From patchwork Thu Dec 19 09:42:53 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Alexandru Stefan ISAILA <aisaila@bitdefender.com>
X-Patchwork-Id: 11302931
Return-Path: <SRS0=c1+a=2J=lists.xenproject.org=xen-devel-bounces@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 152A7921
	for <patchwork-xen-devel@patchwork.kernel.org>;
 Thu, 19 Dec 2019 09:44:34 +0000 (UTC)
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id D9831206B7
	for <patchwork-xen-devel@patchwork.kernel.org>;
 Thu, 19 Dec 2019 09:44:33 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=fail reason="signature verification failed" (1024-bit key)
 header.d=bitdefender.onmicrosoft.com header.i=@bitdefender.onmicrosoft.com
 header.b="fJkvqKtj"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org D9831206B7
Authentication-Results: mail.kernel.org;
 dmarc=fail (p=none dis=none) header.from=bitdefender.com
Authentication-Results: mail.kernel.org;
 spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.89)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1ihsKg-0003aC-4T; Thu, 19 Dec 2019 09:42:58 +0000
Received: from all-amaz-eas1.inumbo.com ([34.197.232.57]
 helo=us1-amaz-eas2.inumbo.com)
 by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from
 <SRS0=datr=2J=bitdefender.com=aisaila@srs-us1.protection.inumbo.net>)
 id 1ihsKf-0003a7-8n
 for xen-devel@lists.xenproject.org; Thu, 19 Dec 2019 09:42:57 +0000
X-Inumbo-ID: eed3dfac-2243-11ea-9174-12813bfff9fa
Received: from EUR01-DB5-obe.outbound.protection.outlook.com (unknown
 [40.107.15.113]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS
 id eed3dfac-2243-11ea-9174-12813bfff9fa;
 Thu, 19 Dec 2019 09:42:55 +0000 (UTC)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=iytczzQK9ts/mqN1AmrIUT25ec77c4EmxAzeuczY2Ymcz8xVJCeV5Zxl8Wj+IJDT1iZTF776jfH4wHC252D42qeq+n5rOR9Z2AHaEI6+u+QV2OSJ2mIXB60ADHHoQqOL9kvL9pfUkQ3JhN59n9YN8K20lVBsDR4zGb8iF8BM2raZ8c8MkoZh8+/ExPq/8G+qfxU7QtJcgDwy0hjS/BVxv83v/9FB9Vf+pjm0YDT4/Nzj5nVGPnEcUpiJp9Huiuh727VU7ZC8Br76N4000OoE+vsDh92WR/YDljEZ6uE+3iQ6JpzI1O9qxmzyOGP+6K3LEImrLyW09Ul3qb/tfZCMtQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=CStwGnhbQtwq8X6f/lJrZV+ccIIB8Z0ASabw8BFkuyI=;
 b=hRPYECUvmiAgKmCM2/8yNmYsF7PtIFKH+6EMoBgyzTz7ECUgk+3XJr+efiOpixcCharx4KkBYh0vJf7DpIup+0bdh2iyV0ZOO+7UUKyml5wSGr+z0gMTK5lSc0Jty8PrP16eXAHfCX/MF7T2cQMvxx8ZzE4HdF3L6Z2qGQ/Za4xNnN/kfD5/EOT+76jvZ/lEFoPK/a8IVxNeIBLP4p3eXPyCjmYBPeHBBl0rK1gt37xSYZp0Pu6niJmODd5JQvrWPx1F0/Xc1nktPMydf15JEhHZ0PUYLbENO2xhJCk7cv2prfZDHvv5KZl0dtMRuQxYu4JY/UL5nhDVB1tFfjpMQw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=bitdefender.com; dmarc=pass action=none
 header.from=bitdefender.com; dkim=pass header.d=bitdefender.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=bitdefender.onmicrosoft.com; s=selector2-bitdefender-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=CStwGnhbQtwq8X6f/lJrZV+ccIIB8Z0ASabw8BFkuyI=;
 b=fJkvqKtjkATBdiLHByDoT2o+8R6VAOec8N4hZpoIDiFRFmDDSmt7aZgGupwSinRBYIcR8z02cwZLOn0HhsUqPW6XzlG9/f9mTxJuTfHhvnCRdkGk2SXv3gkPwfqlQKUBD0ROWDLJnGmP+CmOrwUmSroSNc4D7Dk1RRgnXZy8eAE=
Received: from AM0PR02MB5553.eurprd02.prod.outlook.com (10.255.30.78) by
 AM0PR02MB4258.eurprd02.prod.outlook.com (20.177.111.16) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2538.18; Thu, 19 Dec 2019 09:42:54 +0000
Received: from AM0PR02MB5553.eurprd02.prod.outlook.com
 ([fe80::8cec:7638:734c:89d]) by AM0PR02MB5553.eurprd02.prod.outlook.com
 ([fe80::8cec:7638:734c:89d%4]) with mapi id 15.20.2559.015; Thu, 19 Dec 2019
 09:42:54 +0000
From: Alexandru Stefan ISAILA <aisaila@bitdefender.com>
To: "xen-devel@lists.xenproject.org" <xen-devel@lists.xenproject.org>
Thread-Topic: [PATCH V5 1/4] x86/mm: Add array_index_nospec to guest provided
 index values
Thread-Index: AQHVtlCv9fBx8h7blUeN6Fd8ih9YqQ==
Date: Thu, 19 Dec 2019 09:42:53 +0000
Message-ID: <20191219094236.22002-1-aisaila@bitdefender.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-clientproxiedby: AM0PR05CA0074.eurprd05.prod.outlook.com
 (2603:10a6:208:136::14) To AM0PR02MB5553.eurprd02.prod.outlook.com
 (2603:10a6:208:160::14)
authentication-results: spf=none (sender IP is )
 smtp.mailfrom=aisaila@bitdefender.com;
x-ms-exchange-messagesentrepresentingtype: 1
x-mailer: git-send-email 2.17.1
x-originating-ip: [91.199.104.6]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 2c8767ce-7ed4-41e7-7782-08d78467d200
x-ms-traffictypediagnostic: AM0PR02MB4258:|AM0PR02MB4258:|AM0PR02MB4258:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: 
 <AM0PR02MB425877C855758E1471C0D42BAB520@AM0PR02MB4258.eurprd02.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:2887;
x-forefront-prvs: 0256C18696
x-forefront-antispam-report: SFV:NSPM;
 SFS:(10019020)(136003)(396003)(376002)(346002)(39860400002)(366004)(189003)(199004)(66556008)(26005)(5660300002)(478600001)(6512007)(2906002)(6506007)(81166006)(66946007)(52116002)(186003)(6916009)(66476007)(64756008)(6486002)(81156014)(71200400001)(8936002)(66446008)(36756003)(54906003)(316002)(8676002)(1076003)(4326008)(2616005)(86362001);
 DIR:OUT; SFP:1102; SCL:1; SRVR:AM0PR02MB4258;
 H:AM0PR02MB5553.eurprd02.prod.outlook.com; FPR:; SPF:None; LANG:en;
 PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: bitdefender.com does not designate
 permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 
 FhNwjobGnbwByKU5GT8GkstPNZOM7iP589wicWZQbYlv7UEM+gvA/vGOL+F98lvrdlAgNOBjec+02pB8+rfFgRqm0KE4RYlFnGXGb6H3UNaX4il/6XLNVEfd1kjfly//aD9iqgMYhULyQgH9ruYmdfyH9uApiAE2iGv5pUDRHGN795UOgTWF25fY1CIW0ruh8C1SnFuH4bkSAaL2/GsEIRgKZNtimtIKNQsTlkGYjakVOtBsEVKw2D/7M8SRRzbKLozirW62nOVJD6zw9tMwts59TTjRrLfPPQ1uCW1A+vI801GNbBTUF4/o9xNpNjrZ7SSVSFmWA0gTIdYcc48FFdjRc20OENFpHJ4qmN/r2rW8s/XVLQ16w2t7Au3nNmabn/86zqUqoxf8Q8zqfA1i1+K9knNSF9wzaRHbJ4ODy3Jvj8Fiaekg/OsX06bIpDj7
Content-ID: <BD0038C83E5C5C47BC61E0E6B704B7DA@eurprd02.prod.outlook.com>
MIME-Version: 1.0
X-OriginatorOrg: bitdefender.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 2c8767ce-7ed4-41e7-7782-08d78467d200
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Dec 2019 09:42:53.8916 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 487baf29-f1da-469a-9221-243f830c36f3
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 
 IqHbdTkQv1c7uaw5eayyVMOOHE+ga3WzGQc5eLLhpzrxAUhvdgI3pTxj6XVDRTgkVD13LNIIYn6GCWuEx7Z4y3hy1FlkliVOURnlc7W0eE8=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR02MB4258
Subject: [Xen-devel] [PATCH V5 1/4] x86/mm: Add array_index_nospec to guest
 provided index values
X-BeenThere: xen-devel@lists.xenproject.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: Xen developer discussion <xen-devel.lists.xenproject.org>
List-Unsubscribe: <https://lists.xenproject.org/mailman/options/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xenproject.org>
List-Help: <mailto:xen-devel-request@lists.xenproject.org?subject=help>
List-Subscribe: <https://lists.xenproject.org/mailman/listinfo/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=subscribe>
Cc: Petre Ovidiu PIRCALABU <ppircalabu@bitdefender.com>,
 Kevin Tian <kevin.tian@intel.com>, Tamas K Lengyel <tamas@tklengyel.com>,
 Wei Liu <wl@xen.org>, Razvan COJOCARU <rcojocaru@bitdefender.com>,
 George Dunlap <george.dunlap@eu.citrix.com>,
 Andrew Cooper <andrew.cooper3@citrix.com>, Jan Beulich <jbeulich@suse.com>,
 Jun Nakajima <jun.nakajima@intel.com>,
 Alexandru Stefan ISAILA <aisaila@bitdefender.com>, =?utf-8?q?Roger_Pau_Monn?=
	=?utf-8?q?=C3=A9?= <roger.pau@citrix.com>
Errors-To: xen-devel-bounces@lists.xenproject.org
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>

This patch aims to sanitize indexes, potentially guest provided
values, for altp2m_eptp[] and altp2m_p2m[] arrays.

