Xen project Mailing List

Re: [PATCH v2.2 8/7] x86/IOMMU: Use altcall, and __initconst_cf_clobber

From: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>

Date: Wed, 2 Mar 2022 13:39:09 +0000

Accept-language: en-GB, en-US

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=bPa0UYqeoFtBIxCTPcVqZ7v/KbpZ7TJn1HxTyYytDYk=; b=QRwcfv91xtirrKrhpFBl/x+S+C6aypRImiOOTAORrcOPV8T8CvAKGuJv005ii+4wSp0oh6/+sLigdLPQLUMwjGqYVI560jZZDO6hn5IziTQXI+/dGorBW1SPDt8hAktI1qJ0F5sXPCzhm6sHD2K1exDeli0ZgOG9cVDSBzGvfIFliyAvn1mnoxhkn3PhOLvZAQxq9prp7m8WfJGjO8qkZONDIQ1lSWtSC588VuaToJaPXh6TIBjMkajuUIQ21R2eHy94P92mZZsAlIZBjl3iQQWxwMlalak6BYQ3/8PlGZuN+Igm1L52/LPU14YVP/7OMzpUqzAhDfQix9y9fRz6vA==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=h3uLcszBbSjFkyR5CVafnaka/jBECvbi3HyOjCHydtJJuj4PbhpZyhRQ8757Gtes7vidKgJkwSl1N87NbR3KggSjyHqvqtMGEdbFcag73WLGaN72QG4vsS9LcjcNQwDg7Ka4LEvd8PoMmbXqA/1qsW5G7xpanLUuiBkZrQbkjqhvsx3cjNyzUxjcI7kLPzJqDv3vB0J2w8vjSHZvcB2fxPK+i4t4/wT2v4Twg7GdiKkEFk+GnbsIKvrz/2T+Snk8BWSIBuMA0ii59z4DgEF09cv+5jVKtgWQ/kTXa2KpmzrYWmefAeK0QHweZnKwYM6edcuxMZ9YavFYHbXQJYV/1Q==

Authentication-results: esa6.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com

Cc: Roger Pau Monne <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Wed, 02 Mar 2022 13:39:29 +0000

Ironport-data: A9a23:lJMfjKlJScLPLGxtcpid4W7o5gycJkRdPkR7XQ2eYbSJt1+Wr1Gzt xJNDGuAaPnfN2vxetB2aI/koUNS65eEyIMxTgtvpHg3QyMWpZLJC+rCIxarNUt+DCFioGGLT Sk6QoOdRCzhZiaE/n9BCpC48T8kk/vgqoPUUIYoAAgoLeNfYHpn2EoLd9IR2NYy24DiW1nV4 rsenuWEULOb828sWo4rw/rrRCNH5JwebxtB4zTSzdgS1LPvvyF94KA3fMldHFOhKmVgJcaoR v6r8V2M1jixEyHBqD+Suu2TnkUiGtY+NOUV45Zcc/DKbhNq/kTe3kunXRa1hIg+ZzihxrhMJ NtxWZOYGSAELrP0o+UnDBBZIj9TOp8eyuXcPi3q2SCT5xWun3rExvxvCAc9PJEC+/YxCmZLn RAaAGlTNFbZ3bvwme/lDLk37iggBJCD0Ic3k3ds1zzGS90hRojOWf7i7t5ExjYgwMtJGJ4yY uJHNGA2NkyePnWjPH87GI4gtsr13kPNbmR3lXCFoI8cv07MmVkZPL/Fb4OOJ43iqd9utlaVo CfK8nr0BjkeNceD0nyV/3S0nOjNkCjnHoUIG9WQ6fpCkFCVgGsJB3U+V1G2vP24gU6WQM9EJ gof/S9GkEQp3BX1FJ+nBUT++SPa+E5HMzZNLwEkwFGq57rK2z2YPDcNTw9fRdsU7P1sXiN/g zdlgOjVLTBotbSUT1eU+bGVsS6+NEApEIMSWcMXZVBbuoe++enfmjqKF48+S/Dt0rUZDBmtm 2jikcQou1kEYSfnPY2f9EuPvT+jr4OhouUdtlSOBTLNAu+UieeYi22UBbrzsK4owGWxFADpU J04dy62trpm4XalznHlfQn1NOv1j8tpyRWF6bKVI7Ev9i6251modp1K7Td1KS9Ba5hYJ2a3O BeC51oAvve/2UdGi4ctOepd7OxwkMDd+SnNDKiIPrKinLArHON4wM2eTRHJhD28+KTduao+J Y2aYa6R4YUyUsxaIM6Nb75Fi9cDn3lmrUuKHMyT50n3gNK2OS/OIZ9YYQTmUwzMxP7dyOkj2 40EbJXiJtQ2eLCWXxQ7BqZIdQFadSVgXMuuwyGVH8baSjdb9KgaI6a56ZsqepB/nrQTkeHN/ 3qnXVRfxka5jnrCQThmoFg6AF8zdf6TdU4GABE=

