Xen project Mailing List

[PATCH 3/3] x86/ept: force WB cache attributes for grant and foreign maps

From: Roger Pau Monne <roger.pau@xxxxxxxxxx>

Date: Fri, 28 May 2021 19:39:35 +0200

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=AtL+Hp/29nuKWkROvVXgdUUpYBKLh+7LK1UvsLfBAnw=; b=Ivw8QTXbgd70tuzaa37WLHViUjyfKa6m0Xvdj+Jn427ltUk5cE22rSFbv/khbz0jPgmfZoYPeNfqqzG9HdfeWQ8UXa6CwHGBoBWBeFhUVczmQ/4B6Sx1LCuYdLBHq7JqOstLcA7UXZ+I8mYV0/mQbolTzlR3VXwe7FHa28NUTd9jmfOg9S9HVnmPaojkoARXxz/sHPXcrQOso2ncD31RqhlBgzVB09CsBVgvyAdzImR+zr7iU18avUfKKHpb2WEDuYSfj7szvdolubW7O0d2d4SPDp/wXXVyLGz9M3HlswKtaov04c94q36sXuMFcOYfqfv1gDKRE5UZjtb1vtnDkQ==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=eq0HHQa16ty6I6Sw1KK7gCgNcq4GyIBfkIH7izqrshKu4ASDTD2YlZsrIVPQ6vT1JwdiltXscFW4EoD8B/lBcRhZC+fntCxwHMhmVpqazSNPUTvle66bfoGZFf+PBrSJxV2RsyTR0SNRJ3BaXCIYhjWb9/PLXvgcT9ZS6ahqe0a70/FIo+/aE17uAuamKvqLcsGowbBFdv6y9P+e3DD+9ZHoHTOGY0wZhN98/2K8ZMcHRV4v2wOjPGvS6NtbBdzbHbNxLEoD7HdvZU7IfFjwNP3nMIBkXUKkNZdyjrbVwPNU56/EdFhj8J8Q04uCAIlGCyxcS1W4xO+pMFQN2AW5mA==

Authentication-results: esa1.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com

Cc: Roger Pau Monne <roger.pau@xxxxxxxxxx>, Jun Nakajima <jun.nakajima@xxxxxxxxx>, Kevin Tian <kevin.tian@xxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>

Delivery-date: Fri, 28 May 2021 17:40:06 +0000

Ironport-hdrordr: A9a23:fffGramE+8v+XlF6bWGj5YTKDX3pDfMTimdD5ihNYBxZY6Wkfp +V8sjzhCWatN9OYh0dcLC7WJVpQRvnhPlICO4qTMiftWjdyReVxeRZjLcKrAeQYhEWmtQtsJ uINpIOcuEYbmIK/voSgjPIa+rIqePvmMvD6Ja8vhUdOD2CKZsQkjuRYjzrYnGeLzM2Y6bReq Dsgvau8FGbCAUqh4mAdzc4t6+pnayDqHqICiR2RiIP2U2rt3eF+bT6Gx+X0lM1SDVU24ov9m DDjkjQ+rijm+vT8G6f60bjq7Bt3PfxwNpKA8KBzuIPLC/3twqubIN9H5WfoTEOpv214lpCqq iOn/4ZBbU215rtRBDznfO0sDOQlgrGqkWSiWNwuEGT5PAQH1kBepN8beszSGqq16Ii1OsMnZ 6jkVjp76a+oHv77WzADuPzJmZXf3yP0DAfeN4o/ghiuLQlGclsRPQkjTho+bc7bW7HAdMcYa ZT5P+13occTbrMVQGmgoAo+q32YkgO

Ironport-sdr: +A6iCFZLI6rXnxmFGJOfd3k8JDSXNOVdeDCEXUdwGYwtgSr6OVJ63IB2y9kTZzLm4sktvEoB42 AbzRV5Wc9bFpVbi/Q9T+s4DlEqC0mcDTy6jhBpnGQ0T1bM4Q0e2vdatMiTT+rPKxE26UF60mVd 2eaMqOolIxZvLy2rBemlUZi2tyn9PN7LDBWozyj96Ama/jA2FG7MYl+V+02YjAHaVU1fMxqOHP clbf0fQ2bDuPSxRQvsQUZYt+qgwCsWjnwq3VT/PMDZ5kYqWAkgKmrOXlc3eB+YxUW95piKyeSH mIM=

