ZW4tZGV2ZWwK --=__Part4671F7F6.2__=--