[PATCH] x86/shadow: depend on PV || HVM

[PATCH] x86/shadow: depend on PV || HVM

[Jan Beulich]

With the building of guest_?.o now depending on PV or HVM, without
further #ifdef-ary shadow code won't link anymore when !PV && !HVM.
Since this isn't a useful configuration anyway, exclude shadow code from
being built in this case.

Fixes: aff8bf94ce65 ("x86/shadow: only 4-level guest code needs building when !HVM")
Reported-by: Andrew Cooper <andrew.cooper3@citrix.com>
Signed-off-by: Jan Beulich <jbeulich@suse.com>

--- a/xen/arch/x86/Kconfig
+++ b/xen/arch/x86/Kconfig
@@ -121,6 +121,7 @@ config XEN_SHSTK
 config SHADOW_PAGING
 	bool "Shadow Paging"
 	default !PV_SHIM_EXCLUSIVE
+	depends on PV || HVM
 	---help---
 
           Shadow paging is a software alternative to hardware paging support

Re: [PATCH] x86/shadow: depend on PV || HVM

[Andrew Cooper]

On 16/04/2021 13:32, Jan Beulich wrote:
> With the building of guest_?.o now depending on PV or HVM, without
> further #ifdef-ary shadow code won't link anymore when !PV && !HVM.
> Since this isn't a useful configuration anyway, exclude shadow code from
> being built in this case.
>
> Fixes: aff8bf94ce65 ("x86/shadow: only 4-level guest code needs building when !HVM")
> Reported-by: Andrew Cooper <andrew.cooper3@citrix.com>
> Signed-off-by: Jan Beulich <jbeulich@suse.com>
>
> --- a/xen/arch/x86/Kconfig
> +++ b/xen/arch/x86/Kconfig
> @@ -121,6 +121,7 @@ config XEN_SHSTK
>  config SHADOW_PAGING
>  	bool "Shadow Paging"
>  	default !PV_SHIM_EXCLUSIVE

Hang on - this is bug, and is what needs dropping.

PV Shim uses Shadow, in default configurations, for L1TF protections to
keep userspace out of the guest kernel.  Without it, the shim'd guest
will be crashed when it writes an L1TF-vulnerable PTE.

OSSTest ought to have blocked this as a regression, but I suspect its
not running the XTF PV guests in shim mode.

~Andrew

Re: [PATCH] x86/shadow: depend on PV || HVM

[Jan Beulich]

On 16.04.2021 14:39, Andrew Cooper wrote:
> On 16/04/2021 13:32, Jan Beulich wrote:
>> With the building of guest_?.o now depending on PV or HVM, without
>> further #ifdef-ary shadow code won't link anymore when !PV && !HVM.
>> Since this isn't a useful configuration anyway, exclude shadow code from
>> being built in this case.
>>
>> Fixes: aff8bf94ce65 ("x86/shadow: only 4-level guest code needs building when !HVM")
>> Reported-by: Andrew Cooper <andrew.cooper3@citrix.com>
>> Signed-off-by: Jan Beulich <jbeulich@suse.com>
>>
>> --- a/xen/arch/x86/Kconfig
>> +++ b/xen/arch/x86/Kconfig
>> @@ -121,6 +121,7 @@ config XEN_SHSTK
>>  config SHADOW_PAGING
>>  	bool "Shadow Paging"
>>  	default !PV_SHIM_EXCLUSIVE
> 
> Hang on - this is bug, and is what needs dropping.
> 
> PV Shim uses Shadow, in default configurations, for L1TF protections to
> keep userspace out of the guest kernel.  Without it, the shim'd guest
> will be crashed when it writes an L1TF-vulnerable PTE.
> 
> OSSTest ought to have blocked this as a regression, but I suspect its
> not running the XTF PV guests in shim mode.

One thing at a time please - if there's an issue here, this wants
addressing in a separate change (which then also may need
backporting).

Jan