Requested-by: Jan Beulich <jbeulich@suse.com>
Signed-off-by: Alexandru Isaila <aisaila@bitdefender.com>
---
CC: Razvan Cojocaru <rcojocaru@bitdefender.com>
CC: Tamas K Lengyel <tamas@tklengyel.com>
CC: Petre Pircalabu <ppircalabu@bitdefender.com>
CC: George Dunlap <george.dunlap@eu.citrix.com>
CC: Jan Beulich <jbeulich@suse.com>
CC: Andrew Cooper <andrew.cooper3@citrix.com>
CC: Wei Liu <wl@xen.org>
CC: "Roger Pau Monné" <roger.pau@citrix.com>
CC: Jun Nakajima <jun.nakajima@intel.com>
CC: Kevin Tian <kevin.tian@intel.com>
---
Changes since V4:
	- Change bounds check from MAX_EPTP to MAX_ALTP2M
	- Move array_index_nospec() closer to the bounds check.
---
 xen/arch/x86/mm/mem_access.c | 15 +++++++++------
 xen/arch/x86/mm/p2m.c        | 20 ++++++++++++++------
 2 files changed, 23 insertions(+), 12 deletions(-)

diff --git a/xen/arch/x86/mm/mem_access.c b/xen/arch/x86/mm/mem_access.c
index 320b9fe621..33e379db8f 100644
--- a/xen/arch/x86/mm/mem_access.c
+++ b/xen/arch/x86/mm/mem_access.c
@@ -367,10 +367,11 @@ long p2m_set_mem_access(struct domain *d, gfn_t gfn, uint32_t nr,
     if ( altp2m_idx )
     {
         if ( altp2m_idx >= MAX_ALTP2M ||
-             d->arch.altp2m_eptp[altp2m_idx] == mfn_x(INVALID_MFN) )
+             d->arch.altp2m_eptp[array_index_nospec(altp2m_idx, MAX_ALTP2M)] ==
+             mfn_x(INVALID_MFN) )
             return -EINVAL;
 
-        ap2m = d->arch.altp2m_p2m[altp2m_idx];
+        ap2m = d->arch.altp2m_p2m[array_index_nospec(altp2m_idx, MAX_ALTP2M)];
     }
 #else
     ASSERT(!altp2m_idx);
@@ -426,10 +427,11 @@ long p2m_set_mem_access_multi(struct domain *d,
     if ( altp2m_idx )
     {
         if ( altp2m_idx >= MAX_ALTP2M ||
-             d->arch.altp2m_eptp[altp2m_idx] == mfn_x(INVALID_MFN) )
+             d->arch.altp2m_eptp[array_index_nospec(altp2m_idx, MAX_ALTP2M)] ==
+             mfn_x(INVALID_MFN) )
             return -EINVAL;
 
-        ap2m = d->arch.altp2m_p2m[altp2m_idx];
+        ap2m = d->arch.altp2m_p2m[array_index_nospec(altp2m_idx, MAX_ALTP2M)];
     }
 #else
     ASSERT(!altp2m_idx);
@@ -492,10 +494,11 @@ int p2m_get_mem_access(struct domain *d, gfn_t gfn, xenmem_access_t *access,
     else if ( altp2m_idx ) /* altp2m view 0 is treated as the hostp2m */
     {
         if ( altp2m_idx >= MAX_ALTP2M ||
-             d->arch.altp2m_eptp[altp2m_idx] == mfn_x(INVALID_MFN) )
+             d->arch.altp2m_eptp[array_index_nospec(altp2m_idx, MAX_ALTP2M)] ==
+             mfn_x(INVALID_MFN) )
             return -EINVAL;
 
-        p2m = d->arch.altp2m_p2m[altp2m_idx];
+        p2m = d->arch.altp2m_p2m[array_index_nospec(altp2m_idx, MAX_ALTP2M)];
     }
 #else
     ASSERT(!altp2m_idx);
diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c
index ba126f790a..16039c7a57 100644
--- a/xen/arch/x86/mm/p2m.c
+++ b/xen/arch/x86/mm/p2m.c
@@ -2574,6 +2574,7 @@ int p2m_init_altp2m_by_id(struct domain *d, unsigned int idx)
     if ( idx >= MAX_ALTP2M )
         return rc;
 
+    idx = array_index_nospec(idx, MAX_ALTP2M);
     altp2m_list_lock(d);
 
     if ( d->arch.altp2m_eptp[idx] == mfn_x(INVALID_MFN) )
@@ -2615,6 +2616,7 @@ int p2m_destroy_altp2m_by_id(struct domain *d, unsigned int idx)
     if ( !idx || idx >= MAX_ALTP2M )
         return rc;
 
+    idx = array_index_nospec(idx, MAX_ALTP2M);
     rc = domain_pause_except_self(d);
     if ( rc )
         return rc;
@@ -2686,11 +2688,13 @@ int p2m_change_altp2m_gfn(struct domain *d, unsigned int idx,
     mfn_t mfn;
     int rc = -EINVAL;
 
-    if ( idx >= MAX_ALTP2M || d->arch.altp2m_eptp[idx] == mfn_x(INVALID_MFN) )
+    if ( idx >= MAX_ALTP2M ||
+         d->arch.altp2m_eptp[array_index_nospec(idx, MAX_ALTP2M)] ==
+         mfn_x(INVALID_MFN) )
         return rc;
 
     hp2m = p2m_get_hostp2m(d);
-    ap2m = d->arch.altp2m_p2m[idx];
+    ap2m = d->arch.altp2m_p2m[array_index_nospec(idx, MAX_ALTP2M)];
 
     p2m_lock(hp2m);
     p2m_lock(ap2m);
@@ -3030,10 +3034,12 @@ int p2m_set_suppress_ve(struct domain *d, gfn_t gfn, bool suppress_ve,
     if ( altp2m_idx > 0 )
     {
         if ( altp2m_idx >= MAX_ALTP2M ||
-             d->arch.altp2m_eptp[altp2m_idx] == mfn_x(INVALID_MFN) )
+             d->arch.altp2m_eptp[array_index_nospec(altp2m_idx, MAX_ALTP2M)] ==
+             mfn_x(INVALID_MFN) )
             return -EINVAL;
 
-        p2m = ap2m = d->arch.altp2m_p2m[altp2m_idx];
+        p2m = ap2m = d->arch.altp2m_p2m[array_index_nospec(altp2m_idx,
+                                                           MAX_ALTP2M)];
     }
     else
         p2m = host_p2m;
@@ -3073,10 +3079,12 @@ int p2m_get_suppress_ve(struct domain *d, gfn_t gfn, bool *suppress_ve,
     if ( altp2m_idx > 0 )
     {
         if ( altp2m_idx >= MAX_ALTP2M ||
-             d->arch.altp2m_eptp[altp2m_idx] == mfn_x(INVALID_MFN) )
+             d->arch.altp2m_eptp[array_index_nospec(altp2m_idx, MAX_ALTP2M)] ==
+             mfn_x(INVALID_MFN) )
             return -EINVAL;
 
-        p2m = ap2m = d->arch.altp2m_p2m[altp2m_idx];
+        p2m = ap2m = d->arch.altp2m_p2m[array_index_nospec(altp2m_idx,
+                                                           MAX_ALTP2M)];
     }
     else
         p2m = host_p2m;

