1. 07 8月, 2019 1 次提交
    • Z
      xen/pv: Fix a boot up hang revealed by int3 self test · 11cb9f87
      Zhenzhong Duan 提交于
      [ Upstream commit b23e5844dfe78a80ba672793187d3f52e4b528d7 ]
      
      Commit 7457c0da024b ("x86/alternatives: Add int3_emulate_call()
      selftest") is used to ensure there is a gap setup in int3 exception stack
      which could be used for inserting call return address.
      
      This gap is missed in XEN PV int3 exception entry path, then below panic
      triggered:
      
      [    0.772876] general protection fault: 0000 [#1] SMP NOPTI
      [    0.772886] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.2.0+ #11
      [    0.772893] RIP: e030:int3_magic+0x0/0x7
      [    0.772905] RSP: 3507:ffffffff82203e98 EFLAGS: 00000246
      [    0.773334] Call Trace:
      [    0.773334]  alternative_instructions+0x3d/0x12e
      [    0.773334]  check_bugs+0x7c9/0x887
      [    0.773334]  ? __get_locked_pte+0x178/0x1f0
      [    0.773334]  start_kernel+0x4ff/0x535
      [    0.773334]  ? set_init_arg+0x55/0x55
      [    0.773334]  xen_start_kernel+0x571/0x57a
      
      For 64bit PV guests, Xen's ABI enters the kernel with using SYSRET, with
      %rcx/%r11 on the stack. To convert back to "normal" looking exceptions,
      the xen thunks do 'xen_*: pop %rcx; pop %r11; jmp *'.
      
      E.g. Extracting 'xen_pv_trap xenint3' we have:
      xen_xenint3:
       pop %rcx;
       pop %r11;
       jmp xenint3
      
      As xenint3 and int3 entry code are same except xenint3 doesn't generate
      a gap, we can fix it by using int3 and drop useless xenint3.
      Signed-off-by: NZhenzhong Duan <zhenzhong.duan@oracle.com>
      Reviewed-by: NJuergen Gross <jgross@suse.com>
      Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com>
      Cc: Juergen Gross <jgross@suse.com>
      Cc: Stefano Stabellini <sstabellini@kernel.org>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Ingo Molnar <mingo@redhat.com>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Andrew Cooper <andrew.cooper3@citrix.com>
      Signed-off-by: NJuergen Gross <jgross@suse.com>
      Signed-off-by: NSasha Levin <sashal@kernel.org>
      11cb9f87
  2. 22 5月, 2019 1 次提交
  3. 24 3月, 2019 1 次提交
    • J
      xen: fix dom0 boot on huge systems · 468ff43f
      Juergen Gross 提交于
      commit 01bd2ac2f55a1916d81dace12fa8d7ae1c79b5ea upstream.
      
      Commit f7c90c2a ("x86/xen: don't write ptes directly in 32-bit
      PV guests") introduced a regression for booting dom0 on huge systems
      with lots of RAM (in the TB range).
      
      Reason is that on those hosts the p2m list needs to be moved early in
      the boot process and this requires temporary page tables to be created.
      Said commit modified xen_set_pte_init() to use a hypercall for writing
      a PTE, but this requires the page table being in the direct mapped
      area, which is not the case for the temporary page tables used in
      xen_relocate_p2m().
      
      As the page tables are completely written before being linked to the
      actual address space instead of set_pte() a plain write to memory can
      be used in xen_relocate_p2m().
      
      Fixes: f7c90c2a ("x86/xen: don't write ptes directly in 32-bit PV guests")
      Cc: stable@vger.kernel.org
      Signed-off-by: NJuergen Gross <jgross@suse.com>
      Reviewed-by: NJan Beulich <jbeulich@suse.com>
      Signed-off-by: NJuergen Gross <jgross@suse.com>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      468ff43f
  4. 27 2月, 2019 1 次提交
  5. 23 1月, 2019 1 次提交
  6. 13 1月, 2019 1 次提交
  7. 17 12月, 2018 1 次提交
  8. 27 11月, 2018 1 次提交
  9. 14 11月, 2018 6 次提交
  10. 21 9月, 2018 1 次提交
  11. 19 9月, 2018 1 次提交
  12. 29 8月, 2018 1 次提交
  13. 27 8月, 2018 1 次提交
  14. 24 8月, 2018 1 次提交
  15. 21 8月, 2018 4 次提交
  16. 07 8月, 2018 2 次提交
    • J
      xen: don't use privcmd_call() from xen_mc_flush() · cd913922
      Juergen Gross 提交于
      Using privcmd_call() for a singleton multicall seems to be wrong, as
      privcmd_call() is using stac()/clac() to enable hypervisor access to
      Linux user space.
      
