| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 9 Dec 2022 17:56:34 +0000
From: "Michael Kelley (LINUX)" <mikelley@...rosoft.com>
To: Jinank Jain <jinankjain@...ux.microsoft.com>,
Jinank Jain <jinankjain@...rosoft.com>
CC: KY Srinivasan <kys@...rosoft.com>,
Haiyang Zhang <haiyangz@...rosoft.com>,
"wei.liu@...nel.org" <wei.liu@...nel.org>,
Dexuan Cui <decui@...rosoft.com>,
"tglx@...utronix.de" <tglx@...utronix.de>,
"mingo@...hat.com" <mingo@...hat.com>,
"bp@...en8.de" <bp@...en8.de>,
"dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>,
"x86@...nel.org" <x86@...nel.org>, "hpa@...or.com" <hpa@...or.com>,
"arnd@...db.de" <arnd@...db.de>,
"peterz@...radead.org" <peterz@...radead.org>,
"jpoimboe@...nel.org" <jpoimboe@...nel.org>,
"seanjc@...gle.com" <seanjc@...gle.com>,
"kirill.shutemov@...ux.intel.com" <kirill.shutemov@...ux.intel.com>,
"ak@...ux.intel.com" <ak@...ux.intel.com>,
"sathyanarayanan.kuppuswamy@...ux.intel.com"
<sathyanarayanan.kuppuswamy@...ux.intel.com>,
"linux-hyperv@...r.kernel.org" <linux-hyperv@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"linux-arch@...r.kernel.org" <linux-arch@...r.kernel.org>,
"anrayabh@...ux.microsoft.com" <anrayabh@...ux.microsoft.com>
Subject: RE: [PATCH v8 2/5] Drivers: hv: Setup synic registers in case of
nested root partition
From: Jinank Jain <jinankjain@...ux.microsoft.com> Sent: Thursday, December 8, 2022 9:32 PM
>
> Child partitions are free to allocate SynIC message and event page but in
> case of root partition it must use the pages allocated by Microsoft
> Hypervisor (MSHV). Base address for these pages can be found using
> synthetic MSRs exposed by MSHV. There is a slight difference in those MSRs
> for nested vs non-nested root partition.
>
> Signed-off-by: Jinank Jain <jinankjain@...ux.microsoft.com>
> ---
> arch/x86/include/asm/hyperv-tlfs.h | 11 ++++++
> arch/x86/include/asm/mshyperv.h | 30 +++------------
> arch/x86/kernel/cpu/mshyperv.c | 61 ++++++++++++++++++++++++++++++
> drivers/hv/hv.c | 32 ++++++++++------
> 4 files changed, 99 insertions(+), 35 deletions(-)
>
> diff --git a/arch/x86/include/asm/hyperv-tlfs.h b/arch/x86/include/asm/hyperv-tlfs.h
> index 58c03d18c235..b5019becb618 100644
> --- a/arch/x86/include/asm/hyperv-tlfs.h
> +++ b/arch/x86/include/asm/hyperv-tlfs.h
> @@ -225,6 +225,17 @@ enum hv_isolation_type {
> #define HV_REGISTER_SINT14 0x4000009E
> #define HV_REGISTER_SINT15 0x4000009F
>
> +/*
> + * Define synthetic interrupt controller model specific registers for
> + * nested hypervisor.
> + */
> +#define HV_REGISTER_NESTED_SCONTROL 0x40001080
> +#define HV_REGISTER_NESTED_SVERSION 0x40001081
> +#define HV_REGISTER_NESTED_SIEFP 0x40001082
> +#define HV_REGISTER_NESTED_SIMP 0x40001083
> +#define HV_REGISTER_NESTED_EOM 0x40001084
> +#define HV_REGISTER_NESTED_SINT0 0x40001090
> +
> /*
> * Synthetic Timer MSRs. Four timers per vcpu.