From patchwork Thu Dec 19 09:42:57 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Alexandru Stefan ISAILA <aisaila@bitdefender.com>
X-Patchwork-Id: 11302933
Return-Path: <SRS0=c1+a=2J=lists.xenproject.org=xen-devel-bounces@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 87981921
	for <patchwork-xen-devel@patchwork.kernel.org>;
 Thu, 19 Dec 2019 09:44:39 +0000 (UTC)
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 56DFE206B7
	for <patchwork-xen-devel@patchwork.kernel.org>;
 Thu, 19 Dec 2019 09:44:39 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=fail reason="signature verification failed" (1024-bit key)
 header.d=bitdefender.onmicrosoft.com header.i=@bitdefender.onmicrosoft.com
 header.b="dAxc1sqv"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 56DFE206B7
Authentication-Results: mail.kernel.org;
 dmarc=fail (p=none dis=none) header.from=bitdefender.com
Authentication-Results: mail.kernel.org;
 spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.89)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1ihsKs-0003ay-ED; Thu, 19 Dec 2019 09:43:10 +0000
Received: from us1-rack-iad1.inumbo.com ([172.99.69.81])
 by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from
 <SRS0=datr=2J=bitdefender.com=aisaila@srs-us1.protection.inumbo.net>)
 id 1ihsKr-0003am-83
 for xen-devel@lists.xenproject.org; Thu, 19 Dec 2019 09:43:09 +0000
X-Inumbo-ID: f12c5090-2243-11ea-a1e1-bc764e2007e4
Received: from EUR01-DB5-obe.outbound.protection.outlook.com (unknown
 [40.107.15.123]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS
 id f12c5090-2243-11ea-a1e1-bc764e2007e4;
 Thu, 19 Dec 2019 09:42:59 +0000 (UTC)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=HTYQU7SdD9YgUBtZJO7izA8cn42GCet5SQMFrq59NEBSs4aw1/8PgKAJE9ViYTS/kUIB0BFYA4fLMEkm6rz7LGdG+cbWIq55SKIdNl94X3YJN+mHO8KIOf5R2Lhurbht5iaOcubCDTja4O7QxjwdFPOVaGDIarehQmcOIPOO70e3Z6xLX0Iyrfddb63nse3CmxmGqbzJ5WxT2dfOotee9ndLHpQ2yKNQ1C2HnhxKQN2q48J6PnaVQ9xuI5Bk+LN4HilR0nL7wFcjUIxTBGqEi3U18fmBylwDEQvvgQJfYAL7TPCcJgfyFOuIn3nMEzf5uqHyO8OhmFFRpC/ejxIr3A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=suSGhzAxEa8Ev1ASpdnerpbOhCX9R1O9OVpEXKrr0XU=;
 b=hIoAAw/gJuq+YhQTsDYzWEspY8Q4PReIEaCuAx0rshhjOwnHc3aqoZDBW4fHVHaaC4TlonFgkrXqScACcdWFnFcgX0nQck6L9tad8t5KVG0dpESvGfQ/AmPA28eYeASDR72Bjm86KJgX2a/8BShInTf+52KoUmxhISeJlpuXo+j41NS3WmN/bEMf4aCsMk6HoHcr2dl8D9RM6Ta36s7C9gd3As3szZ8BvbTZ2zeKaUOVNRYpacm/PTDWAz6fn6kvuYJT03jDFh7MYAKgJDvxJI9XvmxooX/hJ0SKt8PscE4CjsoKKbVJbXpK5x1I4YJ3qaUsALm2a6sbqTaYJiLidg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=bitdefender.com; dmarc=pass action=none
 header.from=bitdefender.com; dkim=pass header.d=bitdefender.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=bitdefender.onmicrosoft.com; s=selector2-bitdefender-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=suSGhzAxEa8Ev1ASpdnerpbOhCX9R1O9OVpEXKrr0XU=;
 b=dAxc1sqvpllrklWPA2GK+k19NZor7N5L8a159fxcBuJNnrY7ElIzh3lePZ6og+JMIBjI2hZBeXrtvk/7hPz3iP2+yMgjyCsev0ZHD6o5b6JWdkankZkiJ5kB6Z6y50oJM0Q1CrW7zXZteWNivOWgxE+ZlGj96wlPbtTXN7nWnwc=
Received: from AM0PR02MB5553.eurprd02.prod.outlook.com (10.255.30.78) by
 AM0PR02MB4258.eurprd02.prod.outlook.com (20.177.111.16) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2538.18; Thu, 19 Dec 2019 09:42:57 +0000
Received: from AM0PR02MB5553.eurprd02.prod.outlook.com
 ([fe80::8cec:7638:734c:89d]) by AM0PR02MB5553.eurprd02.prod.outlook.com
 ([fe80::8cec:7638:734c:89d%4]) with mapi id 15.20.2559.015; Thu, 19 Dec 2019
 09:42:57 +0000
From: Alexandru Stefan ISAILA <aisaila@bitdefender.com>
To: "xen-devel@lists.xenproject.org" <xen-devel@lists.xenproject.org>
Thread-Topic: [PATCH V5 2/4] x86/altp2m: Add hypercall to set a range of sve
 bits
Thread-Index: AQHVtlCxbQhT4D0WG0G2IaQmCNE5Vw==
Date: Thu, 19 Dec 2019 09:42:57 +0000
Message-ID: <20191219094236.22002-2-aisaila@bitdefender.com>
References: <20191219094236.22002-1-aisaila@bitdefender.com>
In-Reply-To: <20191219094236.22002-1-aisaila@bitdefender.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-clientproxiedby: AM0PR05CA0074.eurprd05.prod.outlook.com
 (2603:10a6:208:136::14) To AM0PR02MB5553.eurprd02.prod.outlook.com
 (2603:10a6:208:160::14)
authentication-results: spf=none (sender IP is )
 smtp.mailfrom=aisaila@bitdefender.com;
x-ms-exchange-messagesentrepresentingtype: 1
x-mailer: git-send-email 2.17.1
x-originating-ip: [91.199.104.6]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: bdd853a8-920e-46d7-9328-08d78467d456
x-ms-traffictypediagnostic: AM0PR02MB4258:|AM0PR02MB4258:|AM0PR02MB4258:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: 
 <AM0PR02MB42588F0C21CB5E819B6CD285AB520@AM0PR02MB4258.eurprd02.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:605;
x-forefront-prvs: 0256C18696
x-forefront-antispam-report: SFV:NSPM;
 SFS:(10019020)(136003)(396003)(376002)(346002)(39860400002)(366004)(189003)(199004)(66556008)(26005)(5660300002)(478600001)(7416002)(6512007)(2906002)(6506007)(81166006)(66946007)(52116002)(186003)(6916009)(66476007)(64756008)(6486002)(81156014)(71200400001)(8936002)(66446008)(36756003)(54906003)(316002)(8676002)(1076003)(4326008)(107886003)(2616005)(86362001);
 DIR:OUT; SFP:1102; SCL:1; SRVR:AM0PR02MB4258;
 H:AM0PR02MB5553.eurprd02.prod.outlook.com; FPR:; SPF:None; LANG:en;
 PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: bitdefender.com does not designate
 permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 
 N41TVYtBUbHYbDnO9hZxZOGu1YqZ86ECCm1mT8OV1yFSkZH4u0XLnZy4GrwRZj5ndAV9GX2JqV0MBN2CPQpYs3qmX77nGgXDE44z30M4a5tbuqDiz4UC3+oCHVRkNBMJvsZ6FcpwtxJ4+7ggVf+3IWzAcc8YdpnQFR0Lfrc0MEpHKPxJ+HWi/OfpcuALuH/drv/OoaZS3wNjRtkmoTIRXG8FXd9T2I5pFByVKsPSvWUAEqaclaJUbtTDeSuXXkvIWCbaIOH45Ybgl0KskcVVGa7lCJ2z0PagSSywQ/2TJHg7jEE2GDNC9f+6OI68xHs/+Xav5JZFcWdbl0XD1FP47str1N58EoeyYnOxNkdWpCswR4mbiIbgdAQ+yyhuycYLVKJCI1gSpAojKKZOGCtgYhzB7ERHrpgfSanF5fTCWgFC6EoX3HRXHIqXvzNEALpQ
Content-ID: <D4117B7723778148A3E9CB65885345A1@eurprd02.prod.outlook.com>
MIME-Version: 1.0
X-OriginatorOrg: bitdefender.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 bdd853a8-920e-46d7-9328-08d78467d456
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Dec 2019 09:42:57.7394 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 487baf29-f1da-469a-9221-243f830c36f3
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 
 WSLz7GmW29htbOFCedpnhqnac6hwoKi7ZBrdOuAEHL35+6o22Fw1Wt6tgSmUlTe47OR3fZjCyP+0KpcZbkNYeJKfAPG9dXjfmrrX+RN9rzI=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR02MB4258
Subject: [Xen-devel] [PATCH V5 2/4] x86/altp2m: Add hypercall to set a range
 of sve bits
X-BeenThere: xen-devel@lists.xenproject.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: Xen developer discussion <xen-devel.lists.xenproject.org>
List-Unsubscribe: <https://lists.xenproject.org/mailman/options/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xenproject.org>
List-Help: <mailto:xen-devel-request@lists.xenproject.org?subject=help>
List-Subscribe: <https://lists.xenproject.org/mailman/listinfo/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=subscribe>
Cc: Petre Ovidiu PIRCALABU <ppircalabu@bitdefender.com>,
 Stefano Stabellini <sstabellini@kernel.org>, Julien Grall <julien@xen.org>,
 Razvan COJOCARU <rcojocaru@bitdefender.com>, Wei Liu <wl@xen.org>,
 Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>,
 George Dunlap <george.dunlap@eu.citrix.com>,
 Andrew Cooper <andrew.cooper3@citrix.com>,
 Ian Jackson <ian.jackson@eu.citrix.com>,
 Tamas K Lengyel <tamas@tklengyel.com>, Jan Beulich <jbeulich@suse.com>,
 Alexandru Stefan ISAILA <aisaila@bitdefender.com>, =?utf-8?q?Roger_Pau_Monn?=
	=?utf-8?q?=C3=A9?= <roger.pau@citrix.com>
Errors-To: xen-devel-bounces@lists.xenproject.org
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>

By default the sve bits are not set.
This patch adds a new hypercall, xc_altp2m_set_supress_ve_multi(),
to set a range of sve bits.
The core function, p2m_set_suppress_ve_multi(), does not brake in case
of a error and it is doing a best effort for setting the bits in the
given range. A check for continuation is made in order to have
preemption on big ranges.
The gfn of the first error is stored in
xen_hvm_altp2m_suppress_ve_multi.first_error and the error code is
stored in xen_hvm_altp2m_suppress_ve_multi.first_error_code.
If no error occurred the values will be 0.

