Xen project Mailing List

Ping: [PATCH][XTF] XSA-286: fix PAE variant of test

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Date: Wed, 14 Jul 2021 08:30:40 +0200

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=PiuDjLX2tINXktLSjRM7OutzrwBcGfmB1V6mt1Y6zhY=; b=MJlbCfvftxaJMKX/pxoYVwfia2D0Du9z6i3qey4aJxfUB9RzJmZSUWBOFVZPLmhiX0RKVOIxSJ4yYD3qWPpbN4kNpfb/7wirJ10fkEE4WMNUocH70gVuXYlfv72OxMWdh7zxu4jIop49aPSm3iSxsyzjS2RFPwIsS9avmIhua99PZ6P1cmfIprxZQCbbBQR5EphvVKZe9758O8vAlKHCW7+g8GFjHNSXAnD4eC7yb2agB3kyAYl1jyXIy1og0I39hFvI3aEyaQ0kRbyQFm1sYsUnge6dzvbFsGOczVQm+/zvrvn4UU3/QM+bnwXFlmPkHiL4oM+FEwDiv/5HftUSkg==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YjnuCqB933axmMkWLI+P7nmaKjqNEuTmxGk6L5t5LO4z6IOBMyXS5Z17cfunMeNqQWW+dtJkq35NGm02TsQy8P8DyzR7R6hZfovEBbAZcx+2e8wc7IEQPBnCjy2CPZCgng2T7WLfHi8jU9LwuSGfSLDPCYQ6vEi1+RY6cyFXGHPtRF/e1rGnAnpa2xkSRxbNBaiGLCLcb0p+A00IKjsO4liL0ZBfqzgdTqyr5vVpdDdSG3nZeA9C418+OV1q1MbOQeKI8sZkhXYlxxSXZfNgy0DCSUBiX2FUyp14K/if1NF5EsEhtQoteYcdvVLATEp1fuXT/PMUUy3iLS1PJFc+uA==

Authentication-results: lists.xenproject.org; dkim=none (message not signed) header.d=none;lists.xenproject.org; dmarc=none action=none header.from=suse.com;

Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Wed, 14 Jul 2021 06:31:03 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 17.05.2021 15:22, Jan Beulich wrote: > L3 entry updates aren't specified to take immediate effect in PAE mode: > On bare metal, only the next CR3 load actually loads the PDPTEs, and a > 32-bit Xen also wouldn't immediately propagate new entries into the > PDPTEs. Them taking immediate effect (leaving aside the need to flush > the TLB) on 64-bit Xen is merely to not complicate the hypervisor > implementation more than necessary. Guests cannot depend on such > behavior, and hence this test shouldn't either. > > Insert the hypercall equivalent of a CR3 reload into the multicall. > > Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> > --- > With this, cb199cc7de98 ('Revert "x86/PV32: avoid TLB flushing after > mod_l3_entry()" and "x86/PV: restrict TLB flushing after > mod_l[234]_entry()"') should imo be reverted from the Xen tree. The > claim was wrong that the test was correct and hypervisor code flawed. Ping? I know you've expressed your disagreement with things stated above, but I'm afraid you're still on the hook to actually prove some of the claims you've made. Thanks, Jan > --- a/tests/xsa-286/main.c > +++ b/tests/xsa-286/main.c > @@ -128,9 +128,18 @@ void test_main(void) > * > * - update_va_mapping(addr, 0, INLVPG) > * - mmu_update(&l3t[slot], l2t2) > + * - (PAE only) new_baseptr(cr3) > * - update_va_mapping(addr, gfn0 | AD|WR|P, INLVPG) > */ > mu[0].val = pte_from_virt(l2t2, PF_SYM(AD, RW, P)); > +#ifdef __i386__ > + mmuext_op_t mx[] = { > + { > + .cmd = MMUEXT_NEW_BASEPTR, > + .arg1.mfn = read_cr3() >> PAGE_SHIFT, > + }, > + }; > +#endif > intpte_t nl1e = pte_from_gfn(pfn_to_mfn(0), PF_SYM(AD, RW, P)); > multicall_entry_t multi[] = { > { > @@ -153,6 +162,17 @@ void test_main(void) > DOMID_SELF, > }, > }, > +#ifdef __i386__ > + { > + .op = __HYPERVISOR_mmuext_op, > + .args = { > + _u(mx), > + ARRAY_SIZE(mx), > + _u(NULL), > + DOMID_SELF, > + }, > + }, > +#endif > { > .op = __HYPERVISOR_update_va_mapping, > .args = { >

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.