Xen project Mailing List

[PATCH 1/2] x86/mm: avoid phys_to_nid() calls for invalid addresses

To: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Date: Tue, 13 Dec 2022 12:36:54 +0100

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=dI5yJpzzZtco6iDYZtvKt6sm4LVJzPtpRGFeBOoz680=; b=KjfyiTAk82DkBCrWwROjKYsgVUI5sUvr0ZR6t4FONez6HHAMheFVBKVOcy8ScADPWTRJ1/GNK/jCBrF/0ZnKwYlzJwF9huCVMSELIs7MyNZjorXAzTBWxDYUFWtA/Xo7CgT0aIIWCUqStdud5oNkzEsj7uvs+ZyspyMBnDe2aKXoNXT3hexYt+N/yH5bmKH7GJ/mQKFc0NiVFqLTCwS32kjlR/kfo/4eNJndcwWpc2BjmtXpCOBm3LtiSwO0+lgur62KqzwUzkvTQkRuB3T1VA2qZOC/TXxQW5NYSb+v4FysqoZHglAV45BM4Ek7IbKb8mKx4eyXhXL6IvEt7+uhsA==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fN4/pZmTQgWw1txxYV+1LbB33sHqWNIwsIblBjA55NZGUPEQnoYGKfpNwOuJwdKPtXJJTYf9lc/zv2Bhq2IJiziHvExkRL7HaOy2noyATpR2gVIGV+niCj8dzckT03WiaxdnvD4rTDmDeOTBXvpNkZoKmozG3tyUDroo+xGV7jXwk28BOKBVUfpuBQjwVFLG59WFrnVCOuF8u09DfOmlCrfwb0eJTOQ5+0oJltxCrPGvP6tONJkM00y1u3rbrTDCS4q1pZvh4sGnjhoy0itUQwkiwAQigxmBDsFkMQ1N/cf8M6rmuWNO+dTF9zd6fQwZ2jrZ8E4UKc/gt2Fr6pC4+w==

Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;

Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>

Delivery-date: Tue, 13 Dec 2022 11:37:00 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

With phys_to_nid() now actively checking that a valid node ID is on record, the two uses in paging_init() can actually trigger at least the 2nd of the assertions there. They're used to calculate allocation flags, but the calculated flags wouldn't be used when dealing with an invalid (unpopulated) address range. Defer the calculations such that they can be done with a validated MFN in hands. This also does away with the artificial calculations of an address to pass to phys_to_nid(). Note that while the variable is provably written before use, at least some compiler versions can't actually verify that. Hence the variable also needs to gain a (dead) initializer. Fixes: e9c72d524fbd ("xen/x86: Use ASSERT instead of VIRTUAL_BUG_ON for phys_to_nid") Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> --- RFC: With small enough a NUMA hash shift it would still be possible to hit an SRAT hole, despite mfn_valid() passing. Hence, like was the original plan, it may still be necessary to relax the checking in phys_to_nid() (or its designated replacements). At which point the value of this change here would shrink to merely reducing the chance of unintentionally doing NUMA_NO_NODE allocations. --- a/xen/arch/x86/x86_64/mm.c +++ b/xen/arch/x86/x86_64/mm.c @@ -498,7 +498,7 @@ error: void __init paging_init(void) { unsigned long i, mpt_size, va; - unsigned int n, memflags; + unsigned int n, memflags = 0; l3_pgentry_t *l3_ro_mpt; l2_pgentry_t *pl2e = NULL, *l2_ro_mpt = NULL; struct page_info *l1_pg; @@ -547,8 +547,6 @@ void __init paging_init(void) { BUILD_BUG_ON(RO_MPT_VIRT_START & ((1UL << L3_PAGETABLE_SHIFT) - 1)); va = RO_MPT_VIRT_START + (i << L2_PAGETABLE_SHIFT); - memflags = MEMF_node(phys_to_nid(i << - (L2_PAGETABLE_SHIFT - 3 + PAGE_SHIFT))); if ( cpu_has_page1gb && !((unsigned long)pl2e & ~PAGE_MASK) && @@ -559,10 +557,15 @@ void __init paging_init(void) for ( holes = k = 0; k < 1 << PAGETABLE_ORDER; ++k) { for ( n = 0; n < CNT; ++n) - if ( mfn_valid(_mfn(MFN(i + k) + n * PDX_GROUP_COUNT)) ) + { + mfn = _mfn(MFN(i + k) + n * PDX_GROUP_COUNT); + if ( mfn_valid(mfn) ) break; + } if ( n == CNT ) ++holes; + else if ( k == holes ) + memflags = MEMF_node(phys_to_nid(mfn_to_maddr(mfn))); } if ( k == holes ) { @@ -593,8 +596,14 @@ void __init paging_init(void) } for ( n = 0; n < CNT; ++n) - if ( mfn_valid(_mfn(MFN(i) + n * PDX_GROUP_COUNT)) ) + { + mfn = _mfn(MFN(i) + n * PDX_GROUP_COUNT); + if ( mfn_valid(mfn) ) + { + memflags = MEMF_node(phys_to_nid(mfn_to_maddr(mfn))); break; + } + } if ( n == CNT ) l1_pg = NULL; else if ( (l1_pg = alloc_domheap_pages(NULL, PAGETABLE_ORDER, @@ -663,15 +672,19 @@ void __init paging_init(void) sizeof(*compat_machine_to_phys_mapping)); for ( i = 0; i < (mpt_size >> L2_PAGETABLE_SHIFT); i++, pl2e++ ) { - memflags = MEMF_node(phys_to_nid(i << - (L2_PAGETABLE_SHIFT - 2 + PAGE_SHIFT))); for ( n = 0; n < CNT; ++n) - if ( mfn_valid(_mfn(MFN(i) + n * PDX_GROUP_COUNT)) ) + { + mfn = _mfn(MFN(i) + n * PDX_GROUP_COUNT); + if ( mfn_valid(mfn) ) + { + memflags = MEMF_node(phys_to_nid(mfn_to_maddr(mfn))); break; + } + } if ( n == CNT ) continue; if ( (l1_pg = alloc_domheap_pages(NULL, PAGETABLE_ORDER, - memflags)) == NULL ) + memflags)) == NULL ) goto nomem; map_pages_to_xen( RDWR_COMPAT_MPT_VIRT_START + (i << L2_PAGETABLE_SHIFT),

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.