[PATCH] x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH] x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0
@ 2024-12-21 21:10 Andrew Cooper
  2024-12-22 11:03 ` Peter Zijlstra
                   ` (2 more replies)
  0 siblings, 3 replies; 4+ messages in thread
From: Andrew Cooper @ 2024-12-21 21:10 UTC (permalink / raw)
  To: LKML
  Cc: Andrew Cooper, Alex Zenla, Peter Zijlstra, Josh Poimboeuf,
	Jason Baron, Steven Rostedt, Ard Biesheuvel, Thomas Gleixner,
	Ingo Molnar, Borislav Petkov, Dave Hansen, x86, H. Peter Anvin,
	Juergen Gross, stable

__static_call_update_early() has a check for early_boot_irqs_disabled, but
is used before early_boot_irqs_disabled is set up in start_kernel().

Xen PV has always special cased early_boot_irqs_disabled, but Xen PVH does
not and falls over the BUG when booting as dom0.

It is very suspect that early_boot_irqs_disabled starts as 0, becomes 1 for
a time, then becomes 0 again, but as this needs backporting to fix a
breakage in a security fix, dropping the BUG_ON() is the far safer option.

Fixes: 0ef8047b737d ("x86/static-call: provide a way to do very early static-call updates")
Reported-by: Alex Zenla <alex@edera.dev>
Closes: https://bugzilla.kernel.org/show_bug.cgi?id=219620
Suggested-by: Peter Zijlstra <peterz@infradead.org>
Tested-by: Alex Zenla <alex@edera.dev>
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
---
CC: Peter Zijlstra <peterz@infradead.org>
CC: Josh Poimboeuf <jpoimboe@kernel.org>
CC: Jason Baron <jbaron@akamai.com>
CC: Steven Rostedt <rostedt@goodmis.org>
CC: Ard Biesheuvel <ardb@kernel.org>
CC: Thomas Gleixner <tglx@linutronix.de>
CC: Ingo Molnar <mingo@redhat.com>
CC: Borislav Petkov <bp@alien8.de>
CC: Dave Hansen <dave.hansen@linux.intel.com>
CC: x86@kernel.org
CC: "H. Peter Anvin" <hpa@zytor.com>
CC: Juergen Gross <jgross@suse.com>
CC: linux-kernel@vger.kernel.org
CC: stable@kernel.org

It's not entirely clear why PVH domU is fine but PVH dom0 is not.  It crashes
so early there's no console or useful backtrace.
---
 arch/x86/kernel/static_call.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/arch/x86/kernel/static_call.c b/arch/x86/kernel/static_call.c
index 9eed0c144dad..9e51242ed125 100644
--- a/arch/x86/kernel/static_call.c
+++ b/arch/x86/kernel/static_call.c
@@ -175,7 +175,6 @@ EXPORT_SYMBOL_GPL(arch_static_call_transform);
 noinstr void __static_call_update_early(void *tramp, void *func)
 {
 	BUG_ON(system_state != SYSTEM_BOOTING);
-	BUG_ON(!early_boot_irqs_disabled);
 	BUG_ON(static_call_initialized);
 	__text_gen_insn(tramp, JMP32_INSN_OPCODE, tramp, func, JMP32_INSN_SIZE);
 	sync_core();

base-commit: e84a3bf7f4aa669c05e3884497774148ac111468
-- 
2.39.5


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH] x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0
  2024-12-21 21:10 [PATCH] x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0 Andrew Cooper
@ 2024-12-22 11:03 ` Peter Zijlstra
  2025-01-02 11:57 ` Jürgen Groß
  2025-01-02 16:30 ` [tip: x86/urgent] " tip-bot2 for Andrew Cooper
  2 siblings, 0 replies; 4+ messages in thread
From: Peter Zijlstra @ 2024-12-22 11:03 UTC (permalink / raw)
  To: Andrew Cooper
  Cc: LKML, Alex Zenla, Josh Poimboeuf, Jason Baron, Steven Rostedt,
	Ard Biesheuvel, Thomas Gleixner, Ingo Molnar, Borislav Petkov,
	Dave Hansen, x86, H. Peter Anvin, Juergen Gross, stable

On Sat, Dec 21, 2024 at 09:10:46PM +0000, Andrew Cooper wrote:
> __static_call_update_early() has a check for early_boot_irqs_disabled, but
> is used before early_boot_irqs_disabled is set up in start_kernel().
> 
> Xen PV has always special cased early_boot_irqs_disabled, but Xen PVH does
> not and falls over the BUG when booting as dom0.
> 
> It is very suspect that early_boot_irqs_disabled starts as 0, becomes 1 for
> a time, then becomes 0 again, but as this needs backporting to fix a
> breakage in a security fix, dropping the BUG_ON() is the far safer option.