> */
> diff --git a/arch/x86/include/asm/mshyperv.h b/arch/x86/include/asm/mshyperv.h
> index 61f0c206bff0..c38e4c66a3ac 100644
> --- a/arch/x86/include/asm/mshyperv.h
> +++ b/arch/x86/include/asm/mshyperv.h
> @@ -198,30 +198,10 @@ static inline bool hv_is_synic_reg(unsigned int reg)
> return false;
> }
>
> -static inline u64 hv_get_register(unsigned int reg)
> -{
> - u64 value;
> -
> - if (hv_is_synic_reg(reg) && hv_isolation_type_snp())
> - hv_ghcb_msr_read(reg, &value);
> - else
> - rdmsrl(reg, value);
> - return value;
> -}
> -
> -static inline void hv_set_register(unsigned int reg, u64 value)
> -{
> - if (hv_is_synic_reg(reg) && hv_isolation_type_snp()) {
> - hv_ghcb_msr_write(reg, value);
> -
> - /* Write proxy bit via wrmsl instruction */
> - if (reg >= HV_REGISTER_SINT0 &&
> - reg <= HV_REGISTER_SINT15)
> - wrmsrl(reg, value | 1 << 20);
> - } else {
> - wrmsrl(reg, value);
> - }
> -}
> +u64 hv_get_register(unsigned int reg);
> +void hv_set_register(unsigned int reg, u64 value);
> +u64 hv_get_non_nested_register(unsigned int reg);
> +void hv_set_non_nested_register(unsigned int reg, u64 value);
>
> #else /* CONFIG_HYPERV */
> static inline void hyperv_init(void) {}
> @@ -241,6 +221,8 @@ static inline int hyperv_flush_guest_mapping_range(u64 as,
> }
> static inline void hv_set_register(unsigned int reg, u64 value) { }
> static inline u64 hv_get_register(unsigned int reg) { return 0; }
> +static inline void hv_set_non_nested_register(unsigned int reg, u64 value) { }
> +static inline u64 hv_get_non_nested_register(unsigned int reg) { return 0; }
> static inline int hv_set_mem_host_visibility(unsigned long addr, int numpages,
> bool visible)
> {
> diff --git a/arch/x86/kernel/cpu/mshyperv.c b/arch/x86/kernel/cpu/mshyperv.c
> index f9b78d4829e3..47ffec5de9b8 100644
> --- a/arch/x86/kernel/cpu/mshyperv.c
> +++ b/arch/x86/kernel/cpu/mshyperv.c
> @@ -41,7 +41,68 @@ bool hv_root_partition;
> bool hv_nested;
> struct ms_hyperv_info ms_hyperv;
>
> +static inline unsigned int hv_get_nested_reg(unsigned int reg)
> +{
> + switch (reg) {
> + case HV_REGISTER_SIMP:
> + return HV_REGISTER_NESTED_SIMP;
> + case HV_REGISTER_SIEFP:
> + return HV_REGISTER_NESTED_SIEFP;
> + case HV_REGISTER_SVERSION:
> + return HV_REGISTER_NESTED_SVERSION;
> + case HV_REGISTER_SCONTROL:
> + return HV_REGISTER_NESTED_SCONTROL;
> + case HV_REGISTER_SINT0:
> + return HV_REGISTER_NESTED_SINT0;
> + case HV_REGISTER_EOM:
> + return HV_REGISTER_NESTED_EOM;
> + default:
> + return reg;
> + }
> +}
> +
> #if IS_ENABLED(CONFIG_HYPERV)
> +u64 hv_get_non_nested_register(unsigned int reg)
> +{
> + u64 value;
> +
> + if (hv_is_synic_reg(reg) && hv_isolation_type_snp())
> + hv_ghcb_msr_read(reg, &value);
> + else
> + rdmsrl(reg, value);
> + return value;
> +}
> +
> +void hv_set_non_nested_register(unsigned int reg, u64 value)
> +{
> + if (hv_is_synic_reg(reg) && hv_isolation_type_snp()) {
> + hv_ghcb_msr_write(reg, value);
> +
> + /* Write proxy bit via wrmsl instruction */
> + if (reg >= HV_REGISTER_SINT0 &&
> + reg <= HV_REGISTER_SINT15)
> + wrmsrl(reg, value | 1 << 20);
> + } else {
> + wrmsrl(reg, value);
> + }
> +}
> +
> +u64 hv_get_register(unsigned int reg)
> +{
> + if (hv_nested)
> + reg = hv_get_nested_reg(reg);
> +
> + return hv_get_non_nested_register(reg);
> +}
> +
> +void hv_set_register(unsigned int reg, u64 value)
> +{
> + if (hv_nested)
> + reg = hv_get_nested_reg(reg);
> +
> + hv_set_non_nested_register(reg, value);
> +}
> +
This refactoring looks good. But there's still one tweak needed.
These four functions must be marked as exported because they
are used in code in drivers/hv that is part of the Hyper-V module.
If CONFIG_HYPERV=m, you'll get a link error if these functions
aren't exported. By "exported", I mean adding
EXPORT_SYMBOL_GPL(<func_name>);
after each of the above four functions. A good test is to build
with CONFIG_HYPERV=m instead of CONFIG_HYPERV=y.
> static void (*vmbus_handler)(void);
> static void (*hv_stimer0_handler)(void);
> static void (*hv_kexec_handler)(void);
> diff --git a/drivers/hv/hv.c b/drivers/hv/hv.c
> index 4d6480d57546..a422cb7b18d3 100644
> --- a/drivers/hv/hv.c
> +++ b/drivers/hv/hv.c
> @@ -147,7 +147,7 @@ int hv_synic_alloc(void)
> * Synic message and event pages are allocated by paravisor.
> * Skip these pages allocation here.