Ironport-hdrordr: A9a23:LWbXw60LZ8UVUdc0MhpZpAqjBRxyeYIsimQD101hICG9Lfb2qy n+ppgmPEHP5Qr5AEtQ5OxpOMG7MBbhHQYc2/hfAV7QZnibhILOFvAt0WKC+UytJ8SazIBgPM hbAtFD4bHLfDtHZIPBkXOF+rUbsZi6GcKT9J/jJh5WJGkAAcAB0+46MHfhLqQffngcOXNTLu v52iMznUvHRZ1hVLXdOpBqZZmgm/T70LbdJTIWDR8u7weDyRmy7qThLhSe1hACFxtS3LYL6w H+4kzEz5Tml8v+5g7X1mfV4ZgTssDm0MF/CMuFjdVQAinwizyveJ9qV9S5zXMISaCUmRQXee v30lMd1vdImjTsl6aO0F3QMjzboXMTArnZuAalaDXY0JTErXkBerV8bMpiA2XkAgwbzYtBOe twrhKkX9A8N2KwoA3to9fPTB1kjUyyvD4rlvMSlWVWVc8EZKZWtpF3xjIfLH4sJlOy1GkcKp gnMCgc3ocjTXqKK3TC+mV/yt2lWXo+Wh+AX0gZo8SQlzxbhmpwwUcUzNEW2i5ozuNxd7BUo+ Dfdqh4nrBHScEbKap7GecaWMOyTmjAWwjFPm6eKUnuUKsHJ3XOoZjq56hd3pDhRLUYiJ8p3J jRWlJRsmA/P0roFM2VxZVOtgvARW2sNA6dvP22J6IJzYEUaICbQxFrEmpe4PdIi89vd/HmZw ==

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Thread-index: AQHYJ+IV6PtRJY8p5U2wBnUH9jKzdqyj8n0AgAa3aoCAASBXAIAAIhyAgAAGJQCAADOGgA==

Thread-topic: [PATCH v2.2 8/7] x86/IOMMU: Use altcall, and __initconst_cf_clobber

On 02/03/2022 10:34, Jan Beulich wrote: > On 02.03.2022 11:12, Andrew Cooper wrote: >> On 02/03/2022 08:10, Jan Beulich wrote: >>> On 01.03.2022 15:58, Andrew Cooper wrote: >>>> On 25/02/2022 08:24, Jan Beulich wrote: >>>>> On 22.02.2022 12:47, Andrew Cooper wrote: >>>>>> --- a/xen/drivers/passthrough/amd/pci_amd_iommu.c >>>>>> +++ b/xen/drivers/passthrough/amd/pci_amd_iommu.c >>>>>> @@ -628,7 +628,7 @@ static void cf_check amd_dump_page_tables(struct >>>>>> domain *d) >>>>>> hd->arch.amd.paging_mode, 0, 0); >>>>>> } >>>>>> >>>>>> -static const struct iommu_ops __initconstrel _iommu_ops = { >>>>>> +static const struct iommu_ops __initconst_cf_clobber _iommu_ops = { >>>>> Following my initcall related remark on x86'es time.c I'm afraid I don't >>>>> see how this and ... >>>>> >>>>>> @@ -2794,7 +2793,7 @@ static int __init cf_check >>>>>> intel_iommu_quarantine_init(struct domain *d) >>>>>> return rc; >>>>>> } >>>>>> >>>>>> -static struct iommu_ops __initdata vtd_ops = { >>>>>> +static const struct iommu_ops __initconst_cf_clobber vtd_ops = { >>>>> ... this actually works. But I guess I must be overlooking something, as >>>>> I'm sure that you did test the change. >>>>> >>>>> Both ops structures reference a function, through .adjust_irq_affinities, >>>>> which isn't __init but which is used (besides here) for an initcall. With >>>>> the ENDBR removed by the time initcalls are run, these should cause #CP. >>>> This doesn't explode because the indirect calls are resolved to direct >>>> calls before the ENDBR's are clobbered to NOP4. >>> I'm afraid I don't understand: The problematic call is in do_initcalls(): >>> >>> for ( call = __presmp_initcall_end; call < __initcall_end; call++ ) >>> (*call)(); >>> >>> I don't see how this could be converted to a direct call. >> Oh. iov_adjust_irq_affinities()'s double use is hiding here. >> >> The safety rule for cf_clobber is that there must not be any >> non-alt-called callers. We need to fix it: >> >> diff --git a/xen/drivers/passthrough/amd/iommu_init.c >> b/xen/drivers/passthrough/amd/iommu_init.c >> index 657c7f619a51..b1af5085efda 100644 >> --- a/xen/drivers/passthrough/amd/iommu_init.c >> +++ b/xen/drivers/passthrough/amd/iommu_init.c >> @@ -831,7 +831,12 @@ int cf_check iov_adjust_irq_affinities(void) >> >> return 0; >> } >> -__initcall(iov_adjust_irq_affinities); >> + >> +int cf_check __init initcall_iov_adjust_irq_affinities(void) >> +{ >> + return iommu_call(&iommu_ops, adjust_irq_affinities); >> +} >> +__initcall(initcall_iov_adjust_irq_affinities); >> >> /* >> * Family15h Model 10h-1fh erratum 746 (IOMMU Logging May Stall >> Translations) >> >> >>> Afaics only pre-SMP initcalls are safe in this regard: do_presmp_initcalls() >>> is called immediately ahead of alternative_branches(). >>> >>> Isn't this (previously?) working related to your "x86/spec-ctrl: Disable >>> retpolines with CET-IBT"? >> No. It's because AMD CPUs don't have CET-IBT at this juncture, and will >> never encounter a faulting situation. > I'm still lost. An exactly matching construct exists in VT-d code (and > my initial comment also was on VT-d). The AMD one is actually a clone > of that much older one. The initcall really wants to move to vendor > independent code, but I'd still like to understand why no fault was > ever observed. Lovely. It's got a vtd infix which is why it escaped my grep. And yes, I really would expect that to explode on my test system... ~Andrew

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.