Xen project Mailing List

Re: [PATCH v2] xen/arm: fix gnttab_need_iommu_mapping

To: Stefano Stabellini <sstabellini@xxxxxxxxxx>

From: Rahul Singh <Rahul.Singh@xxxxxxx>

Date: Tue, 9 Feb 2021 13:13:25 +0000

Accept-language: en-US

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=71G+RiebnK1Xhhgl789TMXhc6QVzqtAjUbtLZKHE1zE=; b=STh0aEDlCEURgosXq1YOa75KvgfVZlNnDkfUIMjN9zqm+22ZV9lNaef6rb0TLUowGUS55D6h0DXmYGE5C24ogt6+1nXigbBewG97RyaJHHH777+gMS7Aqla7PfwZdwaCfNVhvhO76OsWNvR5L8sgwoKcXgDqrxLT1Eh2iKPesfxl9JeuuV9CbPv0ef4c3GOwTafr8m1+dq6u9JbXoNyhbh7fBXWlIGXPrrM2o4hT44cE7TUIT6OO12y7ANlRbhNu3LLnI66vMVFrqBD5EmVgwYPmZnD2+JuYaV9svf16jHorz8nrLnr5ZnwLjTCUz5Y+B13HPy6hBmk/5L0hX3ihUg==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=iWZ+kg9oIXc87wHBysnldGUwBankR2SXmcY/ctsx/LCpBtBqbAPuwFZz2voh6An5wurgWPvJYqCKJ9eqegBcgjyBzgd9jyyXrYpBQHReBTsdZmH+vLhb3W/kuHyeIpvJygZCqCR4rcMpjZeYEjDcxThdSs45wyXPg0yrzMjAJpjHany4bCPAbeRWO0evusgr0BuCo0KHMEdFmmm/lQS3vzZfyEbTI+LiG+tbAyiroOz0fY3REY9eGAXkcv4zowETVWZfZDfKUErDu/WFmofXY+/40PCc5gD2Af2W3lXVIwLuai5Qk2ZDN0aiWHBhWRKBhZpbWClgg7LV2HM94uHdaQ==

Authentication-results-original: kernel.org; dkim=none (message not signed) header.d=none;kernel.org; dmarc=none action=none header.from=arm.com;

Cc: Julien Grall <julien@xxxxxxx>, "lucmiccio@xxxxxxxxx" <lucmiccio@xxxxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Bertrand Marquis <Bertrand.Marquis@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Stefano Stabellini <stefano.stabellini@xxxxxxxxxx>

Delivery-date: Tue, 09 Feb 2021 13:13:44 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Nodisclaimer: true

Original-authentication-results: kernel.org; dkim=none (message not signed) header.d=none;kernel.org; dmarc=none action=none header.from=arm.com;