      Even if currently not a problem (pv domains can't use SMAP while HVM
      and PVH domains can't use multicalls) things might change when
      PVH dom0 support is added to the kernel.
      Reported-by: NJan Beulich <jbeulich@suse.com>
      Signed-off-by: NJuergen Gross <jgross@suse.com>
      Reviewed-by: NJan Beulich <jbeulich@suse.com>
      Signed-off-by: NBoris Ostrovsky <boris.ostrovsky@oracle.com>
      cd913922
    • M
      xen/pv: Call get_cpu_address_sizes to set x86_virt/phys_bits · 405c018a
      M. Vefa Bicakci 提交于
      Commit d94a155c ("x86/cpu: Prevent cpuinfo_x86::x86_phys_bits
      adjustment corruption") has moved the query and calculation of the
      x86_virt_bits and x86_phys_bits fields of the cpuinfo_x86 struct
      from the get_cpu_cap function to a new function named
      get_cpu_address_sizes.
      
      One of the call sites related to Xen PV VMs was unfortunately missed
      in the aforementioned commit. This prevents successful boot-up of
      kernel versions 4.17 and up in Xen PV VMs if CONFIG_DEBUG_VIRTUAL
      is enabled, due to the following code path:
      
        enlighten_pv.c::xen_start_kernel
          mmu_pv.c::xen_reserve_special_pages
            page.h::__pa
              physaddr.c::__phys_addr
                physaddr.h::phys_addr_valid
      
      phys_addr_valid uses boot_cpu_data.x86_phys_bits to validate physical
      addresses. boot_cpu_data.x86_phys_bits is no longer populated before
      the call to xen_reserve_special_pages due to the aforementioned commit
      though, so the validation performed by phys_addr_valid fails, which
      causes __phys_addr to trigger a BUG, preventing boot-up.
      Signed-off-by: NM. Vefa Bicakci <m.v.b@runbox.com>
      Reviewed-by: NThomas Gleixner <tglx@linutronix.de>
      Reviewed-by: NBoris Ostrovsky <boris.ostrovsky@oracle.com>
      Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Ingo Molnar <mingo@redhat.com>
      Cc: "H. Peter Anvin" <hpa@zytor.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com>
      Cc: Juergen Gross <jgross@suse.com>
      Cc: xen-devel@lists.xenproject.org
      Cc: x86@kernel.org
      Cc: stable@vger.kernel.org # for v4.17 and up
      Fixes: d94a155c ("x86/cpu: Prevent cpuinfo_x86::x86_phys_bits adjustment corruption")
      Signed-off-by: NBoris Ostrovsky <boris.ostrovsky@oracle.com>
      405c018a
  17. 05 8月, 2018 1 次提交
    • N
      x86: Don't include linux/irq.h from asm/hardirq.h · 447ae316
      Nicolai Stange 提交于
      The next patch in this series will have to make the definition of
      irq_cpustat_t available to entering_irq().
      
      Inclusion of asm/hardirq.h into asm/apic.h would cause circular header
      dependencies like
      
        asm/smp.h
          asm/apic.h
            asm/hardirq.h
              linux/irq.h
                linux/topology.h
                  linux/smp.h
                    asm/smp.h
      
      or
      
        linux/gfp.h
          linux/mmzone.h
            asm/mmzone.h
              asm/mmzone_64.h
                asm/smp.h
                  asm/apic.h
                    asm/hardirq.h
                      linux/irq.h
                        linux/irqdesc.h
                          linux/kobject.h
                            linux/sysfs.h
                              linux/kernfs.h
                                linux/idr.h
                                  linux/gfp.h
      
      and others.
      
      This causes compilation errors because of the header guards becoming
      effective in the second inclusion: symbols/macros that had been defined
      before wouldn't be available to intermediate headers in the #include chain
      anymore.
      
      A possible workaround would be to move the definition of irq_cpustat_t
      into its own header and include that from both, asm/hardirq.h and
      asm/apic.h.
      
      However, this wouldn't solve the real problem, namely asm/harirq.h
      unnecessarily pulling in all the linux/irq.h cruft: nothing in
      asm/hardirq.h itself requires it. Also, note that there are some other
      archs, like e.g. arm64, which don't have that #include in their
      asm/hardirq.h.
      
      Remove the linux/irq.h #include from x86' asm/hardirq.h.
      
      Fix resulting compilation errors by adding appropriate #includes to *.c
      files as needed.
      
      Note that some of these *.c files could be cleaned up a bit wrt. to their
      set of #includes, but that should better be done from separate patches, if
      at all.
      Signed-off-by: NNicolai Stange <nstange@suse.de>
      Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
      447ae316
  18. 27 7月, 2018 1 次提交
  19. 20 7月, 2018 2 次提交
    • P
      x86/xen/time: Output xen sched_clock time from 0 · 38669ba2
      Pavel Tatashin 提交于
      It is expected for sched_clock() to output data from 0, when system boots.
      