Signed-off-by: Alexandru Isaila <aisaila@bitdefender.com>
Acked-by: Jan Beulich <jbeulich@suse.com>
---
CC: Ian Jackson <ian.jackson@eu.citrix.com>
CC: Wei Liu <wl@xen.org>
CC: Andrew Cooper <andrew.cooper3@citrix.com>
CC: George Dunlap <George.Dunlap@eu.citrix.com>
CC: Jan Beulich <jbeulich@suse.com>
CC: Julien Grall <julien@xen.org>
CC: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
CC: Stefano Stabellini <sstabellini@kernel.org>
CC: "Roger Pau Monné" <roger.pau@citrix.com>
CC: George Dunlap <george.dunlap@eu.citrix.com>
CC: Razvan Cojocaru <rcojocaru@bitdefender.com>
CC: Tamas K Lengyel <tamas@tklengyel.com>
CC: Petre Pircalabu <ppircalabu@bitdefender.com>
---
Changes since V4:
	- Remove ->first_error and first_error_code from
HVMOP_altp2m_set_suppress_ve_multi check
	- Check ->first_error_code so that first_error on gfn 0 can be
saved
	- Chage type of first_error_code to int32_t
	- Clip ->last_gfn before sanity check.
---
 tools/libxc/include/xenctrl.h   |  4 +++
 tools/libxc/xc_altp2m.c         | 33 +++++++++++++++++
 xen/arch/x86/hvm/hvm.c          | 20 +++++++++++
 xen/arch/x86/mm/p2m.c           | 64 +++++++++++++++++++++++++++++++++
 xen/include/public/hvm/hvm_op.h | 13 +++++++
 xen/include/xen/mem_access.h    |  3 ++
 6 files changed, 137 insertions(+)

diff --git a/tools/libxc/include/xenctrl.h b/tools/libxc/include/xenctrl.h
index f4431687b3..21a333f2c4 100644
--- a/tools/libxc/include/xenctrl.h
+++ b/tools/libxc/include/xenctrl.h
@@ -1923,6 +1923,10 @@ int xc_altp2m_switch_to_view(xc_interface *handle, uint32_t domid,
                              uint16_t view_id);
 int xc_altp2m_set_suppress_ve(xc_interface *handle, uint32_t domid,
                               uint16_t view_id, xen_pfn_t gfn, bool sve);
+int xc_altp2m_set_supress_ve_multi(xc_interface *handle, uint32_t domid,
+                                   uint16_t view_id, xen_pfn_t first_gfn,
+                                   xen_pfn_t last_gfn, bool sve,
+                                   xen_pfn_t *error_gfn, int32_t *error_code);
 int xc_altp2m_get_suppress_ve(xc_interface *handle, uint32_t domid,
                               uint16_t view_id, xen_pfn_t gfn, bool *sve);
 int xc_altp2m_set_mem_access(xc_interface *handle, uint32_t domid,
diff --git a/tools/libxc/xc_altp2m.c b/tools/libxc/xc_altp2m.c
index 09dad0355e..4ba930666a 100644
--- a/tools/libxc/xc_altp2m.c
+++ b/tools/libxc/xc_altp2m.c
@@ -234,6 +234,39 @@ int xc_altp2m_set_suppress_ve(xc_interface *handle, uint32_t domid,
     return rc;
 }
 
+int xc_altp2m_set_supress_ve_multi(xc_interface *handle, uint32_t domid,
+                                   uint16_t view_id, xen_pfn_t first_gfn,
+                                   xen_pfn_t last_gfn, bool sve,
+                                   xen_pfn_t *error_gfn, int32_t *error_code)
+{
+    int rc;
+    DECLARE_HYPERCALL_BUFFER(xen_hvm_altp2m_op_t, arg);
+
+    arg = xc_hypercall_buffer_alloc(handle, arg, sizeof(*arg));
+    if ( arg == NULL )
+        return -1;
+
+    arg->version = HVMOP_ALTP2M_INTERFACE_VERSION;
+    arg->cmd = HVMOP_altp2m_set_suppress_ve_multi;
+    arg->domain = domid;
+    arg->u.suppress_ve_multi.view = view_id;
+    arg->u.suppress_ve_multi.first_gfn = first_gfn;
+    arg->u.suppress_ve_multi.last_gfn = last_gfn;
+    arg->u.suppress_ve_multi.suppress_ve = sve;
+
+    rc = xencall2(handle->xcall, __HYPERVISOR_hvm_op, HVMOP_altp2m,
+                  HYPERCALL_BUFFER_AS_ARG(arg));
+
+    if ( arg->u.suppress_ve_multi.first_error )
+    {
+        *error_gfn = arg->u.suppress_ve_multi.first_error;
+        *error_code = arg->u.suppress_ve_multi.first_error_code;
+    }
+
+    xc_hypercall_buffer_free(handle, arg);
+    return rc;
+}
+
 int xc_altp2m_set_mem_access(xc_interface *handle, uint32_t domid,
                              uint16_t view_id, xen_pfn_t gfn,
                              xenmem_access_t access)
diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index 47573f71b8..98d1d9788b 100644
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -4553,6 +4553,7 @@ static int do_altp2m_op(
     case HVMOP_altp2m_destroy_p2m:
     case HVMOP_altp2m_switch_p2m:
     case HVMOP_altp2m_set_suppress_ve:
+    case HVMOP_altp2m_set_suppress_ve_multi:
     case HVMOP_altp2m_get_suppress_ve:
     case HVMOP_altp2m_set_mem_access:
     case HVMOP_altp2m_set_mem_access_multi:
@@ -4711,6 +4712,25 @@ static int do_altp2m_op(
         }
         break;
 
+    case HVMOP_altp2m_set_suppress_ve_multi:
+    {
+        uint64_t max_phys_addr = (1UL << d->arch.cpuid->extd.maxphysaddr) - 1;
+
+        a.u.suppress_ve_multi.last_gfn = min(a.u.suppress_ve_multi.last_gfn,
+                                             max_phys_addr);
+
+        if ( a.u.suppress_ve_multi.pad1 ||
+             a.u.suppress_ve_multi.first_gfn > a.u.suppress_ve_multi.last_gfn )
+            rc = -EINVAL;
+        else
+        {
+            rc = p2m_set_suppress_ve_multi(d, &a.u.suppress_ve_multi);
+            if ( (!rc || rc == -ERESTART) && __copy_to_guest(arg, &a, 1) )
+                rc = -EFAULT;
+        }
+        break;
+    }
+
     case HVMOP_altp2m_get_suppress_ve:
         if ( a.u.suppress_ve.pad1 || a.u.suppress_ve.pad2 )
             rc = -EINVAL;
diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c
index 16039c7a57..d92613ebe4 100644
--- a/xen/arch/x86/mm/p2m.c
+++ b/xen/arch/x86/mm/p2m.c
@@ -3065,6 +3065,70 @@ out:
     return rc;
 }
 