Agreed.

> Fixes: 0ef8047b737d ("x86/static-call: provide a way to do very early static-call updates")
> Reported-by: Alex Zenla <alex@edera.dev>
> Closes: https://bugzilla.kernel.org/show_bug.cgi?id=219620
> Suggested-by: Peter Zijlstra <peterz@infradead.org>
> Tested-by: Alex Zenla <alex@edera.dev>
> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>

Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org>

> ---
>  arch/x86/kernel/static_call.c | 1 -
>  1 file changed, 1 deletion(-)
> 
> diff --git a/arch/x86/kernel/static_call.c b/arch/x86/kernel/static_call.c
> index 9eed0c144dad..9e51242ed125 100644
> --- a/arch/x86/kernel/static_call.c
> +++ b/arch/x86/kernel/static_call.c
> @@ -175,7 +175,6 @@ EXPORT_SYMBOL_GPL(arch_static_call_transform);
>  noinstr void __static_call_update_early(void *tramp, void *func)
>  {
>  	BUG_ON(system_state != SYSTEM_BOOTING);
> -	BUG_ON(!early_boot_irqs_disabled);
>  	BUG_ON(static_call_initialized);
>  	__text_gen_insn(tramp, JMP32_INSN_OPCODE, tramp, func, JMP32_INSN_SIZE);
>  	sync_core();
> 
> base-commit: e84a3bf7f4aa669c05e3884497774148ac111468
> -- 
> 2.39.5
> 

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0
  2024-12-21 21:10 [PATCH] x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0 Andrew Cooper
  2024-12-22 11:03 ` Peter Zijlstra
@ 2025-01-02 11:57 ` Jürgen Groß
  2025-01-02 16:30 ` [tip: x86/urgent] " tip-bot2 for Andrew Cooper
  2 siblings, 0 replies; 4+ messages in thread
From: Jürgen Groß @ 2025-01-02 11:57 UTC (permalink / raw)
  To: Andrew Cooper, LKML
  Cc: Alex Zenla, Peter Zijlstra, Josh Poimboeuf, Jason Baron,
	Steven Rostedt, Ard Biesheuvel, Thomas Gleixner, Ingo Molnar,
	Borislav Petkov, Dave Hansen, x86, H. Peter Anvin, stable


[-- Attachment #1.1.1: Type: text/plain, Size: 1903 bytes --]

On 21.12.24 22:10, Andrew Cooper wrote:
> __static_call_update_early() has a check for early_boot_irqs_disabled, but
> is used before early_boot_irqs_disabled is set up in start_kernel().
> 
> Xen PV has always special cased early_boot_irqs_disabled, but Xen PVH does
> not and falls over the BUG when booting as dom0.
> 
> It is very suspect that early_boot_irqs_disabled starts as 0, becomes 1 for
> a time, then becomes 0 again, but as this needs backporting to fix a
> breakage in a security fix, dropping the BUG_ON() is the far safer option.
> 
> Fixes: 0ef8047b737d ("x86/static-call: provide a way to do very early static-call updates")
> Reported-by: Alex Zenla <alex@edera.dev>
> Closes: https://bugzilla.kernel.org/show_bug.cgi?id=219620
> Suggested-by: Peter Zijlstra <peterz@infradead.org>
> Tested-by: Alex Zenla <alex@edera.dev>
> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
> ---
> CC: Peter Zijlstra <peterz@infradead.org>
> CC: Josh Poimboeuf <jpoimboe@kernel.org>
> CC: Jason Baron <jbaron@akamai.com>
> CC: Steven Rostedt <rostedt@goodmis.org>
> CC: Ard Biesheuvel <ardb@kernel.org>
> CC: Thomas Gleixner <tglx@linutronix.de>
> CC: Ingo Molnar <mingo@redhat.com>
> CC: Borislav Petkov <bp@alien8.de>
> CC: Dave Hansen <dave.hansen@linux.intel.com>
> CC: x86@kernel.org
> CC: "H. Peter Anvin" <hpa@zytor.com>
> CC: Juergen Gross <jgross@suse.com>
> CC: linux-kernel@vger.kernel.org
> CC: stable@kernel.org

Reviewed-by: Juergen Gross <jgross@suse.com>

> 
> It's not entirely clear why PVH domU is fine but PVH dom0 is not.  It crashes
> so early there's no console or useful backtrace.