      Add an offset xen_sched_clock_offset (similarly how it is done in other
      hypervisors i.e. kvm_sched_clock_offset) to count sched_clock() from 0,
      when time is first initialized.
      Signed-off-by: NPavel Tatashin <pasha.tatashin@oracle.com>
      Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
      Cc: steven.sistare@oracle.com
      Cc: daniel.m.jordan@oracle.com
      Cc: linux@armlinux.org.uk
      Cc: schwidefsky@de.ibm.com
      Cc: heiko.carstens@de.ibm.com
      Cc: john.stultz@linaro.org
      Cc: sboyd@codeaurora.org
      Cc: hpa@zytor.com
      Cc: douly.fnst@cn.fujitsu.com
      Cc: peterz@infradead.org
      Cc: prarit@redhat.com
      Cc: feng.tang@intel.com
      Cc: pmladek@suse.com
      Cc: gnomes@lxorguk.ukuu.org.uk
      Cc: linux-s390@vger.kernel.org
      Cc: boris.ostrovsky@oracle.com
      Cc: jgross@suse.com
      Cc: pbonzini@redhat.com
      Link: https://lkml.kernel.org/r/20180719205545.16512-14-pasha.tatashin@oracle.com
      38669ba2
    • P
      x86/xen/time: Initialize pv xen time in init_hypervisor_platform() · 7b25b9cb
      Pavel Tatashin 提交于
      In every hypervisor except for xen pv time ops are initialized in
      init_hypervisor_platform().
      
      Xen PV domains initialize time ops in x86_init.paging.pagetable_init(),
      by calling xen_setup_shared_info() which is a poor design, as time is
      needed prior to memory allocator.
      
      xen_setup_shared_info() is called from two places: during boot, and
      after suspend. Split the content of xen_setup_shared_info() into
      three places:
      
      1. add the clock relavent data into new xen pv init_platform vector, and
         set clock ops in there.
      
      2. move xen_setup_vcpu_info_placement() to new xen_pv_guest_late_init()
         call.
      
      3. Re-initializing parts of shared info copy to xen_pv_post_suspend() to
         be symmetric to xen_pv_pre_suspend
      Signed-off-by: NPavel Tatashin <pasha.tatashin@oracle.com>
      Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
      Cc: steven.sistare@oracle.com
      Cc: daniel.m.jordan@oracle.com
      Cc: linux@armlinux.org.uk
      Cc: schwidefsky@de.ibm.com
      Cc: heiko.carstens@de.ibm.com
      Cc: john.stultz@linaro.org
      Cc: sboyd@codeaurora.org
      Cc: hpa@zytor.com
      Cc: douly.fnst@cn.fujitsu.com
      Cc: peterz@infradead.org
      Cc: prarit@redhat.com
      Cc: feng.tang@intel.com
      Cc: pmladek@suse.com
      Cc: gnomes@lxorguk.ukuu.org.uk
      Cc: linux-s390@vger.kernel.org
      Cc: boris.ostrovsky@oracle.com
      Cc: jgross@suse.com
      Cc: pbonzini@redhat.com
      Link: https://lkml.kernel.org/r/20180719205545.16512-13-pasha.tatashin@oracle.com
      7b25b9cb
  20. 13 7月, 2018 1 次提交
  21. 12 7月, 2018 1 次提交
  22. 21 6月, 2018 1 次提交
  23. 19 6月, 2018 1 次提交
  24. 04 6月, 2018 2 次提交
  25. 19 5月, 2018 1 次提交
  26. 15 5月, 2018 1 次提交
  27. 14 5月, 2018 2 次提交
    • P
      xen/privcmd: add IOCTL_PRIVCMD_MMAP_RESOURCE · 3ad08765
      Paul Durrant 提交于
      My recent Xen patch series introduces a new HYPERVISOR_memory_op to
      support direct priv-mapping of certain guest resources (such as ioreq
      pages, used by emulators) by a tools domain, rather than having to access
      such resources via the guest P2M.
      
      This patch adds the necessary infrastructure to the privcmd driver and
      Xen MMU code to support direct resource mapping.
      
      NOTE: The adjustment in the MMU code is partially cosmetic. Xen will now
            allow a PV tools domain to map guest pages either by GFN or MFN, thus
            the term 'mfn' has been swapped for 'pfn' in the lower layers of the
            remap code.
      Signed-off-by: NPaul Durrant <paul.durrant@citrix.com>
      Reviewed-by: NBoris Ostrovsky <boris.ostrovsky@oracle.com>
      Signed-off-by: NJuergen Gross <jgross@suse.com>
      3ad08765
    • D
      x86/xen/efi: Initialize UEFI secure boot state during dom0 boot · a7012bdb
      Daniel Kiper 提交于
      Initialize UEFI secure boot state during dom0 boot. Otherwise the kernel
      may not even know that it runs on secure boot enabled platform.
      