+/*
+ * Set/clear the #VE suppress bit for multiple pages.  Only available on VMX.
+ */
+int p2m_set_suppress_ve_multi(struct domain *d,
+                              struct xen_hvm_altp2m_suppress_ve_multi *sve)
+{
+    struct p2m_domain *host_p2m = p2m_get_hostp2m(d);
+    struct p2m_domain *ap2m = NULL;
+    struct p2m_domain *p2m = host_p2m;
+    uint64_t start = sve->first_gfn;
+    int rc = 0;
+
+    if ( sve->view > 0 )
+    {
+        if ( sve->view >= MAX_ALTP2M ||
+             d->arch.altp2m_eptp[array_index_nospec(sve->view, MAX_ALTP2M)] ==
+             mfn_x(INVALID_MFN) )
+            return -EINVAL;
+
+        p2m = ap2m = d->arch.altp2m_p2m[array_index_nospec(sve->view,
+                                                           MAX_ALTP2M)];
+    }
+
+    p2m_lock(host_p2m);
+
+    if ( ap2m )
+        p2m_lock(ap2m);
+
+    while ( sve->last_gfn >= start )
+    {
+        p2m_access_t a;
+        p2m_type_t t;
+        mfn_t mfn;
+        int err = 0;
+
+        if ( altp2m_get_effective_entry(p2m, _gfn(start), &mfn, &t, &a, AP2MGET_query) )
+            a = p2m->default_access;
+
+        if ( (err = p2m->set_entry(p2m, _gfn(start), mfn, PAGE_ORDER_4K, t, a,
+                                   sve->suppress_ve)) &&
+             !sve->first_error_code )
+        {
+            sve->first_error = start; /* Save the gfn of the first error */
+            sve->first_error_code = err; /* Save the first error code */
+        }
+
+        /* Check for continuation if it's not the last iteration. */
+        if ( sve->last_gfn >= ++start && hypercall_preempt_check() )
+        {
+            rc = -ERESTART;
+            break;
+        }
+    }
+
+    sve->first_gfn = start;
+
+    if ( ap2m )
+        p2m_unlock(ap2m);
+
+    p2m_unlock(host_p2m);
+
+    return rc;
+}
+
 int p2m_get_suppress_ve(struct domain *d, gfn_t gfn, bool *suppress_ve,
                         unsigned int altp2m_idx)
 {
diff --git a/xen/include/public/hvm/hvm_op.h b/xen/include/public/hvm/hvm_op.h
index 353f8034d9..5446d634d8 100644
--- a/xen/include/public/hvm/hvm_op.h
+++ b/xen/include/public/hvm/hvm_op.h
@@ -46,6 +46,16 @@ struct xen_hvm_altp2m_suppress_ve {
     uint64_t gfn;
 };
 
+struct xen_hvm_altp2m_suppress_ve_multi {
+    uint16_t view;
+    uint8_t suppress_ve; /* Boolean type. */
+    uint8_t pad1;
+    int32_t first_error_code; /* Must be set to 0 . */
+    uint64_t first_gfn; /* Value will be updated */
+    uint64_t last_gfn;
+    uint64_t first_error; /* Gfn of the first error. Must be set to 0. */
+};
+
 #if __XEN_INTERFACE_VERSION__ < 0x00040900
 
 /* Set the logical level of one of a domain's PCI INTx wires. */
@@ -339,6 +349,8 @@ struct xen_hvm_altp2m_op {
 #define HVMOP_altp2m_vcpu_disable_notify  13
 /* Get the active vcpu p2m index */
 #define HVMOP_altp2m_get_p2m_idx          14
+/* Set the "Supress #VE" bit for a range of pages */
+#define HVMOP_altp2m_set_suppress_ve_multi 15
     domid_t domain;
     uint16_t pad1;
     uint32_t pad2;
@@ -353,6 +365,7 @@ struct xen_hvm_altp2m_op {
         struct xen_hvm_altp2m_change_gfn           change_gfn;
         struct xen_hvm_altp2m_set_mem_access_multi set_mem_access_multi;
         struct xen_hvm_altp2m_suppress_ve          suppress_ve;
+        struct xen_hvm_altp2m_suppress_ve_multi    suppress_ve_multi;
         struct xen_hvm_altp2m_vcpu_disable_notify  disable_notify;
         struct xen_hvm_altp2m_get_vcpu_p2m_idx     get_vcpu_p2m_idx;
         uint8_t pad[64];
diff --git a/xen/include/xen/mem_access.h b/xen/include/xen/mem_access.h
index e4d24502e0..00e594a0ad 100644
--- a/xen/include/xen/mem_access.h
+++ b/xen/include/xen/mem_access.h
@@ -75,6 +75,9 @@ long p2m_set_mem_access_multi(struct domain *d,
 int p2m_set_suppress_ve(struct domain *d, gfn_t gfn, bool suppress_ve,
                         unsigned int altp2m_idx);
 
+int p2m_set_suppress_ve_multi(struct domain *d,
+                              struct xen_hvm_altp2m_suppress_ve_multi *suppress_ve);
+
 int p2m_get_suppress_ve(struct domain *d, gfn_t gfn, bool *suppress_ve,
                         unsigned int altp2m_idx);
 

From patchwork Thu Dec 19 09:42:59 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Alexandru Stefan ISAILA <aisaila@bitdefender.com>
X-Patchwork-Id: 11302937
Return-Path: <SRS0=c1+a=2J=lists.xenproject.org=xen-devel-bounces@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 1A9B113A4
	for <patchwork-xen-devel@patchwork.kernel.org>;
 Thu, 19 Dec 2019 09:44:45 +0000 (UTC)
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id E9A86206B7
	for <patchwork-xen-devel@patchwork.kernel.org>;
 Thu, 19 Dec 2019 09:44:44 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=fail reason="signature verification failed" (1024-bit key)
 header.d=bitdefender.onmicrosoft.com header.i=@bitdefender.onmicrosoft.com
 header.b="mU+iNWgx"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org E9A86206B7
Authentication-Results: mail.kernel.org;
 dmarc=fail (p=none dis=none) header.from=bitdefender.com
Authentication-Results: mail.kernel.org;
 spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.89)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1ihsL2-0003dn-6z; Thu, 19 Dec 2019 09:43:20 +0000
Received: from us1-rack-iad1.inumbo.com ([172.99.69.81])
 by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from
 <SRS0=datr=2J=bitdefender.com=aisaila@srs-us1.protection.inumbo.net>)
 id 1ihsL1-0003dV-8P
 for xen-devel@lists.xenproject.org; Thu, 19 Dec 2019 09:43:19 +0000
X-Inumbo-ID: f72471e4-2243-11ea-88e7-bc764e2007e4
Received: from EUR01-DB5-obe.outbound.protection.outlook.com (unknown
 [40.107.15.132]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS
 id f72471e4-2243-11ea-88e7-bc764e2007e4;
 Thu, 19 Dec 2019 09:43:09 +0000 (UTC)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=eOgWz16Md2YgT/YrOvG6legyeqIRDGSh6n4RFomuNA9+DftYl6jqDwrAYOb17TdbLTfSwlRMF+gAz5ydgYuABgXzCN3EbuC6aXmgRzYK31Ty1usLOCmf7BkMQ4cX6BCQ36bdsWxYSOUWZWsLbHqI1Z6Z1bmKKwIeYgSu8Oy9j0wXZqkBjGzjmwPLbIZWa4Ea0jUAn5bergRKEjtK4Uw2DbbiCCJwGO7zOAlVwDqLL5MwDEdEDrK/aAwZoluoYRr8CuByutG0HcuaaomRDlPxBzgxdLSei4BMBlJDaedFhPn0ih2qbcaiPkzx8i/RlSK0MhX9dXJp6+yfS7QERogG8A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=+QefLAquYG8N3ibBCmnRRNXGa63cmqz/MXsxCsF2jCY=;
 b=Btf9jxqXc09Lqyp0mMizg3ZKSofUPIVsYymN/q4Uxj0KPHfqq7n8nQqGsQD01K8hztlvKMvD4pKOtaMdLKA8p4o1QX0xrFS9L+5Fsui82IhKwzY4CIjMtk/7PZ2w79nsWKYocx5BcbezaYsIW+HhpNq8cUOvnkqkqtKvLQfrbDfuN8sxV8bc5WbSRTUMxtbiQFY3qHX0tWIEVL7GdO1bml3v1wT3iJdNbnTUJCPi1tANt8wntLqc6WFEkJP11BGNPbW2T2DN0ibiG0zXkQdHt0oy4ahnJtxWzhipdgCmGY+me1u2nDR+OGOuoY5uP5CNSd1jO8ylKBI/s4L0pDpSDg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=bitdefender.com; dmarc=pass action=none
 header.from=bitdefender.com; dkim=pass header.d=bitdefender.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=bitdefender.onmicrosoft.com; s=selector2-bitdefender-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=+QefLAquYG8N3ibBCmnRRNXGa63cmqz/MXsxCsF2jCY=;
 b=mU+iNWgxDRxZK7lhu/XpS+MMFAt56Mit2y9jQj12HegmkVblK8HdWFxMuFZ0biK/HyGdPW0jFviWk+/8LGLLmH1aweDzinc9qYEyIqqoqBRZQpU4nCWmlsxPqQ0XSjOKbyQLELtvLLOKJkqso0UizEVqLmbIOlUMYN+/QCTb1Bw=
Received: from AM0PR02MB5553.eurprd02.prod.outlook.com (10.255.30.78) by
 AM0PR02MB4258.eurprd02.prod.outlook.com (20.177.111.16) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2538.18; Thu, 19 Dec 2019 09:43:00 +0000
Received: from AM0PR02MB5553.eurprd02.prod.outlook.com
 ([fe80::8cec:7638:734c:89d]) by AM0PR02MB5553.eurprd02.prod.outlook.com
 ([fe80::8cec:7638:734c:89d%4]) with mapi id 15.20.2559.015; Thu, 19 Dec 2019
 09:43:00 +0000
From: Alexandru Stefan ISAILA <aisaila@bitdefender.com>
To: "xen-devel@lists.xenproject.org" <xen-devel@lists.xenproject.org>
Thread-Topic: [PATCH V5 3/4] x86/mm: Pull out the p2m specifics from
 p2m_init_altp2m_ept
Thread-Index: AQHVtlCzfXpC8E7W8kCJQi1II8hFtw==
Date: Thu, 19 Dec 2019 09:42:59 +0000
Message-ID: <20191219094236.22002-3-aisaila@bitdefender.com>
References: <20191219094236.22002-1-aisaila@bitdefender.com>
In-Reply-To: <20191219094236.22002-1-aisaila@bitdefender.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-clientproxiedby: AM0PR05CA0074.eurprd05.prod.outlook.com
 (2603:10a6:208:136::14) To AM0PR02MB5553.eurprd02.prod.outlook.com
 (2603:10a6:208:160::14)
authentication-results: spf=none (sender IP is )
 smtp.mailfrom=aisaila@bitdefender.com;
x-ms-exchange-messagesentrepresentingtype: 1
x-mailer: git-send-email 2.17.1
x-originating-ip: [91.199.104.6]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 47ed198f-f8b7-4893-abe3-08d78467d59f
x-ms-traffictypediagnostic: AM0PR02MB4258:|AM0PR02MB4258:|AM0PR02MB4258:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: 
 <AM0PR02MB4258BB31256D010398353B33AB520@AM0PR02MB4258.eurprd02.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:243;
x-forefront-prvs: 0256C18696
x-forefront-antispam-report: SFV:NSPM;
 SFS:(10019020)(136003)(396003)(376002)(346002)(39860400002)(366004)(189003)(199004)(66556008)(26005)(5660300002)(478600001)(6512007)(2906002)(6506007)(81166006)(66946007)(52116002)(186003)(6916009)(66476007)(64756008)(6486002)(81156014)(71200400001)(8936002)(66446008)(36756003)(54906003)(316002)(8676002)(1076003)(4326008)(2616005)(86362001);
 DIR:OUT; SFP:1102; SCL:1; SRVR:AM0PR02MB4258;
 H:AM0PR02MB5553.eurprd02.prod.outlook.com; FPR:; SPF:None; LANG:en;
 PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: bitdefender.com does not designate
 permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 
 KLSbjVNeakFUDRZagnjzvFK8uFxeJtiltwalTI0C8UBd2K2YIPeqw9JG8M7fSvZeG79oVabXkQf2tgbEu/KXaxxPBb0LU18bZC1LT9hm2AqpIoOK7BBDd1w7AncZYb70jdMhm2BjHOf37hJXzp1vQ96bHkUlYDr9TJVPhwJKTlMUxgB/wnAxuneTRpKqXCNGtb2ZyEToCsPC+P/+nrK8VLg2hdRxFM62KdTc5fDfZfJvDE3qbK47seZA+PN5t5QEeVm+2+p7qUPVyx+qbGjORVX/PFx0SbpC1H/cHhGN6pKJwk9Z5JLD/BmVsHWQSfmYutYytWlHn//f1832Ks0wUUXcofB8s0NyAYzOSsiX1jS6D06+5EuAQ2dwcUEmdEGqvNEFlgj+OkaTEdpP1+YzRmhRDPdKoIZELBWRqw5UI0Gsyq55V88qeh63YafMKBta
Content-ID: <F22913ECC13FFB43A012F029CFE4293E@eurprd02.prod.outlook.com>
MIME-Version: 1.0
X-OriginatorOrg: bitdefender.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 47ed198f-f8b7-4893-abe3-08d78467d59f
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Dec 2019 09:43:00.0291 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 487baf29-f1da-469a-9221-243f830c36f3
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 
 nnjL2QbbLMnYLnsXJMEhu7c82LuC53JI2HC3d6dqP/dK6pCMq4QOmGEj8KMEgh/tVe7PYroZB9O44fs8UbvU+zS/mjxcQDsjX07by9FmFzk=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR02MB4258
Subject: [Xen-devel] [PATCH V5 3/4] x86/mm: Pull out the p2m specifics from
 p2m_init_altp2m_ept
X-BeenThere: xen-devel@lists.xenproject.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: Xen developer discussion <xen-devel.lists.xenproject.org>
List-Unsubscribe: <https://lists.xenproject.org/mailman/options/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xenproject.org>
List-Help: <mailto:xen-devel-request@lists.xenproject.org?subject=help>
List-Subscribe: <https://lists.xenproject.org/mailman/listinfo/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=subscribe>
Cc: Kevin Tian <kevin.tian@intel.com>, Jun Nakajima <jun.nakajima@intel.com>,
 Wei Liu <wl@xen.org>, George Dunlap <george.dunlap@eu.citrix.com>,
 Andrew Cooper <andrew.cooper3@citrix.com>, Jan Beulich <jbeulich@suse.com>,
 Alexandru Stefan ISAILA <aisaila@bitdefender.com>, =?utf-8?q?Roger_Pau_Monn?=
	=?utf-8?q?=C3=A9?= <roger.pau@citrix.com>
Errors-To: xen-devel-bounces@lists.xenproject.org
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>

Requested-by: Jan Beulich <jbeulich@suse.com>
Signed-off-by: Alexandru Isaila <aisaila@bitdefender.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
---
CC: Jun Nakajima <jun.nakajima@intel.com>
CC: Kevin Tian <kevin.tian@intel.com>
CC: George Dunlap <george.dunlap@eu.citrix.com>
CC: Jan Beulich <jbeulich@suse.com>
CC: Andrew Cooper <andrew.cooper3@citrix.com>
CC: Wei Liu <wl@xen.org>
CC: "Roger Pau Monné" <roger.pau@citrix.com>
---
 xen/arch/x86/mm/p2m-ept.c | 6 ------
 xen/arch/x86/mm/p2m.c     | 6 ++++++
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/xen/arch/x86/mm/p2m-ept.c b/xen/arch/x86/mm/p2m-ept.c
index b5517769c9..d861cd7b51 100644
--- a/xen/arch/x86/mm/p2m-ept.c
+++ b/xen/arch/x86/mm/p2m-ept.c
@@ -1357,13 +1357,7 @@ void p2m_init_altp2m_ept(struct domain *d, unsigned int i)
     struct p2m_domain *hostp2m = p2m_get_hostp2m(d);
     struct ept_data *ept;
 
-    p2m->default_access = hostp2m->default_access;
-    p2m->domain = hostp2m->domain;
-
-    p2m->global_logdirty = hostp2m->global_logdirty;
     p2m->ept.ad = hostp2m->ept.ad;
-    p2m->min_remapped_gfn = gfn_x(INVALID_GFN);
-    p2m->max_mapped_pfn = p2m->max_remapped_gfn = 0;
     ept = &p2m->ept;
     ept->mfn = pagetable_get_pfn(p2m_get_pagetable(p2m));
     d->arch.altp2m_eptp[i] = ept->eptp;
diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c
index d92613ebe4..cb5b8d67d1 100644
--- a/xen/arch/x86/mm/p2m.c
+++ b/xen/arch/x86/mm/p2m.c
@@ -2559,6 +2559,12 @@ static int p2m_activate_altp2m(struct domain *d, unsigned int idx)
         goto out;
     }
 
+    p2m->default_access = hostp2m->default_access;
+    p2m->domain = hostp2m->domain;
+    p2m->global_logdirty = hostp2m->global_logdirty;
+    p2m->min_remapped_gfn = gfn_x(INVALID_GFN);
+    p2m->max_mapped_pfn = p2m->max_remapped_gfn = 0;
+
     p2m_init_altp2m_ept(d, idx);
 
  out:

From patchwork Thu Dec 19 09:43:02 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Alexandru Stefan ISAILA <aisaila@bitdefender.com>
X-Patchwork-Id: 11302935
Return-Path: <SRS0=c1+a=2J=lists.xenproject.org=xen-devel-bounces@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id AC780921
	for <patchwork-xen-devel@patchwork.kernel.org>;
 Thu, 19 Dec 2019 09:44:44 +0000 (UTC)
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 7C4E2206B7
	for <patchwork-xen-devel@patchwork.kernel.org>;
 Thu, 19 Dec 2019 09:44:44 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=fail reason="signature verification failed" (1024-bit key)
 header.d=bitdefender.onmicrosoft.com header.i=@bitdefender.onmicrosoft.com
 header.b="ayE6DD+o"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 7C4E2206B7
Authentication-Results: mail.kernel.org;
 dmarc=fail (p=none dis=none) header.from=bitdefender.com
Authentication-Results: mail.kernel.org;
 spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.89)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1ihsKx-0003cU-Sy; Thu, 19 Dec 2019 09:43:15 +0000
Received: from us1-rack-iad1.inumbo.com ([172.99.69.81])
 by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from
 <SRS0=datr=2J=bitdefender.com=aisaila@srs-us1.protection.inumbo.net>)
 id 1ihsKw-0003cC-8F
 for xen-devel@lists.xenproject.org; Thu, 19 Dec 2019 09:43:14 +0000
X-Inumbo-ID: f3a50e84-2243-11ea-88e7-bc764e2007e4
Received: from EUR02-AM5-obe.outbound.protection.outlook.com (unknown
 [40.107.0.107]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS
 id f3a50e84-2243-11ea-88e7-bc764e2007e4;
 Thu, 19 Dec 2019 09:43:04 +0000 (UTC)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=JJDE8MRTwdOS516QybxSvpQlS5rH5nk1+Lc0Cdwn7k3KOmhYOi78R1knB1EFBPMyt+TZuj3WckgGQtWt2wO3TpV1JDjkvdOw5LP4Fp0O1rDe55UzKSUsXZKQ1gXLQlOYSSfLvUJBm5ZZfUfh9P+WDqar08Y1nF5bwx8J0CIL+6QkExOEsbtaYFDksyYE3QFS1su4OTiTlV1sqVQA7u8CX5jOSRgtQ/WI71jmnsHu/IEN9pS4jeFj0ZNCdmeRvUvwjf893UB6lb2vLPL7h8vnRRQb3+bIxT9Y+dSem0xMUNYKqUn+4NttGBLGmVwU2H5oFvZou6imSuppQWRfLx3Tcw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=h2rROfhrv+TLhpZWCedIDHiUfzzT/+Jn05q0sZpkCSM=;
 b=GsQHr1AExzw/+8xYI4iJ5l/ii2xZhH8G2DTWlxMkB9k8s0e5vjJAX9Eby8ybrihvt98gNZZotcThpypLZsnA52dDgoHks5cZBUDpMfaWLnxmdHXYArqrCc5cL5s+o3a5+6PQIiWv14RU+49VZBSDYYw7pV6h7yepctfLKjHRoKQrLdthcRUEZBx/URFPGFg5m/ns92bQpjEmk00T/iIJB80qpFQbq4Chwaf1Zt1QQoBoqJp3N4IEu7dJxr3iA7QRuRNGzaNdgdOJ3E4Y+kstlWjeaSdXsxsxudmvgb3vK7l7lwCi+qBK0tZuvPPaX4Xj+mKPeFABIiFtbzxUSSFkgA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=bitdefender.com; dmarc=pass action=none
 header.from=bitdefender.com; dkim=pass header.d=bitdefender.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=bitdefender.onmicrosoft.com; s=selector2-bitdefender-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=h2rROfhrv+TLhpZWCedIDHiUfzzT/+Jn05q0sZpkCSM=;
 b=ayE6DD+oiwvDaw82Na6id7ZbMDZABPDfutOz63EV6KnSqrFS7Iam5WQ94UGsEjAEw97va/vE3zc9oj/I9X8hSDAUXU7Gg4GcnIej/Qrmnnap0G6JewQ0/G8koDPHZ/mLqpjv6uMZaB6pWDtmQpo3Z08fp62y58bdCQf+vzOSsYk=
Received: from AM0PR02MB5553.eurprd02.prod.outlook.com (10.255.30.78) by
 AM0PR02MB3604.eurprd02.prod.outlook.com (52.134.80.143) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2559.15; Thu, 19 Dec 2019 09:43:02 +0000
Received: from AM0PR02MB5553.eurprd02.prod.outlook.com
 ([fe80::8cec:7638:734c:89d]) by AM0PR02MB5553.eurprd02.prod.outlook.com
 ([fe80::8cec:7638:734c:89d%4]) with mapi id 15.20.2559.015; Thu, 19 Dec 2019
 09:43:02 +0000
From: Alexandru Stefan ISAILA <aisaila@bitdefender.com>
To: "xen-devel@lists.xenproject.org" <xen-devel@lists.xenproject.org>
Thread-Topic: [PATCH V5 4/4] x86/mm: Make use of the default access param from
 xc_altp2m_create_view
Thread-Index: AQHVtlC0axyOFCcTm0GbblWfn3zm3Q==
Date: Thu, 19 Dec 2019 09:43:02 +0000
Message-ID: <20191219094236.22002-4-aisaila@bitdefender.com>
References: <20191219094236.22002-1-aisaila@bitdefender.com>
In-Reply-To: <20191219094236.22002-1-aisaila@bitdefender.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-clientproxiedby: AM0PR05CA0074.eurprd05.prod.outlook.com
 (2603:10a6:208:136::14) To AM0PR02MB5553.eurprd02.prod.outlook.com
 (2603:10a6:208:160::14)
authentication-results: spf=none (sender IP is )
 smtp.mailfrom=aisaila@bitdefender.com;
x-ms-exchange-messagesentrepresentingtype: 1
x-mailer: git-send-email 2.17.1
x-originating-ip: [91.199.104.6]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: c58f687d-222c-4904-102e-08d78467d70d
x-ms-traffictypediagnostic: AM0PR02MB3604:|AM0PR02MB3604:|AM0PR02MB3604:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: 
 <AM0PR02MB36042A59D91A312D64A14CCEAB520@AM0PR02MB3604.eurprd02.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:2582;
x-forefront-prvs: 0256C18696
x-forefront-antispam-report: SFV:NSPM;
 SFS:(10019020)(376002)(39860400002)(346002)(136003)(366004)(396003)(189003)(199004)(7416002)(36756003)(186003)(2906002)(71200400001)(1076003)(26005)(2616005)(4326008)(478600001)(6486002)(5660300002)(6916009)(81166006)(81156014)(8676002)(6506007)(8936002)(54906003)(66476007)(52116002)(316002)(6512007)(86362001)(66946007)(66446008)(64756008)(66556008);
 DIR:OUT; SFP:1102; SCL:1; SRVR:AM0PR02MB3604;
 H:AM0PR02MB5553.eurprd02.prod.outlook.com; FPR:; SPF:None; LANG:en;
 PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: bitdefender.com does not designate
 permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 
 wH/LiJLg3boGTswwDm49Q0z1FtSNXpXOFqodGpbBlx0HADr4n//qEoWJUWiMfJCQ/F7izOv/c2bRFuIGvn+/+83T1W2Awsxwy/fA+BpXZzJIRc2u5bz6J8LPRcm1x/b6I+9zFGmPillQu1S5oupsQB3G0AId1J6rTJWSyucqtzq6asktpuAUPcFaVgrftT83Z/KssGILrurULVoLlnQYDvQsqPeP8/Mz0xmohBjg9j9jqWbWb7hjghmEdZbQKzzFRH/nLz9fpQ2Xk57ty/eGk7fZrgjAUJlqFiIYsjQk24vwK5LM5yDz+wOQjh6Vs7XxwBsbr09Wxj2tfrLNA7sVuSd824wJkY82g3mqiJBNa1hpF0Y5YggcsH3gbXpkp0y1vSQ9yBlhz5JUCFVLMUWVAO98RvXjDcCUHEDP18dnz4LwIcMiKiPkHLW/x0V3t7lJ
Content-ID: <9F535C933703CB4FB809FA795A69EE81@eurprd02.prod.outlook.com>
MIME-Version: 1.0
X-OriginatorOrg: bitdefender.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 c58f687d-222c-4904-102e-08d78467d70d
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Dec 2019 09:43:02.2888 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 487baf29-f1da-469a-9221-243f830c36f3
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 
 HhOt577oCtuHs95w0Gd+52bYxryJp3eQHm5ei2S+HNYELYz2YiOQbn+4tshlqffu9Uk1BYEIKM2xEIF3jNNMTw3Sjoqw1uO605QvKjQ1rYI=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR02MB3604
Subject: [Xen-devel] [PATCH V5 4/4] x86/mm: Make use of the default access
 param from xc_altp2m_create_view
X-BeenThere: xen-devel@lists.xenproject.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: Xen developer discussion <xen-devel.lists.xenproject.org>
List-Unsubscribe: <https://lists.xenproject.org/mailman/options/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xenproject.org>
List-Help: <mailto:xen-devel-request@lists.xenproject.org?subject=help>
List-Subscribe: <https://lists.xenproject.org/mailman/listinfo/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=subscribe>
Cc: Petre Ovidiu PIRCALABU <ppircalabu@bitdefender.com>,
 Stefano Stabellini <sstabellini@kernel.org>, Julien Grall <julien@xen.org>,
 Razvan COJOCARU <rcojocaru@bitdefender.com>, Wei Liu <wl@xen.org>,
 Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>,
 George Dunlap <george.dunlap@eu.citrix.com>,
 Andrew Cooper <andrew.cooper3@citrix.com>,
 Ian Jackson <ian.jackson@eu.citrix.com>,
 Tamas K Lengyel <tamas@tklengyel.com>, Jan Beulich <jbeulich@suse.com>,
 Alexandru Stefan ISAILA <aisaila@bitdefender.com>, =?utf-8?q?Roger_Pau_Monn?=
	=?utf-8?q?=C3=A9?= <roger.pau@citrix.com>
Errors-To: xen-devel-bounces@lists.xenproject.org
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>

At this moment the default_access param from xc_altp2m_create_view is
not used.