I suspect that the Xen hypervisor doesn't supply a memory map for PVH dom0 via
the start_info data, while the Xen tools do so for PVH guests. This requires
dom0 to issue a hypercall very early in order to obtain the memory map.


Juergen

[-- Attachment #1.1.2: OpenPGP public key --]
[-- Type: application/pgp-keys, Size: 3743 bytes --]

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 495 bytes --]

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [tip: x86/urgent] x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0
  2024-12-21 21:10 [PATCH] x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0 Andrew Cooper
  2024-12-22 11:03 ` Peter Zijlstra
  2025-01-02 11:57 ` Jürgen Groß
@ 2025-01-02 16:30 ` tip-bot2 for Andrew Cooper
  2 siblings, 0 replies; 4+ messages in thread
From: tip-bot2 for Andrew Cooper @ 2025-01-02 16:30 UTC (permalink / raw)
  To: linux-tip-commits
  Cc: Alex Zenla, Peter Zijlstra, Andrew Cooper, Borislav Petkov (AMD),
	Juergen Gross, x86, linux-kernel

The following commit has been merged into the x86/urgent branch of tip:

Commit-ID:     5cc2db37124bb33914996d6fdbb2ddb3811f2945
Gitweb:        https://git.kernel.org/tip/5cc2db37124bb33914996d6fdbb2ddb3811f2945
Author:        Andrew Cooper <andrew.cooper3@citrix.com>
AuthorDate:    Sat, 21 Dec 2024 21:10:46 
Committer:     Borislav Petkov (AMD) <bp@alien8.de>
CommitterDate: Thu, 02 Jan 2025 17:11:29 +01:00

x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0

__static_call_update_early() has a check for early_boot_irqs_disabled, but
is used before early_boot_irqs_disabled is set up in start_kernel().

Xen PV has always special cased early_boot_irqs_disabled, but Xen PVH does
not and falls over the BUG when booting as dom0.

It is very suspect that early_boot_irqs_disabled starts as 0, becomes 1 for
a time, then becomes 0 again, but as this needs backporting to fix a
breakage in a security fix, dropping the BUG_ON() is the far safer option.

Fixes: 0ef8047b737d ("x86/static-call: provide a way to do very early static-call updates")
Closes: https://bugzilla.kernel.org/show_bug.cgi?id=219620
Reported-by: Alex Zenla <alex@edera.dev>
Suggested-by: Peter Zijlstra <peterz@infradead.org>
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Reviewed-by: Juergen Gross <jgross@suse.com>
Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Tested-by: Alex Zenla <alex@edera.dev>
Link: https://lore.kernel.org/r/20241221211046.6475-1-andrew.cooper3@citrix.com
---
 arch/x86/kernel/static_call.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/arch/x86/kernel/static_call.c b/arch/x86/kernel/static_call.c
index 9eed0c1..9e51242 100644
--- a/arch/x86/kernel/static_call.c
+++ b/arch/x86/kernel/static_call.c
@@ -175,7 +175,6 @@ EXPORT_SYMBOL_GPL(arch_static_call_transform);
 noinstr void __static_call_update_early(void *tramp, void *func)
 {
 	BUG_ON(system_state != SYSTEM_BOOTING);
-	BUG_ON(!early_boot_irqs_disabled);
 	BUG_ON(static_call_initialized);
 	__text_gen_insn(tramp, JMP32_INSN_OPCODE, tramp, func, JMP32_INSN_SIZE);
 	sync_core();

^ permalink raw reply related	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2025-01-02 16:30 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-12-21 21:10 [PATCH] x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0 Andrew Cooper
2024-12-22 11:03 ` Peter Zijlstra
2025-01-02 11:57 ` Jürgen Groß
2025-01-02 16:30 ` [tip: x86/urgent] " tip-bot2 for Andrew Cooper

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox