From patchwork Fri Feb 5 13:42:22 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrew Cooper X-Patchwork-Id: 8234661 Return-Path: X-Original-To: patchwork-xen-devel@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork2.web.kernel.org (Postfix) with ESMTP id AA93FBEEE5 for ; Fri, 5 Feb 2016 14:04:11 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 4CCE720390 for ; Fri, 5 Feb 2016 14:04:10 +0000 (UTC) Received: from lists.xen.org (lists.xenproject.org [50.57.142.19]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id AEF3C20389 for ; Fri, 5 Feb 2016 14:04:07 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1aRgxh-0000Lj-7T; Fri, 05 Feb 2016 14:02:13 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1aRgxe-0000Ab-Bt for xen-devel@lists.xen.org; Fri, 05 Feb 2016 14:02:10 +0000 Received: from [193.109.254.147] by server-10.bemta-14.messagelabs.com id F8/32-25438-26BA4B65; Fri, 05 Feb 2016 14:02:10 +0000 X-Env-Sender: prvs=8364524b4=Andrew.Cooper3@citrix.com X-Msg-Ref: server-6.tower-27.messagelabs.com!1454680920!21830103!7 X-Originating-IP: [66.165.176.89] X-SpamReason: No, hits=0.0 required=7.0 tests=sa_preprocessor: VHJ1c3RlZCBJUDogNjYuMTY1LjE3Ni44OSA9PiAyMDMwMDc=\n, received_headers: No Received headers X-StarScan-Received: X-StarScan-Version: 7.35.1; banners=-,-,- X-VirusChecked: Checked Received: (qmail 51929 invoked from network); 5 Feb 2016 14:02:08 -0000 Received: from smtp.citrix.com (HELO SMTP.CITRIX.COM) (66.165.176.89) by server-6.tower-27.messagelabs.com with RC4-SHA encrypted SMTP; 5 Feb 2016 14:02:08 -0000 X-IronPort-AV: E=Sophos;i="5.22,400,1449532800"; d="scan'208";a="329920319" From: Andrew Cooper To: Xen-devel Date: Fri, 5 Feb 2016 13:42:22 +0000 Message-ID: <1454679743-18133-30-git-send-email-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.1.4 In-Reply-To: <1454679743-18133-1-git-send-email-andrew.cooper3@citrix.com> References: <1454679743-18133-1-git-send-email-andrew.cooper3@citrix.com> MIME-Version: 1.0 X-DLP: MIA2 Cc: Andrew Cooper , Ian Jackson , Ian Campbell , Wei Liu Subject: [Xen-devel] [PATCH v2 29/30] tools/libxc: Use featuresets rather than guesswork X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_MED, UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP It is conceptually wrong to base a VM's featureset on the features visible to the toolstack which happens to construct it. Instead, the featureset used is either an explicit one passed by the toolstack, or the default which Xen believes it can give to the guest. Collect all the feature manipulation into a single function which adjusts the featureset, and perform deep dependency removal. Signed-off-by: Andrew Cooper Acked-by: Wei Liu --- CC: Ian Campbell CC: Ian Jackson CC: Wei Liu v2: Join several related patches together --- tools/libxc/xc_cpuid_x86.c | 331 ++++++++++++++++----------------------------- 1 file changed, 119 insertions(+), 212 deletions(-) diff --git a/tools/libxc/xc_cpuid_x86.c b/tools/libxc/xc_cpuid_x86.c index e762d73..0e79812 100644 --- a/tools/libxc/xc_cpuid_x86.c +++ b/tools/libxc/xc_cpuid_x86.c @@ -21,18 +21,22 @@ #include #include +#include #include "xc_private.h" +#include "xc_bitops.h" #include "_xc_cpuid_autogen.h" #include #include +#define featureword_of(idx) ((idx) >> 5) #define bitmaskof(idx) (1u << ((idx) & 31)) -#define clear_bit(idx, dst) ((dst) &= ~bitmaskof(idx)) -#define set_bit(idx, dst) ((dst) |= bitmaskof(idx)) +#define clear_feature(idx, dst) ((dst) &= ~bitmaskof(idx)) +#define set_feature(idx, dst) ((dst) |= bitmaskof(idx)) #define DEF_MAX_BASE 0x0000000du #define DEF_MAX_INTELEXT 0x80000008u #define DEF_MAX_AMDEXT 0x8000001cu +#define COMMON_1D INIT_COMMON_FEATURES int xc_get_cpu_featureset(xc_interface *xch, uint32_t index, uint32_t *nr_features, uint32_t *featureset) @@ -304,38 +308,6 @@ static void amd_xc_cpuid_policy(xc_interface *xch, regs[0] = DEF_MAX_AMDEXT; break; - case 0x80000001: { - if ( !info->pae ) - clear_bit(X86_FEATURE_PAE, regs[3]); - - /* Filter all other features according to a whitelist. */ - regs[2] &= (bitmaskof(X86_FEATURE_LAHF_LM) | - bitmaskof(X86_FEATURE_CMP_LEGACY) | - (info->nestedhvm ? bitmaskof(X86_FEATURE_SVM) : 0) | - bitmaskof(X86_FEATURE_CR8_LEGACY) | - bitmaskof(X86_FEATURE_ABM) | - bitmaskof(X86_FEATURE_SSE4A) | - bitmaskof(X86_FEATURE_MISALIGNSSE) | - bitmaskof(X86_FEATURE_3DNOWPREFETCH) | - bitmaskof(X86_FEATURE_OSVW) | - bitmaskof(X86_FEATURE_XOP) | - bitmaskof(X86_FEATURE_LWP) | - bitmaskof(X86_FEATURE_FMA4) | - bitmaskof(X86_FEATURE_TBM) | - bitmaskof(X86_FEATURE_DBEXT)); - regs[3] &= (0x0183f3ff | /* features shared with 0x00000001:EDX */ - bitmaskof(X86_FEATURE_NX) | - bitmaskof(X86_FEATURE_LM) | - bitmaskof(X86_FEATURE_PAGE1GB) | - bitmaskof(X86_FEATURE_SYSCALL) | - bitmaskof(X86_FEATURE_MP) | - bitmaskof(X86_FEATURE_MMXEXT) | - bitmaskof(X86_FEATURE_FFXSR) | - bitmaskof(X86_FEATURE_3DNOW) | - bitmaskof(X86_FEATURE_3DNOWEXT)); - break; - } - case 0x80000008: /* * ECX[15:12] is ApicIdCoreSize: ECX[7:0] is NumberOfCores (minus one). @@ -382,12 +354,6 @@ static void intel_xc_cpuid_policy(xc_interface *xch, { switch ( input[0] ) { - case 0x00000001: - /* ECX[5] is availability of VMX */ - if ( info->nestedhvm ) - set_bit(X86_FEATURE_VMXE, regs[2]); - break; - case 0x00000004: /* * EAX[31:26] is Maximum Cores Per Package (minus one). @@ -403,19 +369,6 @@ static void intel_xc_cpuid_policy(xc_interface *xch, regs[0] = DEF_MAX_INTELEXT; break; - case 0x80000001: { - /* Only a few features are advertised in Intel's 0x80000001. */ - regs[2] &= (bitmaskof(X86_FEATURE_LAHF_LM) | - bitmaskof(X86_FEATURE_3DNOWPREFETCH) | - bitmaskof(X86_FEATURE_ABM)); - regs[3] &= (bitmaskof(X86_FEATURE_NX) | - bitmaskof(X86_FEATURE_LM) | - bitmaskof(X86_FEATURE_PAGE1GB) | - bitmaskof(X86_FEATURE_SYSCALL) | - bitmaskof(X86_FEATURE_RDTSCP)); - break; - } - case 0x80000005: regs[0] = regs[1] = regs[2] = 0; break; @@ -467,11 +420,8 @@ static void xc_cpuid_config_xsave(xc_interface *xch, regs[1] = 512 + 64; /* FP/SSE + XSAVE.HEADER */ break; case 1: /* leaf 1 */ - regs[0] &= (XSAVEOPT | XSAVEC | XGETBV1 | XSAVES); - if ( !info->hvm ) - regs[0] &= ~XSAVES; - regs[2] &= info->xfeature_mask; - regs[3] = 0; + regs[0] = info->featureset[featureword_of(X86_FEATURE_XSAVEOPT)]; + regs[1] = regs[2] = regs[3] = 0; break; case 2 ... 