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Force WB type for grants and foreign pages. Those are usually mapped over unpopulated physical ranges in the p2m, and those ranges would usually be UC in the MTRR state, which is unlikely to be the correct cache attribute. It's also cumbersome (or even impossible) for the guest to be setting the MTRR type for all those mappings as WB, as MTRR ranges are finite. Note that on AMD we cannot force a cache attribute because of the lack of ignore PAT equivalent, so the behavior here slightly diverges between AMD and Intel (or EPT vs NPT/shadow). Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx> --- xen/arch/x86/hvm/vmx/vmx.c | 2 +- xen/arch/x86/mm/p2m-ept.c | 35 ++++++++++++++++++++++++++----- xen/include/asm-x86/hvm/vmx/vmx.h | 2 +- 3 files changed, 32 insertions(+), 7 deletions(-) diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c index 0d4b47681b..e09b7e3af9 100644 --- a/xen/arch/x86/hvm/vmx/vmx.c +++ b/xen/arch/x86/hvm/vmx/vmx.c @@ -423,7 +423,7 @@ static void domain_creation_finished(struct domain *d) return; ASSERT(epte_get_entry_emt(d, gfn, apic_access_mfn, 0, &ipat, - true) == MTRR_TYPE_WRBACK); + p2m_mmio_direct) == MTRR_TYPE_WRBACK); ASSERT(ipat); if ( set_mmio_p2m_entry(d, gfn, apic_access_mfn, PAGE_ORDER_4K) ) diff --git a/xen/arch/x86/mm/p2m-ept.c b/xen/arch/x86/mm/p2m-ept.c index f1d1d07e92..59c0325473 100644 --- a/xen/arch/x86/mm/p2m-ept.c +++ b/xen/arch/x86/mm/p2m-ept.c @@ -487,11 +487,12 @@ static int ept_invalidate_emt_range(struct p2m_domain *p2m, } int epte_get_entry_emt(struct domain *d, gfn_t gfn, mfn_t mfn, - unsigned int order, bool *ipat, bool direct_mmio) + unsigned int order, bool *ipat, p2m_type_t type) { int gmtrr_mtype, hmtrr_mtype; struct vcpu *v = current; unsigned long i; + bool direct_mmio = type == p2m_mmio_direct; *ipat = false; @@ -535,9 +536,33 @@ int epte_get_entry_emt(struct domain *d, gfn_t gfn, mfn_t mfn, } } - if ( direct_mmio ) + switch ( type ) + { + case p2m_mmio_direct: return MTRR_TYPE_UNCACHABLE; + case p2m_grant_map_ro: + case p2m_grant_map_rw: + case p2m_map_foreign: + /* + * Force WB type for grants and foreign pages. Those are usually mapped + * over unpopulated physical ranges in the p2m, and those would usually + * be UC in the MTRR state, which is unlikely to be the correct cache + * attribute. It's also cumbersome (or even impossible) for the guest + * to be setting the MTRR type for all those mappings as WB, as MTRR + * ranges are finite. + * + * Note that on AMD we cannot force a cache attribute because of the + * lack of ignore PAT equivalent, so the behavior here slightly + * diverges. See p2m_type_to_flags for the AMD attributes. + */ + *ipat = true; + return MTRR_TYPE_WRBACK; + + default: + break; + } + gmtrr_mtype = hvm_get_mem_pinned_cacheattr(d, gfn, order); if ( gmtrr_mtype >= 0 ) { @@ -640,7 +665,7 @@ static int resolve_misconfig(struct p2m_domain *p2m, unsigned long gfn) continue; e.emt = epte_get_entry_emt(p2m->domain, _gfn(gfn + i), _mfn(e.mfn), 0, &ipat, - e.sa_p2mt == p2m_mmio_direct); + e.sa_p2mt); e.ipat = ipat; nt = p2m_recalc_type(e.recalc, e.sa_p2mt, p2m, gfn + i); @@ -659,7 +684,7 @@ static int resolve_misconfig(struct p2m_domain *p2m, unsigned long gfn) int emt = epte_get_entry_emt(p2m->domain, _gfn(gfn), _mfn(e.mfn), level * EPT_TABLE_ORDER, &ipat, - e.sa_p2mt == p2m_mmio_direct); + e.sa_p2mt); bool_t recalc = e.recalc; if ( recalc && p2m_is_changeable(e.sa_p2mt) ) @@ -895,7 +920,7 @@ ept_set_entry(struct p2m_domain *p2m, gfn_t gfn_, mfn_t mfn, bool ipat; int emt = epte_get_entry_emt(p2m->domain, _gfn(gfn), mfn, i * EPT_TABLE_ORDER, &ipat, - p2mt == p2m_mmio_direct); + p2mt); if ( emt >= 0 ) new_entry.emt = emt; diff --git a/xen/include/asm-x86/hvm/vmx/vmx.h b/xen/include/asm-x86/hvm/vmx/vmx.h index f668ee1f09..0deb507490 100644 --- a/xen/include/asm-x86/hvm/vmx/vmx.h +++ b/xen/include/asm-x86/hvm/vmx/vmx.h @@ -600,7 +600,7 @@ void ept_p2m_uninit(struct p2m_domain *p2m); void ept_walk_table(struct domain *d, unsigned long gfn); bool_t ept_handle_misconfig(uint64_t gpa); int epte_get_entry_emt(struct domain *d, gfn_t gfn, mfn_t mfn, - unsigned int order, bool *ipat, bool direct_mmio); + unsigned int order, bool *ipat, p2m_type_t type); void setup_ept_dump(void); void p2m_init_altp2m_ept(struct domain *d, unsigned int i); /* Locate an alternate p2m by its EPTP */ -- 2.31.1

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.