From patchwork Tue Jan 12 16:12:32 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Roger_Pau_Monn=C3=A9?= X-Patchwork-Id: 8019081 Return-Path: X-Original-To: patchwork-xen-devel@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork2.web.kernel.org (Postfix) with ESMTP id 247C7BEEE5 for ; Tue, 12 Jan 2016 16:16:34 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 0B3F5203AE for ; Tue, 12 Jan 2016 16:16:33 +0000 (UTC) Received: from lists.xen.org (lists.xenproject.org [50.57.142.19]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id D5003203A9 for ; Tue, 12 Jan 2016 16:16:31 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1aJ1Zg-0004fH-Hi; Tue, 12 Jan 2016 16:13:36 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1aJ1Ze-0004ev-Nz for xen-devel@lists.xenproject.org; Tue, 12 Jan 2016 16:13:34 +0000 Received: from [85.158.139.211] by server-13.bemta-5.messagelabs.com id 58/51-06091-E2625965; Tue, 12 Jan 2016 16:13:34 +0000 X-Env-Sender: prvs=812c9b64b=roger.pau@citrix.com X-Msg-Ref: server-11.tower-206.messagelabs.com!1452615211!15409978!2 X-Originating-IP: [66.165.176.63] X-SpamReason: No, hits=0.0 required=7.0 tests=sa_preprocessor: VHJ1c3RlZCBJUDogNjYuMTY1LjE3Ni42MyA9PiAzMDYwNDg=\n, received_headers: No Received headers X-StarScan-Received: X-StarScan-Version: 7.35.1; banners=-,-,- X-VirusChecked: Checked Received: (qmail 3210 invoked from network); 12 Jan 2016 16:13:33 -0000 Received: from smtp02.citrix.com (HELO SMTP02.CITRIX.COM) (66.165.176.63) by server-11.tower-206.messagelabs.com with RC4-SHA encrypted SMTP; 12 Jan 2016 16:13:33 -0000 X-IronPort-AV: E=Sophos;i="5.20,558,1444694400"; d="scan'208";a="330676074" From: Roger Pau Monne To: Date: Tue, 12 Jan 2016 17:12:32 +0100 Message-ID: <1452615153-67387-2-git-send-email-roger.pau@citrix.com> X-Mailer: git-send-email 1.9.5 (Apple Git-50.3) In-Reply-To: <1452615153-67387-1-git-send-email-roger.pau@citrix.com> References: <1452615153-67387-1-git-send-email-roger.pau@citrix.com> MIME-Version: 1.0 X-DLP: MIA2 Cc: Andrew Cooper , Jan Beulich , Roger Pau Monne Subject: [Xen-devel] [PATCH v6 1/2] xen/hvm: introduce a flags field in the CPU save record X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_MED, UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Introduce a new flags field and use bit 0 to signal if the FPU has been initialised or not. Previously Xen always wrongly assumed the FPU was initialised on restore. Signed-off-by: Roger Pau Monné --- Cc: Jan Beulich Cc: Andrew Cooper --- Changes since v5: - Adapt the code due to the changes introduced by XSA-165. Changes since v4: - Zero the fpu save area if the FPU is not initialised. This avoids leaking hypervisor data. - Due to the previous patch in this series, slightly rework the way to load the FPU state in a xsave capable host. Changes since v3: - Don't add a comment in the compat structure regaring the fpu_initialised field. - Rename fpu_initialised to flags and use it as a bit field. Bit 0 will be used to signal whether the fpu is initialised. - Only save the fpu context if it's initialised. - Only restore the fpu context from the save record if the fpu is initialised. - Check that unused bits in the flags field are 0. Changes since v1: - Don't add yet another compat structure, new fields should always be added to the end of the existing structure and offsetof should be used to compare sizes. - Leave the previous compat structure as-is, since the field was not added to the end we cannot remove it and use offsetof in this case. - Set xstate_bv based on fpu_initialised value instead of unconditionally setting it to XSTATE_FP_SSE. --- xen/arch/x86/hvm/hvm.c | 42 ++++++++++++++++++++++------------ xen/include/public/arch-x86/hvm/save.h | 27 ++++++++++++++++------ 2 files changed, 48 insertions(+), 21 deletions(-) diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c index 787b7de..79ec90f 100644 --- a/xen/arch/x86/hvm/hvm.c +++ b/xen/arch/x86/hvm/hvm.c @@ -1797,9 +1797,15 @@ static int hvm_save_cpu_ctxt(struct domain *d, hvm_domain_context_t *h) ctxt.ldtr_arbytes = seg.attr.bytes; if ( v->fpu_initialised ) + { memcpy(ctxt.fpu_regs, v->arch.fpu_ctxt, sizeof(ctxt.fpu_regs)); - else - memset(ctxt.fpu_regs, 0, sizeof(ctxt.fpu_regs)); + ctxt.flags = XEN_X86_FPU_INITIALISED; + } + else + { + memset(ctxt.fpu_regs, 0, sizeof(ctxt.fpu_regs)); + ctxt.flags = 0; + } ctxt.rax = v->arch.user_regs.eax; ctxt.rbx = v->arch.user_regs.ebx; @@ -1981,7 +1987,7 @@ static int hvm_load_cpu_ctxt(struct domain *d, hvm_domain_context_t *h) return -EINVAL; } - if ( hvm_load_entry(CPU, h, &ctxt) != 0 ) + if ( hvm_load_entry_zeroextend(CPU, h, &ctxt) != 0 ) return -EINVAL; /* Sanity check some control registers. */ @@ -2009,6 +2015,13 @@ static int hvm_load_cpu_ctxt(struct domain *d, hvm_domain_context_t *h) return -EINVAL; } + if ( (ctxt.flags & ~XEN_X86_FPU_INITIALISED) != 0 ) + { + gprintk(XENLOG_ERR, "bad flags value in CPU context: %#x\n", + ctxt.flags); + return -EINVAL; + } + /* Older Xen versions used to save the segment arbytes directly * from the VMCS on Intel hosts. Detect this and rearrange them * into the struct segment_register format. */ @@ -2087,19 +2100,21 @@ static int hvm_load_cpu_ctxt(struct domain *d, hvm_domain_context_t *h) seg.attr.bytes = ctxt.ldtr_arbytes; hvm_set_segment_register(v, x86_seg_ldtr, &seg); - /* In case xsave-absent save file is restored on a xsave-capable host */ - if ( cpu_has_xsave && !xsave_enabled(v) ) + v->fpu_initialised = !!(ctxt.flags & XEN_X86_FPU_INITIALISED); + if ( v->fpu_initialised ) { - struct xsave_struct *xsave_area = v->arch.xsave_area; + memcpy(v->arch.fpu_ctxt, ctxt.fpu_regs, sizeof(ctxt.fpu_regs)); + /* In case xsave-absent save file is restored on a xsave-capable host */ + if ( cpu_has_xsave && !xsave_enabled(v) ) + { + struct xsave_struct *xsave_area = v->arch.xsave_area; - memcpy(v->arch.xsave_area, ctxt.fpu_regs, sizeof(ctxt.fpu_regs)); - xsave_area->xsave_hdr.xstate_bv = XSTATE_FP_SSE; - if ( cpu_has_xsaves || cpu_has_xsavec ) - xsave_area->xsave_hdr.xcomp_bv = XSTATE_FP_SSE | - XSTATE_COMPACTION_ENABLED; + xsave_area->xsave_hdr.xstate_bv = XSTATE_FP_SSE; + if ( cpu_has_xsaves || cpu_has_xsavec ) + xsave_area->xsave_hdr.xcomp_bv = XSTATE_FP_SSE | + XSTATE_COMPACTION_ENABLED; + } } - else - memcpy(v->arch.fpu_ctxt, ctxt.fpu_regs, sizeof(ctxt.fpu_regs)); v->arch.user_regs.eax = ctxt.rax; v->arch.user_regs.ebx = ctxt.rbx; @@ -2127,7 +2142,6 @@ static int hvm_load_cpu_ctxt(struct domain *d, hvm_domain_context_t *h) v->arch.debugreg[7] = ctxt.dr7; v->arch.vgc_flags = VGCF_online; - v->fpu_initialised = 1; /* Auxiliary processors should be woken immediately. */ v->is_initialised = 1; diff --git a/xen/include/public/arch-x86/hvm/save.h b/xen/include/public/arch-x86/hvm/save.h index 29d513c..b6b1bf8 100644 --- a/xen/include/public/arch-x86/hvm/save.h +++ b/xen/include/public/arch-x86/hvm/save.h @@ -47,7 +47,9 @@ DECLARE_HVM_SAVE_TYPE(HEADER, 1, struct hvm_save_header); /* * Processor * - * Compat: Pre-3.4 didn't have msr_tsc_aux + * Compat: + * - Pre-3.4 didn't have msr_tsc_aux + * - Pre-4.7 didn't have fpu_initialised */ struct hvm_hw_cpu { @@ -157,6 +159,10 @@ struct hvm_hw_cpu { }; /* error code for pending event */ uint32_t error_code; + +#define _XEN_X86_FPU_INITIALISED 0 +#define XEN_X86_FPU_INITIALISED (1U<<_XEN_X86_FPU_INITIALISED) + uint32_t flags; }; struct hvm_hw_cpu_compat { @@ -275,12 +281,19 @@ static inline int _hvm_hw_fix_cpu(void *h, uint32_t size) { struct hvm_hw_cpu_compat cmp; } *ucpu = (union hvm_hw_cpu_union *)h; - /* If we copy from the end backwards, we should - * be able to do the modification in-place */ - ucpu->nat.error_code = ucpu->cmp.error_code; - ucpu->nat.pending_event = ucpu->cmp.pending_event; - ucpu->nat.tsc = ucpu->cmp.tsc; - ucpu->nat.msr_tsc_aux = 0; + if ( size == sizeof(struct hvm_hw_cpu_compat) ) + { + /* + * If we copy from the end backwards, we should + * be able to do the modification in-place. + */ + ucpu->nat.error_code = ucpu->cmp.error_code; + ucpu->nat.pending_event = ucpu->cmp.pending_event; + ucpu->nat.tsc = ucpu->cmp.tsc; + ucpu->nat.msr_tsc_aux = 0; + } + /* Mimic the old behaviour by unconditionally setting fpu_initialised. */ + ucpu->nat.flags = XEN_X86_FPU_INITIALISED; return 0; }