      Note that part of drivers/firmware/efi/libstub/secureboot.c is duplicated
      by this patch, only in this case, it runs in the context of the kernel
      proper rather than UEFI boot context. The reason for the duplication is
      that maintaining the original code to run correctly on ARM/arm64 as well
      as on all the quirky x86 firmware we support is enough of a burden as it
      is, and adding the x86/Xen execution context to that mix just so we can
      reuse a single routine just isn't worth it.
      
      [ardb: explain rationale for code duplication]
      Signed-off-by: NDaniel Kiper <daniel.kiper@oracle.com>
      Signed-off-by: NArd Biesheuvel <ard.biesheuvel@linaro.org>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Matt Fleming <matt@codeblueprint.co.uk>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: linux-efi@vger.kernel.org
      Link: http://lkml.kernel.org/r/20180504060003.19618-2-ard.biesheuvel@linaro.orgSigned-off-by: NIngo Molnar <mingo@kernel.org>
      a7012bdb
  28. 08 5月, 2018 1 次提交
    • V
      x86/xen: Reset VCPU0 info pointer after shared_info remap · d1ecfa9d
      van der Linden, Frank 提交于
      This patch fixes crashes during boot for HVM guests on older (pre HVM
      vector callback) Xen versions. Without this, current kernels will always
      fail to boot on those Xen versions.
      
      Sample stack trace:
      
         BUG: unable to handle kernel paging request at ffffffffff200000
         IP: __xen_evtchn_do_upcall+0x1e/0x80
         PGD 1e0e067 P4D 1e0e067 PUD 1e10067 PMD 235c067 PTE 0
          Oops: 0002 [#1] SMP PTI
         Modules linked in:
         CPU: 0 PID: 512 Comm: kworker/u2:0 Not tainted 4.14.33-52.13.amzn1.x86_64 #1
         Hardware name: Xen HVM domU, BIOS 3.4.3.amazon 11/11/2016
         task: ffff88002531d700 task.stack: ffffc90000480000
         RIP: 0010:__xen_evtchn_do_upcall+0x1e/0x80
         RSP: 0000:ffff880025403ef0 EFLAGS: 00010046
         RAX: ffffffff813cc760 RBX: ffffffffff200000 RCX: ffffc90000483ef0
         RDX: ffff880020540a00 RSI: ffff880023c78000 RDI: 000000000000001c
         RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
         R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
         R13: ffff880025403f5c R14: 0000000000000000 R15: 0000000000000000
         FS:  0000000000000000(0000) GS:ffff880025400000(0000) knlGS:0000000000000000
         CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
         CR2: ffffffffff200000 CR3: 0000000001e0a000 CR4: 00000000000006f0
          Call Trace:
         <IRQ>
         do_hvm_evtchn_intr+0xa/0x10
         __handle_irq_event_percpu+0x43/0x1a0
         handle_irq_event_percpu+0x20/0x50
         handle_irq_event+0x39/0x60
         handle_fasteoi_irq+0x80/0x140
         handle_irq+0xaf/0x120
         do_IRQ+0x41/0xd0
         common_interrupt+0x7d/0x7d
         </IRQ>
      
      During boot, the HYPERVISOR_shared_info page gets remapped to make it work
      with KASLR. This means that any pointer derived from it needs to be
      adjusted.
      
      The only value that this applies to is the vcpu_info pointer for VCPU 0.
      For PV and HVM with the callback vector feature, this gets done via the
      smp_ops prepare_boot_cpu callback. Older Xen versions do not support the
      HVM callback vector, so there is no Xen-specific smp_ops set up in that
      scenario. So, the vcpu_info pointer for VCPU 0 never gets set to the proper
      value, and the first reference of it will be bad. Fix this by resetting it
      immediately after the remap.
      Signed-off-by: NFrank van der Linden <fllinden@amazon.com>
      Reviewed-by: NEduardo Valentin <eduval@amazon.com>
      Reviewed-by: NAlakesh Haloi <alakeshh@amazon.com>
      Reviewed-by: NVallish Vaidyeshwara <vallish@amazon.com>
      Reviewed-by: NBoris Ostrovsky <boris.ostrovsky@oracle.com>
      Cc: Juergen Gross <jgross@suse.com>
      Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com>
      Cc: xen-devel@lists.xenproject.org
      Signed-off-by: NBoris Ostrovsky <boris.ostrovsky@oracle.com>
      d1ecfa9d