From patchwork Mon Jan 6 15:54:19 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Andrew Cooper X-Patchwork-Id: 11319631 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id C6F291398 for ; Mon, 6 Jan 2020 15:55:42 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id A3F0320707 for ; Mon, 6 Jan 2020 15:55:42 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=citrix.com header.i=@citrix.com header.b="Plq+4N5Z" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org A3F0320707 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1ioUiA-0003kW-Uq; Mon, 06 Jan 2020 15:54:34 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1ioUi8-0003kA-Tr for xen-devel@lists.xenproject.org; Mon, 06 Jan 2020 15:54:32 +0000 X-Inumbo-ID: d0c5a7eb-309c-11ea-ab26-12813bfff9fa Received: from esa2.hc3370-68.iphmx.com (unknown [216.71.145.153]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id d0c5a7eb-309c-11ea-ab26-12813bfff9fa; Mon, 06 Jan 2020 15:54:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1578326069; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=L1QQNGdVLsqA8MSMRT0Tt/3LuVFoJTdQw8tSLXWITNY=; b=Plq+4N5ZuWmBRcG+h6Q2Z27yWLnhK0/2gfAEGEisBh1tw/Uy0p/fI1mw kXXOYXKTfbU48Vm4FP4O8vrAHcnJ8zNqO7gZA9F1VcqRP58HE+RfvoSI6 iuHRUwxo21Yntldy6V0soXHCCCS2y53fep/KdYHidLwgkiUNUNZbKDVqX c=; Authentication-Results: esa2.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=andrew.cooper3@citrix.com; spf=Pass smtp.mailfrom=Andrew.Cooper3@citrix.com; spf=None smtp.helo=postmaster@mail.citrix.com Received-SPF: None (esa2.hc3370-68.iphmx.com: no sender authenticity information available from domain of andrew.cooper3@citrix.com) identity=pra; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="andrew.cooper3@citrix.com"; x-conformance=sidf_compatible Received-SPF: Pass (esa2.hc3370-68.iphmx.com: domain of Andrew.Cooper3@citrix.com designates 162.221.158.21 as permitted sender) identity=mailfrom; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="Andrew.Cooper3@citrix.com"; x-conformance=sidf_compatible; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ip4:168.245.78.127 ~all" Received-SPF: None (esa2.hc3370-68.iphmx.com: no sender authenticity information available from domain of postmaster@mail.citrix.com) identity=helo; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="postmaster@mail.citrix.com"; x-conformance=sidf_compatible IronPort-SDR: OvLEHby7a+9edCimvODcdR0KiS6pIqhKywKkrI8BaLp8jatGcizTf05GmFrYQYJzVDHyHoP3cK mTe8qKEwVc+QtNVmYx8vdMN2xCex6hf/sJZmszs8WV0GJMIN0nPRfv2Bm8vjivkFKxywmLRhhQ pbk6isbkTC7xGJZCKkV2kgFfJ1WgVA6WRM7DveKKBvYxKYTy4vyYMNzJF3n6duv+W7IOcDEyls LnvhsUVPzotDYcY3XInQ91AndvSW5361gyX2tAbn3LjSRnvj3+leNEG86Z44x2XbmJOK9zyF6u zxo= X-SBRS: 2.7 X-MesageID: 10517689 X-Ironport-Server: esa2.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.69,403,1571716800"; d="scan'208";a="10517689" From: Andrew Cooper To: Xen-devel Date: Mon, 6 Jan 2020 15:54:19 +0000 Message-ID: <20200106155423.9508-3-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20200106155423.9508-1-andrew.cooper3@citrix.com> References: <20200106155423.9508-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Subject: [Xen-devel] [PATCH 2/6] x86/boot: Map the trampoline as read-only X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Andrew Cooper , Wei Liu , Jan Beulich , =?utf-8?q?Roger_Pau_Monn=C3=A9?= Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" c/s ec92fcd1d08, which caused the trampoline GDT Access bits to be set, removed the final writes which occurred between enabling paging and switching to the high mappings. There don't plausibly need to be any memory writes in few instructions is takes to perform this transition. As a consequence, we can remove the RWX mapping of the trampoline. It is RX via its identity mapping below 1M, and RW via the directmap. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- CC: Jan Beulich CC: Wei Liu CC: Roger Pau Monné This probably wants backporting, alongside ec92fcd1d08 if it hasn't yet. --- xen/arch/x86/x86_64/mm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/xen/arch/x86/x86_64/mm.c b/xen/arch/x86/x86_64/mm.c index 8ea09ecc30..b7ce833ffc 100644 --- a/xen/arch/x86/x86_64/mm.c +++ b/xen/arch/x86/x86_64/mm.c @@ -699,7 +699,7 @@ void __init zap_low_mappings(void) /* Replace with mapping of the boot trampoline only. */ map_pages_to_xen(trampoline_phys, maddr_to_mfn(trampoline_phys), PFN_UP(trampoline_end - trampoline_start), - __PAGE_HYPERVISOR); + __PAGE_HYPERVISOR_RX); } int setup_compat_arg_xlat(struct vcpu *v)