This patch assigns default_access to p2m->default_access at the time of
initializing a new altp2m view.

Signed-off-by: Alexandru Isaila <aisaila@bitdefender.com>
---
CC: Jan Beulich <jbeulich@suse.com>
CC: Andrew Cooper <andrew.cooper3@citrix.com>
CC: Wei Liu <wl@xen.org>
CC: "Roger Pau Monné" <roger.pau@citrix.com>
CC: George Dunlap <George.Dunlap@eu.citrix.com>
CC: Ian Jackson <ian.jackson@eu.citrix.com>
CC: Julien Grall <julien@xen.org>
CC: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
CC: Stefano Stabellini <sstabellini@kernel.org>
CC: Razvan Cojocaru <rcojocaru@bitdefender.com>
CC: Tamas K Lengyel <tamas@tklengyel.com>
CC: Petre Pircalabu <ppircalabu@bitdefender.com>
CC: George Dunlap <george.dunlap@eu.citrix.com>
---
Changes since V4:
	- Add const struct p2m_domain *p2m to
xenmem_access_to_p2m_access()
	- Pull xenmem_access_to_p2m_access() out of the locked area
	- Add a check for NULL p2m in xenmem_access_to_p2m_access().
---
 xen/arch/x86/hvm/hvm.c          |  3 ++-
 xen/arch/x86/mm/mem_access.c    | 11 +++++++----
 xen/arch/x86/mm/p2m.c           | 21 ++++++++++++++++-----
 xen/include/asm-x86/p2m.h       |  3 ++-
 xen/include/public/hvm/hvm_op.h |  2 --
 xen/include/xen/mem_access.h    |  4 ++++
 6 files changed, 31 insertions(+), 13 deletions(-)

diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index 98d1d9788b..d7a55568c9 100644
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -4687,7 +4687,8 @@ static int do_altp2m_op(
     }
 
     case HVMOP_altp2m_create_p2m:
-        if ( !(rc = p2m_init_next_altp2m(d, &a.u.view.view)) )
+        if ( !(rc = p2m_init_next_altp2m(d, &a.u.view.view,
+                                         a.u.view.hvmmem_default_access)) )
             rc = __copy_to_guest(arg, &a, 1) ? -EFAULT : 0;
         break;
 
diff --git a/xen/arch/x86/mm/mem_access.c b/xen/arch/x86/mm/mem_access.c
index 33e379db8f..5b74a6898b 100644
--- a/xen/arch/x86/mm/mem_access.c
+++ b/xen/arch/x86/mm/mem_access.c
@@ -314,9 +314,9 @@ static int set_mem_access(struct domain *d, struct p2m_domain *p2m,
     return rc;
 }
 
-static bool xenmem_access_to_p2m_access(struct p2m_domain *p2m,
-                                        xenmem_access_t xaccess,
-                                        p2m_access_t *paccess)
+bool xenmem_access_to_p2m_access(const struct p2m_domain *p2m,
+                                 xenmem_access_t xaccess,
+                                 p2m_access_t *paccess)
 {
     static const p2m_access_t memaccess[] = {
 #define ACCESS(ac) [XENMEM_access_##ac] = p2m_access_##ac
@@ -340,7 +340,10 @@ static bool xenmem_access_to_p2m_access(struct p2m_domain *p2m,
         *paccess = memaccess[xaccess];
         break;
     case XENMEM_access_default:
-        *paccess = p2m->default_access;
+        if ( !p2m )
+            *paccess = p2m_access_rwx;
+        else
+            *paccess = p2m->default_access;
         break;
     default:
         return false;
diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c
index cb5b8d67d1..2774811bb8 100644
--- a/xen/arch/x86/mm/p2m.c
+++ b/xen/arch/x86/mm/p2m.c
@@ -25,6 +25,7 @@
 
 #include <xen/guest_access.h> /* copy_from_guest() */
 #include <xen/iommu.h>
+#include <xen/mem_access.h>
 #include <xen/vm_event.h>
 #include <xen/event.h>
 #include <public/vm_event.h>
@@ -2533,7 +2534,8 @@ void p2m_flush_altp2m(struct domain *d)
     altp2m_list_unlock(d);
 }
 
-static int p2m_activate_altp2m(struct domain *d, unsigned int idx)
+static int p2m_activate_altp2m(struct domain *d, unsigned int idx,
+                               p2m_access_t hvmmem_default_access)
 {
     struct p2m_domain *hostp2m, *p2m;
     int rc;
@@ -2559,7 +2561,7 @@ static int p2m_activate_altp2m(struct domain *d, unsigned int idx)
         goto out;
     }
 
-    p2m->default_access = hostp2m->default_access;
+    p2m->default_access = hvmmem_default_access;
     p2m->domain = hostp2m->domain;
     p2m->global_logdirty = hostp2m->global_logdirty;
     p2m->min_remapped_gfn = gfn_x(INVALID_GFN);
@@ -2576,6 +2578,7 @@ static int p2m_activate_altp2m(struct domain *d, unsigned int idx)
 int p2m_init_altp2m_by_id(struct domain *d, unsigned int idx)
 {
     int rc = -EINVAL;
+    struct p2m_domain *hostp2m = p2m_get_hostp2m(d);
 
     if ( idx >= MAX_ALTP2M )
         return rc;
@@ -2584,16 +2587,23 @@ int p2m_init_altp2m_by_id(struct domain *d, unsigned int idx)
     altp2m_list_lock(d);
 
     if ( d->arch.altp2m_eptp[idx] == mfn_x(INVALID_MFN) )
-        rc = p2m_activate_altp2m(d, idx);
+        rc = p2m_activate_altp2m(d, idx, hostp2m->default_access);
 
     altp2m_list_unlock(d);
     return rc;
 }
 
-int p2m_init_next_altp2m(struct domain *d, uint16_t *idx)
+int p2m_init_next_altp2m(struct domain *d, uint16_t *idx,
+                         xenmem_access_t hvmmem_default_access)
 {
     int rc = -EINVAL;
     unsigned int i;
+    p2m_access_t a;
+    struct p2m_domain *p2m;
+
+    if ( hvmmem_default_access > XENMEM_access_default ||
+         !xenmem_access_to_p2m_access(NULL, hvmmem_default_access, &a) )
+        return rc;
 
     altp2m_list_lock(d);
 
@@ -2602,7 +2612,8 @@ int p2m_init_next_altp2m(struct domain *d, uint16_t *idx)
         if ( d->arch.altp2m_eptp[i] != mfn_x(INVALID_MFN) )
             continue;
 
-        rc = p2m_activate_altp2m(d, i);
+        p2m = d->arch.altp2m_p2m[i];
+        rc = p2m_activate_altp2m(d, i, a);
 
         if ( !rc )
             *idx = i;
diff --git a/xen/include/asm-x86/p2m.h b/xen/include/asm-x86/p2m.h
index 94285db1b4..ac2d2787f4 100644
--- a/xen/include/asm-x86/p2m.h
+++ b/xen/include/asm-x86/p2m.h
@@ -884,7 +884,8 @@ bool p2m_altp2m_get_or_propagate(struct p2m_domain *ap2m, unsigned long gfn_l,
 int p2m_init_altp2m_by_id(struct domain *d, unsigned int idx);
 
 /* Find an available alternate p2m and make it valid */
-int p2m_init_next_altp2m(struct domain *d, uint16_t *idx);
+int p2m_init_next_altp2m(struct domain *d, uint16_t *idx,
+                         xenmem_access_t hvmmem_default_access);
 
 /* Make a specific alternate p2m invalid */
 int p2m_destroy_altp2m_by_id(struct domain *d, unsigned int idx);
diff --git a/xen/include/public/hvm/hvm_op.h b/xen/include/public/hvm/hvm_op.h
index 5446d634d8..49816d9312 100644
--- a/xen/include/public/hvm/hvm_op.h
+++ b/xen/include/public/hvm/hvm_op.h
@@ -251,8 +251,6 @@ DEFINE_XEN_GUEST_HANDLE(xen_hvm_altp2m_vcpu_disable_notify_t);
 struct xen_hvm_altp2m_view {
     /* IN/OUT variable */
     uint16_t view;
-    /* Create view only: default access type
-     * NOTE: currently ignored */
     uint16_t hvmmem_default_access; /* xenmem_access_t */
 };
 typedef struct xen_hvm_altp2m_view xen_hvm_altp2m_view_t;
diff --git a/xen/include/xen/mem_access.h b/xen/include/xen/mem_access.h
index 00e594a0ad..5d53fb8ce4 100644
--- a/xen/include/xen/mem_access.h
+++ b/xen/include/xen/mem_access.h
@@ -58,6 +58,10 @@ typedef enum {
     /* NOTE: Assumed to be only 4 bits right now on x86. */
 } p2m_access_t;
 
+bool xenmem_access_to_p2m_access(const struct p2m_domain *p2m,
+                                 xenmem_access_t xaccess,
+                                 p2m_access_t *paccess);
+
 /*
  * Set access type for a region of gfns.
  * If gfn == INVALID_GFN, sets the default access type.