> */
> - if (!hv_isolation_type_snp()) {
> + if (!hv_isolation_type_snp() && !hv_root_partition) {
> hv_cpu->synic_message_page =
> (void *)get_zeroed_page(GFP_ATOMIC);
> if (hv_cpu->synic_message_page == NULL) {
> @@ -188,8 +188,16 @@ void hv_synic_free(void)
> struct hv_per_cpu_context *hv_cpu
> = per_cpu_ptr(hv_context.cpu_context, cpu);
>
> - free_page((unsigned long)hv_cpu->synic_event_page);
> - free_page((unsigned long)hv_cpu->synic_message_page);
> + if (hv_root_partition) {
> + if (hv_cpu->synic_event_page != NULL)
> + memunmap(hv_cpu->synic_event_page);
> +
> + if (hv_cpu->synic_message_page != NULL)
> + memunmap(hv_cpu->synic_message_page);
> + } else {
> + free_page((unsigned long)hv_cpu->synic_event_page);
> + free_page((unsigned long)hv_cpu->synic_message_page);
> + }
> free_page((unsigned long)hv_cpu->post_msg_page);
> }
>
> @@ -214,9 +222,10 @@ void hv_synic_enable_regs(unsigned int cpu)
>
> /* Setup the Synic's message page */
> simp.as_uint64 = hv_get_register(HV_REGISTER_SIMP);
> +
This additional blank line is a spurious/gratuitous whitespace change, which
should be avoided. Especially when a patch has gone through several revisions,
it's likely that you'll end up with some whitespace changes like this. But it's
important to go back and remove them so that the patch isn't cluttered with
changes that don't add any value. Such gratuitous changes make it harder
to review the patch, and are unnecessary code churn.
> simp.simp_enabled = 1;
>
> - if (hv_isolation_type_snp()) {
> + if (hv_isolation_type_snp() || hv_root_partition) {
> hv_cpu->synic_message_page
> = memremap(simp.base_simp_gpa << HV_HYP_PAGE_SHIFT,
> HV_HYP_PAGE_SIZE, MEMREMAP_WB);
> @@ -233,7 +242,7 @@ void hv_synic_enable_regs(unsigned int cpu)
> siefp.as_uint64 = hv_get_register(HV_REGISTER_SIEFP);
> siefp.siefp_enabled = 1;
>
> - if (hv_isolation_type_snp()) {
> + if (hv_isolation_type_snp() || hv_root_partition) {
> hv_cpu->synic_event_page =
> memremap(siefp.base_siefp_gpa << HV_HYP_PAGE_SHIFT,
> HV_HYP_PAGE_SIZE, MEMREMAP_WB);
> @@ -250,8 +259,8 @@ void hv_synic_enable_regs(unsigned int cpu)
> /* Setup the shared SINT. */
> if (vmbus_irq != -1)
> enable_percpu_irq(vmbus_irq, 0);
> - shared_sint.as_uint64 = hv_get_register(HV_REGISTER_SINT0 +
> - VMBUS_MESSAGE_SINT);
> + shared_sint.as_uint64 =
> + hv_get_register(HV_REGISTER_SINT0 + VMBUS_MESSAGE_SINT);
The above change, and all the changes from here down in this patch, are
spurious/gratuitous whitespace changes that should be removed. Go back
to the original code and formatting. Doing so will make the patch a lot
shorter. :-)
Michael
>
> shared_sint.vector = vmbus_interrupt;
> shared_sint.masked = false;
> @@ -267,7 +276,7 @@ void hv_synic_enable_regs(unsigned int cpu)
> shared_sint.auto_eoi = 0;
> #endif
> hv_set_register(HV_REGISTER_SINT0 + VMBUS_MESSAGE_SINT,
> - shared_sint.as_uint64);
> + shared_sint.as_uint64);
>
> /* Enable the global synic bit */
> sctrl.as_uint64 = hv_get_register(HV_REGISTER_SCONTROL);
> @@ -297,15 +306,15 @@ void hv_synic_disable_regs(unsigned int cpu)
> union hv_synic_siefp siefp;
> union hv_synic_scontrol sctrl;
>
> - shared_sint.as_uint64 = hv_get_register(HV_REGISTER_SINT0 +
> - VMBUS_MESSAGE_SINT);
> + shared_sint.as_uint64 =
> + hv_get_register(HV_REGISTER_SINT0 + VMBUS_MESSAGE_SINT);
>
> shared_sint.masked = 1;
>
> /* Need to correctly cleanup in the case of SMP!!! */
> /* Disable the interrupt */
> hv_set_register(HV_REGISTER_SINT0 + VMBUS_MESSAGE_SINT,
> - shared_sint.as_uint64);
> + shared_sint.as_uint64);
>
> simp.as_uint64 = hv_get_register(HV_REGISTER_SIMP);
> /*
> @@ -335,6 +344,7 @@ void hv_synic_disable_regs(unsigned int cpu)
> /* Disable the global synic bit */
> sctrl.as_uint64 = hv_get_register(HV_REGISTER_SCONTROL);
> sctrl.enable = 0;
> +
> hv_set_register(HV_REGISTER_SCONTROL, sctrl.as_uint64);
>
> if (vmbus_irq != -1)
> --
> 2.25.1
Powered by blists - more mailing lists