Re: [PATCH v3 1/4] xen/libxc: Allow changes to hypervisor CPUID leaf from config file

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Boris Ostrovsky <boris.ostrovsky@oracle.com>
To: Jan Beulich <JBeulich@suse.com>
Cc: keir@xen.org, ian.campbell@citrix.com,
	stefano.stabellini@eu.citrix.com, andrew.cooper3@citrix.com,
	eddie.dong@intel.com, xen-devel@lists.xen.org,
	jun.nakajima@intel.com, ian.jackson@eu.citrix.com
Subject: Re: [PATCH v3 1/4] xen/libxc: Allow changes to hypervisor CPUID leaf from config file
Date: Fri, 14 Mar 2014 11:41:15 -0400	[thread overview]
Message-ID: <5323231B.9000607@oracle.com> (raw)
In-Reply-To: <5322C7510200007800124111@nat28.tlf.novell.com>

On 03/14/2014 04:09 AM, Jan Beulich wrote:
>>>> On 13.03.14 at 19:08, Boris Ostrovsky <boris.ostrovsky@oracle.com> wrote:
>> @@ -43,22 +45,29 @@ static int hypervisor_is_64bit(xc_interface *xch)
>>   static void cpuid(const unsigned int *input, unsigned int *regs)
>>   {
>>       unsigned int count = (input[1] == XEN_CPUID_INPUT_UNUSED) ? 0 : input[1];
>> +    uint8_t is_hyp = IS_HYPERVISOR_LEAF(input[0]);
>>   #ifdef __i386__
>>       /* Use the stack to avoid reg constraint failures with some gcc flags */
>>       asm (
>>           "push %%ebx; push %%edx\n\t"
>> -        "cpuid\n\t"
>> +        "testb $0xff,%5\n\t"
>> +        "jz 1f\n\t"
>> +        XEN_EMULATE_PREFIX
>> +        "1: cpuid\n\t"
>>           "mov %%ebx,4(%4)\n\t"
>>           "mov %%edx,12(%4)\n\t"
>>           "pop %%edx; pop %%ebx\n\t"
>>           : "=a" (regs[0]), "=c" (regs[2])
>> -        : "0" (input[0]), "1" (count), "S" (regs)
>> +        : "0" (input[0]), "1" (count), "S" (regs), "m" (is_hyp)
> All inputs must be in registers here, since memory references might
> use %esp and hence be off by 2 stack slots due to the pushes/pops
> surrounding the actual operation. Since you evaluate the flag prior
> to the CPUID, using "db" as constraint would seem possible here.

gcc for some reason rejects "b" as inconsistent (but "d" works fine).


>> @@ -555,6 +564,15 @@ static int xc_cpuid_policy(
>>   {
>>       xc_dominfo_t        info;
>>   
>> +    if ( IS_HYPERVISOR_LEAF(input[0]) )
>> +    {
>> +        /* Only leaf 1 can be modified */
>> +        if ( input[0] == 0x40000000 )
>> +            return 0;
>> +        else
>> +            return -EACCES;
> And I'm still worried about altering this in uncontrolled ways: No
> good can result from allowing ecx/edx/ebx to be modified, and
> improperly modifying the eax value (namely putting in place
> wrong upper bits, the more that those aren't statically
> determined) won't help much either. IOW it should really only
> be the low 8 bits of eax that can be overridden, and it shouldn't
> be possible to clear these 8 bits.

I'll add mask array to xc_cpuid_policy (and probably other policy
routines that it calls) that will specify bits that are permitted to be
overwritten.

-boris

next prev parent reply	other threads:[~2014-03-14 15:41 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-03-13 18:08 [PATCH v3 0/4] Expose HW APIC virtualization support to HVM guests Boris Ostrovsky
2014-03-13 18:08 ` [PATCH v3 1/4] xen/libxc: Allow changes to hypervisor CPUID leaf from config file Boris Ostrovsky
2014-03-14  8:09   ` Jan Beulich
2014-03-14 15:41     ` Boris Ostrovsky [this message]
2014-03-14 15:53       ` Jan Beulich
2014-03-13 18:08 ` [PATCH v3 2/4] x86/hvm: Revert 80ecb40362365ba77e68fc609de8bd3b7208ae19 Boris Ostrovsky
2014-03-13 18:08 ` [PATCH v3 3/4] x86/hvm: Add HVM-specific hypervisor CPUID leaf Boris Ostrovsky
2014-03-14  8:14   ` Jan Beulich
2014-03-14 14:41     ` Boris Ostrovsky
2014-03-14 14:52       ` Jan Beulich
2014-03-13 18:08 ` [PATCH v3 4/4] x86/hvm: Indicate avaliability of HW support of APIC virtualization to HVM guests Boris Ostrovsky
2014-03-14  1:48   ` Zhang, Yang Z
2014-03-14 13:55     ` Boris Ostrovsky
2014-03-17  0:40       ` Zhang, Yang Z
2014-03-17 17:18         ` Boris Ostrovsky
2014-03-14  8:16   ` Jan Beulich

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=5323231B.9000607@oracle.com \
    --to=boris.ostrovsky@oracle.com \
    --cc=JBeulich@suse.com \
    --cc=andrew.cooper3@citrix.com \
    --cc=eddie.dong@intel.com \
    --cc=ian.campbell@citrix.com \
    --cc=ian.jackson@eu.citrix.com \
    --cc=jun.nakajima@intel.com \
    --cc=keir@xen.org \
    --cc=stefano.stabellini@eu.citrix.com \
    --cc=xen-devel@lists.xen.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.