63: /* sub-leaves */ if ( !(info->xfeature_mask & (1ULL << input[1])) ) @@ -503,82 +453,22 @@ static void xc_cpuid_hvm_policy(xc_interface *xch, */ regs[1] = (regs[1] & 0x0000ffffu) | ((regs[1] & 0x007f0000u) << 1); - regs[2] &= (bitmaskof(X86_FEATURE_XMM3) | - bitmaskof(X86_FEATURE_PCLMULQDQ) | - bitmaskof(X86_FEATURE_SSSE3) | - bitmaskof(X86_FEATURE_FMA) | - bitmaskof(X86_FEATURE_CX16) | - bitmaskof(X86_FEATURE_PCID) | - bitmaskof(X86_FEATURE_SSE4_1) | - bitmaskof(X86_FEATURE_SSE4_2) | - bitmaskof(X86_FEATURE_MOVBE) | - bitmaskof(X86_FEATURE_POPCNT) | - bitmaskof(X86_FEATURE_AES) | - bitmaskof(X86_FEATURE_F16C) | - bitmaskof(X86_FEATURE_RDRAND) | - ((info->xfeature_mask != 0) ? - (bitmaskof(X86_FEATURE_AVX) | - bitmaskof(X86_FEATURE_XSAVE)) : 0)); - - regs[2] |= (bitmaskof(X86_FEATURE_HYPERVISOR) | - bitmaskof(X86_FEATURE_TSC_DEADLINE) | - bitmaskof(X86_FEATURE_X2APIC)); - - regs[3] &= (bitmaskof(X86_FEATURE_FPU) | - bitmaskof(X86_FEATURE_VME) | - bitmaskof(X86_FEATURE_DE) | - bitmaskof(X86_FEATURE_PSE) | - bitmaskof(X86_FEATURE_TSC) | - bitmaskof(X86_FEATURE_MSR) | - bitmaskof(X86_FEATURE_PAE) | - bitmaskof(X86_FEATURE_MCE) | - bitmaskof(X86_FEATURE_CX8) | - bitmaskof(X86_FEATURE_APIC) | - bitmaskof(X86_FEATURE_SEP) | - bitmaskof(X86_FEATURE_MTRR) | - bitmaskof(X86_FEATURE_PGE) | - bitmaskof(X86_FEATURE_MCA) | - bitmaskof(X86_FEATURE_CMOV) | - bitmaskof(X86_FEATURE_PAT) | - bitmaskof(X86_FEATURE_CLFLSH) | - bitmaskof(X86_FEATURE_PSE36) | - bitmaskof(X86_FEATURE_MMX) | - bitmaskof(X86_FEATURE_FXSR) | - bitmaskof(X86_FEATURE_XMM) | - bitmaskof(X86_FEATURE_XMM2) | - bitmaskof(X86_FEATURE_HT)); - - /* We always support MTRR MSRs. */ - regs[3] |= bitmaskof(X86_FEATURE_MTRR); - - if ( !info->pae ) - { - clear_bit(X86_FEATURE_PAE, regs[3]); - clear_bit(X86_FEATURE_PSE36, regs[3]); - } + regs[2] = info->featureset[featureword_of(X86_FEATURE_XMM3)]; + regs[3] = info->featureset[featureword_of(X86_FEATURE_FPU)]; break; case 0x00000007: /* Intel-defined CPU features */ - if ( input[1] == 0 ) { - regs[1] &= (bitmaskof(X86_FEATURE_TSC_ADJUST) | - bitmaskof(X86_FEATURE_BMI1) | - bitmaskof(X86_FEATURE_HLE) | - bitmaskof(X86_FEATURE_AVX2) | - bitmaskof(X86_FEATURE_SMEP) | - bitmaskof(X86_FEATURE_BMI2) | - bitmaskof(X86_FEATURE_ERMS) | - bitmaskof(X86_FEATURE_INVPCID) | - bitmaskof(X86_FEATURE_RTM) | - bitmaskof(X86_FEATURE_RDSEED) | - bitmaskof(X86_FEATURE_ADX) | - bitmaskof(X86_FEATURE_SMAP) | - bitmaskof(X86_FEATURE_FSGSBASE) | - bitmaskof(X86_FEATURE_PCOMMIT) | - bitmaskof(X86_FEATURE_CLWB) | - bitmaskof(X86_FEATURE_CLFLUSHOPT)); - } else + if ( input[1] == 0 ) + { + regs[1] = info->featureset[featureword_of(X86_FEATURE_FSGSBASE)]; + regs[2] = info->featureset[featureword_of(X86_FEATURE_PREFETCHWT1)]; + } + else + { regs[1] = 0; - regs[0] = regs[2] = regs[3] = 0; + regs[2] = 0; + } + regs[0] = regs[3] = 0; break; case 0x0000000d: @@ -590,14 +480,8 @@ static void xc_cpuid_hvm_policy(xc_interface *xch, break; case 0x80000001: - if ( !info->pae ) - { - clear_bit(X86_FEATURE_LAHF_LM, regs[2]); - clear_bit(X86_FEATURE_LM, regs[3]); - clear_bit(X86_FEATURE_NX, regs[3]); - clear_bit(X86_FEATURE_PSE36, regs[3]); - clear_bit(X86_FEATURE_PAGE1GB, regs[3]); - } + regs[2] = info->featureset[featureword_of(X86_FEATURE_LAHF_LM)]; + regs[3] = info->featureset[featureword_of(X86_FEATURE_SYSCALL)]; break; case 0x80000007: @@ -641,64 +525,25 @@ static void xc_cpuid_pv_policy(xc_interface *xch, const struct cpuid_domain_info *info, const unsigned int *input, unsigned int *regs) { - if ( (input[0] & 0x7fffffff) == 0x00000001 ) - { - clear_bit(X86_FEATURE_VME, regs[3]); - if ( !info->pvh ) - { - clear_bit(X86_FEATURE_PSE, regs[3]); - clear_bit(X86_FEATURE_PGE, regs[3]); - } - clear_bit(X86_FEATURE_MCE, regs[3]); - clear_bit(X86_FEATURE_MCA, regs[3]); - clear_bit(X86_FEATURE_MTRR, regs[3]); - clear_bit(X86_FEATURE_PSE36, regs[3]); - } - switch ( input[0] ) { case 0x00000001: - if ( info->vendor == VENDOR_AMD ) - clear_bit(X86_FEATURE_SEP, regs[3]); - clear_bit(X86_FEATURE_DS, regs[3]); - clear_bit(X86_FEATURE_ACC, regs[3]); - clear_bit(X86_FEATURE_PBE, regs[3]); - - clear_bit(X86_FEATURE_DTES64, regs[2]); - clear_bit(X86_FEATURE_MWAIT, regs[2]); - clear_bit(X86_FEATURE_DSCPL, regs[2]); - clear_bit(X86_FEATURE_VMXE, regs[2]); - clear_bit(X86_FEATURE_SMXE, regs[2]); - clear_bit(X86_FEATURE_EST, regs[2]); - clear_bit(X86_FEATURE_TM2, regs[2]); - if ( !info->pv64 ) - clear_bit(X86_FEATURE_CX16, regs[2]); - if ( info->xfeature_mask == 0 ) - { - clear_bit(X86_FEATURE_XSAVE, regs[2]); - clear_bit(X86_FEATURE_AVX, regs[2]); - } - clear_bit(X86_FEATURE_XTPR, regs[2]); - clear_bit(X86_FEATURE_PDCM, regs[2]); - clear_bit(X86_FEATURE_PCID, regs[2]); - clear_bit(X86_FEATURE_DCA, regs[2]); - set_bit(X86_FEATURE_HYPERVISOR, regs[2]); + regs[2] = info->featureset[featureword_of(X86_FEATURE_XMM3)]; + regs[3] = info->featureset[featureword_of(X86_FEATURE_FPU)]; break; case 0x00000007: if ( input[1] == 0 ) - regs[1] &= (bitmaskof(X86_FEATURE_BMI1) | - bitmaskof(X86_FEATURE_HLE) | - bitmaskof(X86_FEATURE_AVX2) | - bitmaskof(X86_FEATURE_BMI2) | - bitmaskof(X86_FEATURE_ERMS) | - bitmaskof(X86_FEATURE_RTM) | - bitmaskof(X86_FEATURE_RDSEED) | - bitmaskof(X86_FEATURE_ADX) | - bitmaskof(X86_FEATURE_FSGSBASE)); + { + regs[1] = info->featureset[featureword_of(X86_FEATURE_FSGSBASE)]; + regs[2] = info->featureset[featureword_of(X86_FEATURE_PREFETCHWT1)]; + } else + { regs[1] = 0; - regs[0] = regs[2] = regs[3] = 0; + regs[2] = 0; + } + regs[0] = regs[3] = 0; break; case 0x0000000d: @@ -706,29 +551,8 @@ static void xc_cpuid_pv_policy(xc_interface *xch, break; case 0x80000001: - if ( !info->pv64 ) - { - clear_bit(X86_FEATURE_LM, regs[3]); - clear_bit(X86_FEATURE_LAHF_LM, regs[2]); - if ( info->vendor != VENDOR_AMD ) - clear_bit(X86_FEATURE_SYSCALL, regs[3]); - } - else - { - set_bit(X86_FEATURE_SYSCALL, regs[3]); - } - if ( !info->pvh ) - clear_bit(X86_FEATURE_PAGE1GB, regs[3]); - clear_bit(X86_FEATURE_RDTSCP, regs[3]); - - clear_bit(X86_FEATURE_SVM, regs[2]); - clear_bit(X86_FEATURE_OSVW, regs[2]); - clear_bit(X86_FEATURE_IBS, regs[2]); - clear_bit(X86_FEATURE_SKINIT, regs[2]); - clear_bit(X86_FEATURE_WDT, regs[2]); - clear_bit(X86_FEATURE_LWP, regs[2]); - clear_bit(X86_FEATURE_NODEID_MSR, regs[2]); - clear_bit(X86_FEATURE_TOPOEXT, regs[2]); + regs[2] = info->featureset[featureword_of(X86_FEATURE_LAHF_LM)]; + regs[3] = info->featureset[featureword_of(X86_FEATURE_SYSCALL)]; break; case 0x00000005: /* MONITOR/MWAIT */ @@ -808,6 +632,87 @@ void xc_cpuid_to_str(const unsigned int *regs, char **strs) } } +static void sanitise_featureset(struct cpuid_domain_info *info) +{ + const uint32_t fs_size = xc_get_cpu_featureset_size(); + uint32_t disabled_features[fs_size]; + static const uint32_t deep_features[] = INIT_DEEP_FEATURES; + unsigned int i, b; + + if ( info->hvm ) + { + /* HVM Guest */ + + if ( !info->pae ) + clear_bit(X86_FEATURE_PAE, info->featureset); + + if ( !info->nestedhvm ) + { + clear_bit(X86_FEATURE_SVM, info->featureset); + clear_bit(X86_FEATURE_VMXE, info->featureset); + } + } + else + { + /* PV or PVH Guest */ + + if ( !info->pv64 ) + { + clear_bit(X86_FEATURE_LM, info->featureset); + if ( info->vendor != VENDOR_AMD ) + clear_bit(X86_FEATURE_SYSCALL, info->featureset); + } + + if ( !info->pvh ) + { + clear_bit(X86_FEATURE_PSE, info->featureset); + clear_bit(X86_FEATURE_PSE36, info->featureset); + clear_bit(X86_FEATURE_PGE, info->featureset); + clear_bit(X86_FEATURE_PAGE1GB, info->featureset); + } + } + + if ( info->xfeature_mask == 0 ) + clear_bit(X86_FEATURE_XSAVE, info->featureset); + + /* Disable deep dependencies of disabled features. */ + for ( i = 0; i < ARRAY_SIZE(disabled_features); ++i ) + disabled_features[i] = ~info->featureset[i] & deep_features[i]; + + for ( b = 0; b < sizeof(disabled_features) * CHAR_BIT; ++b ) + { + const uint32_t *dfs; + + if ( !test_bit(b, disabled_features) || + !(dfs = xc_get_feature_deep_deps(b)) ) + continue; + + for ( i = 0; i < ARRAY_SIZE(disabled_features); ++i ) + { + info->featureset[i] &= ~dfs[i]; + disabled_features[i] &= ~dfs[i]; + } + } + + switch ( info->vendor ) + { + case VENDOR_INTEL: + /* Intel clears the common bits in e1d. */ + info->featureset[featureword_of(X86_FEATURE_SYSCALL)] &= ~COMMON_1D; + break; + + case VENDOR_AMD: + /* AMD duplicates the common bits between 1d and e1d. */ + info->featureset[featureword_of(X86_FEATURE_SYSCALL)] = + ((info->featureset[featureword_of(X86_FEATURE_FPU)] & COMMON_1D) | + (info->featureset[featureword_of(X86_FEATURE_SYSCALL)] & ~COMMON_1D)); + break; + + default: + break; + } +} + int xc_cpuid_apply_policy(xc_interface *xch, domid_t domid, uint32_t *featureset, unsigned int nr_features) @@ -831,6 +736,8 @@ int xc_cpuid_apply_policy(xc_interface *xch, domid_t domid, else ext_max = (regs[0] <= DEF_MAX_INTELEXT) ? regs[0] : DEF_MAX_INTELEXT; + sanitise_featureset(&info); + input[0] = 0; input[1] = XEN_CPUID_INPUT_UNUSED; for ( ; ; ) @@ -1002,9 +909,9 @@ int xc_cpuid_set( val = polval; if ( val ) - set_bit(31 - j, regs[i]); + set_feature(31 - j, regs[i]); else - clear_bit(31 - j, regs[i]); + clear_feature(31 - j, regs[i]); config_transformed[i][j] = config[i][j]; if ( config[i][j] == 's' )