Thread-index: AQHW/ks46k4kUfhzpk6LTniK0S/PbqpPzhoA

Thread-topic: [PATCH v2] xen/arm: fix gnttab_need_iommu_mapping

Hello Stefano, > On 8 Feb 2021, at 6:49 pm, Stefano Stabellini <sstabellini@xxxxxxxxxx> wrote: > > Commit 91d4eca7add broke gnttab_need_iommu_mapping on ARM. > The offending chunk is: > > #define gnttab_need_iommu_mapping(d) \ > - (is_domain_direct_mapped(d) && need_iommu(d)) > + (is_domain_direct_mapped(d) && need_iommu_pt_sync(d)) > > On ARM we need gnttab_need_iommu_mapping to be true for dom0 when it is > directly mapped and IOMMU is enabled for the domain, like the old check > did, but the new check is always false. > > In fact, need_iommu_pt_sync is defined as dom_iommu(d)->need_sync and > need_sync is set as: > > if ( !is_hardware_domain(d) || iommu_hwdom_strict ) > hd->need_sync = !iommu_use_hap_pt(d); > > iommu_use_hap_pt(d) means that the page-table used by the IOMMU is the > P2M. It is true on ARM. need_sync means that you have a separate IOMMU > page-table and it needs to be updated for every change. need_sync is set > to false on ARM. Hence, gnttab_need_iommu_mapping(d) is false too, > which is wrong. > > As a consequence, when using PV network from a domU on a system where > IOMMU is on from Dom0, I get: > > (XEN) smmu: /smmu@fd800000: Unhandled context fault: fsr=0x402, > iova=0x8424cb148, fsynr=0xb0001, cb=0 > [ 68.290307] macb ff0e0000.ethernet eth0: DMA bus error: HRESP not OK > > The fix is to go back to something along the lines of the old > implementation of gnttab_need_iommu_mapping. > > Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxx> > Fixes: 91d4eca7add > Backport: 4.12+ > > --- > > Given the severity of the bug, I would like to request this patch to be > backported to 4.12 too, even if 4.12 is security-fixes only since Oct > 2020. > > For the 4.12 backport, we can use iommu_enabled() instead of > is_iommu_enabled() in the implementation of gnttab_need_iommu_mapping. > > Changes in v2: > - improve commit message > - add is_iommu_enabled(d) to the check > --- > xen/include/asm-arm/grant_table.h | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/xen/include/asm-arm/grant_table.h > b/xen/include/asm-arm/grant_table.h > index 6f585b1538..0ce77f9a1c 100644 > --- a/xen/include/asm-arm/grant_table.h > +++ b/xen/include/asm-arm/grant_table.h > @@ -89,7 +89,7 @@ int replace_grant_host_mapping(unsigned long gpaddr, mfn_t > mfn, > (((i) >= nr_status_frames(t)) ? INVALID_GFN : (t)->arch.status_gfn[i]) > > #define gnttab_need_iommu_mapping(d) \ > - (is_domain_direct_mapped(d) && need_iommu_pt_sync(d)) > + (is_domain_direct_mapped(d) && is_iommu_enabled(d)) > > #endif /* __ASM_GRANT_TABLE_H__ */ I tested the patch and while creating the guest I observed the below warning from Linux for block device. https://elixir.bootlin.com/linux/v4.3/source/drivers/block/xen-blkback/xenbus.c#L258 I did initial debugging and found out that there are many calls to iommu_legacy_{,un}map() while creating the guest but when iommu_legacy_unmap() function unmap the pages something is written wrong in page tables because of that when next time same page is mapped via create_grant_host_mapping() we observed below warning. [ 138.639934] xen-blkback: backend/vbd/0/51712: using 4 queues, protocol 1 (arm-abi) persistent grants (XEN) gnttab_mark_dirty not implemented yet [ 138.659702] xen-blkback: backend/vbd/0/51712: using 4 queues, protocol 1 (arm-abi) persistent grants [ 138.669827] vbd vbd-0-51712: 9 mapping in shared page 8 from domain 0 [ 138.676636] vbd vbd-0-51712: 9 mapping ring-ref port 5 [ 138.682089] ------------[ cut here ]------------ [ 138.686605] WARNING: CPU: 2 PID: 37 at drivers/block/xen-blkback/xenbus.c:296 xen_blkif_disconnect+0x20c/0x230 [ 138.696668] Modules linked in: bridge stp llc ipv6 nf_defrag_ipv6 [ 138.702833] CPU: 2 PID: 37 Comm: xenwatch Not tainted 5.4.0-yocto-standard #1 [ 138.710037] Hardware name: Arm Neoverse N1 System Development Platform (DT) [ 138.717067] pstate: 80c00005 (Nzcv daif +PAN +UAO) [ 138.721927] pc : xen_blkif_disconnect+0x20c/0x230 [ 138.726701] lr : xen_blkif_disconnect+0xbc/0x230 [ 138.731388] sp : ffff800011cb3c80 [ 138.734773] x29: ffff800011cb3c80 x28: ffff00005b6da940 [ 138.740156] x27: 0000000000000000 x26: 0000000000000000 [ 138.745536] x25: ffff000029755060 x24: 0000000000000170 [ 138.750919] x23: ffff000029755040 x22: ffff000059c72000 [ 138.756299] x21: 0000000000000000 x20: ffff000029755000 [ 138.761681] x19: 0000000000000001 x18: 0000000000000000 [ 138.767063] x17: 0000000000000000 x16: 0000000000000000 [ 138.772444] x15: 0000000000000000 x14: 0000000000000000 [ 138.777826] x13: 0000000000000000 x12: 0000000000000000 [ 138.783207] x11: 0000000000000001 x10: 0000000000000990 [ 138.788589] x9 : 0000000000000001 x8 : 0000000000210d00 [ 138.793971] x7 : 0000000000000018 x6 : ffff00005ddf72a0 [ 138.799352] x5 : ffff800011cb3c28 x4 : 0000000000000000 [ 138.804734] x3 : ffff000029755118 x2 : 0000000000000000 [ 138.810117] x1 : ffff000029755120 x0 : 0000000000000001 [ 138.815497] Call trace: [ 138.818015] xen_blkif_disconnect+0x20c/0x230 [ 138.822442] frontend_changed+0x1b0/0x54c [ 138.826523] xenbus_otherend_changed+0x80/0xb0 [ 138.831035] frontend_changed+0x10/0x20 [ 138.834941] xenwatch_thread+0x80/0x144 [ 138.838849] kthread+0x118/0x120 [ 138.842147] ret_from_fork+0x10/0x18 [ 138.845791] ---[ end trace fb9f0a3b3b48a55f ]— Regards, Rahul > /* > -- > 2.17.1 >

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.