[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 3/5] x86: Force proper gdt_boot_base setting

  • To: Frediano Ziglio <frediano.ziglio@xxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Tue, 20 Aug 2024 10:23:47 +0200
  • Autocrypt: addr=jbeulich@xxxxxxxx; keydata= xsDiBFk3nEQRBADAEaSw6zC/EJkiwGPXbWtPxl2xCdSoeepS07jW8UgcHNurfHvUzogEq5xk hu507c3BarVjyWCJOylMNR98Yd8VqD9UfmX0Hb8/BrA+Hl6/DB/eqGptrf4BSRwcZQM32aZK 7Pj2XbGWIUrZrd70x1eAP9QE3P79Y2oLrsCgbZJfEwCgvz9JjGmQqQkRiTVzlZVCJYcyGGsD /0tbFCzD2h20ahe8rC1gbb3K3qk+LpBtvjBu1RY9drYk0NymiGbJWZgab6t1jM7sk2vuf0Py O9Hf9XBmK0uE9IgMaiCpc32XV9oASz6UJebwkX+zF2jG5I1BfnO9g7KlotcA/v5ClMjgo6Gl MDY4HxoSRu3i1cqqSDtVlt+AOVBJBACrZcnHAUSuCXBPy0jOlBhxPqRWv6ND4c9PH1xjQ3NP nxJuMBS8rnNg22uyfAgmBKNLpLgAGVRMZGaGoJObGf72s6TeIqKJo/LtggAS9qAUiuKVnygo 3wjfkS9A3DRO+SpU7JqWdsveeIQyeyEJ/8PTowmSQLakF+3fote9ybzd880fSmFuIEJldWxp Y2ggPGpiZXVsaWNoQHN1c2UuY29tPsJgBBMRAgAgBQJZN5xEAhsDBgsJCAcDAgQVAggDBBYC AwECHgECF4AACgkQoDSui/t3IH4J+wCfQ5jHdEjCRHj23O/5ttg9r9OIruwAn3103WUITZee e7Sbg12UgcQ5lv7SzsFNBFk3nEQQCACCuTjCjFOUdi5Nm244F+78kLghRcin/awv+IrTcIWF hUpSs1Y91iQQ7KItirz5uwCPlwejSJDQJLIS+QtJHaXDXeV6NI0Uef1hP20+y8qydDiVkv6l IreXjTb7DvksRgJNvCkWtYnlS3mYvQ9NzS9PhyALWbXnH6sIJd2O9lKS1Mrfq+y0IXCP10eS FFGg+Av3IQeFatkJAyju0PPthyTqxSI4lZYuJVPknzgaeuJv/2NccrPvmeDg6Coe7ZIeQ8Yj t0ARxu2xytAkkLCel1Lz1WLmwLstV30g80nkgZf/wr+/BXJW/oIvRlonUkxv+IbBM3dX2OV8 AmRv1ySWPTP7AAMFB/9PQK/VtlNUJvg8GXj9ootzrteGfVZVVT4XBJkfwBcpC/XcPzldjv+3 HYudvpdNK3lLujXeA5fLOH+Z/G9WBc5pFVSMocI71I8bT8lIAzreg0WvkWg5V2WZsUMlnDL9 mpwIGFhlbM3gfDMs7MPMu8YQRFVdUvtSpaAs8OFfGQ0ia3LGZcjA6Ik2+xcqscEJzNH+qh8V m5jjp28yZgaqTaRbg3M/+MTbMpicpZuqF4rnB0AQD12/3BNWDR6bmh+EkYSMcEIpQmBM51qM EKYTQGybRCjpnKHGOxG0rfFY1085mBDZCH5Kx0cl0HVJuQKC+dV2ZY5AqjcKwAxpE75MLFkr wkkEGBECAAkFAlk3nEQCGwwACgkQoDSui/t3IH7nnwCfcJWUDUFKdCsBH/E5d+0ZnMQi+G0A nAuWpQkjM1ASeQwSHEeAWPgskBQL
  • Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
  • Delivery-date: Tue, 20 Aug 2024 08:23:53 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 14.08.2024 10:34, Frediano Ziglio wrote:
> Instead of relocate the value at that position compute it
> entirely and write it.
> During EFI boots sym_offs(SYMBOL) are potentially relocated
> causing the values to be corrupted.

This requires quite a bit more explanation, also to understand why a
lone specific sym_offs() is being dealt with here, leaving others
untouched. I'm specifically puzzled by the two in the MB2 header: If
the GDT one is a problem, why would those not be? Of course similarly
for others, in particular those used to pre-fill page tables. I think
an adjustment here needs to come with the addition of a comment next
to the #define, to clarify where the use is appropriate and where it
needs to be avoided.

> --- a/xen/arch/x86/boot/head.S
> +++ b/xen/arch/x86/boot/head.S
> @@ -132,8 +132,7 @@ multiboot2_header:
>  gdt_boot_descr:
>          .word   .Ltrampoline_gdt_end - trampoline_gdt - 1
>  gdt_boot_base:
> -        .long   sym_offs(trampoline_gdt)
> -        .long   0 /* Needed for 64-bit lgdt */
> +        .quad   0 /* Needed for 64-bit lgdt */

The comment is now somewhat odd: It's no longer the entire line that's
there just because we want to use LGDT from 64-bit code, but just half
of what the .quad produces. Therefore perhaps either keep as two longs
(maybe with a different brief comment put on the former), or adjust
the comment wording.

> @@ -373,15 +372,16 @@ __efi64_mb2_start:
>  x86_32_switch:
>          mov     %r15,%rdi
>  
> -        /* Store Xen image load base address in place accessible for 32-bit 
> code. */
> -        lea     __image_base__(%rip),%esi
> -
>          cli
>  
>          /* Initialize GDTR. */
> -        add     %esi,gdt_boot_base(%rip)
> +        lea     trampoline_gdt(%rip), %esi
> +        mov     %esi, gdt_boot_base(%rip)
>          lgdt    gdt_boot_descr(%rip)
>  
> +        /* Store Xen image load base address in place accessible for 32-bit 
> code. */
> +        lea     __image_base__(%rip),%esi

What's the point in moving this code? Surely you could use another
register for the LEA/MOV pair above? In any event - _if_ you move
the code, please also add the blank missing after the comma.

> @@ -439,7 +439,8 @@ __pvh_start:
>          movb    $-1, sym_esi(opt_console_xen)
>  
>          /* Prepare gdt and segments */
> -        add     %esi, sym_esi(gdt_boot_base)
> +        lea     sym_esi(trampoline_gdt), %ecx
> +        mov     %ecx, sym_esi(gdt_boot_base)
>          lgdt    sym_esi(gdt_boot_descr)
>  
>          mov     $BOOT_DS, %ecx
> @@ -543,7 +544,8 @@ trampoline_bios_setup:
>           *
>           * Initialize GDTR and basic data segments.
>           */
> -        add     %esi,sym_esi(gdt_boot_base)
> +        lea     sym_esi(trampoline_gdt), %ecx
> +        mov     %ecx, sym_esi(gdt_boot_base)
>          lgdt    sym_esi(gdt_boot_descr)
>  
>          mov     $BOOT_DS,%ecx

While you mention that you make these changes for consistency, I'm
afraid I don't really see the point. The paths are all different
anyway - there's nothing wrong with leaving everything except
x86_32_switch untouched. Far less code churn then. All it would take
is extending the comment there a little to mention why the value is
fully overwritten rather than merely adjusted.

Jan

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.