Commit a2ef5dc2 authored by Mukesh Rathor's avatar Mukesh Rathor Committed by David Vrabel

x86/xen: Set EFER.NX and EFER.SCE in PVH guests

This fixes two bugs in PVH guests:

  - Not setting EFER.NX means the NX bit in page table entries is
    ignored on Intel processors and causes reserved bit page faults on
    AMD processors.

  - After the Xen commit 7645640d6ff1 ("x86/PVH: don't set EFER_SCE for
    pvh guest") PVH guests are required to set EFER.SCE to enable the
    SYSCALL instruction.

Secondary VCPUs are started with pagetables with the NX bit set so
EFER.NX must be set before using any stack or data segment.
xen_pvh_cpu_early_init() is the new secondary VCPU entry point that
sets EFER before jumping to cpu_bringup_and_idle().
Signed-off-by: default avatarMukesh Rathor <mukesh.rathor@oracle.com>
Reviewed-by: default avatarKonrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: default avatarDavid Vrabel <david.vrabel@citrix.com>
parent d1e9abd6
...@@ -1463,6 +1463,7 @@ static void __ref xen_setup_gdt(int cpu) ...@@ -1463,6 +1463,7 @@ static void __ref xen_setup_gdt(int cpu)
pv_cpu_ops.load_gdt = xen_load_gdt; pv_cpu_ops.load_gdt = xen_load_gdt;
} }
#ifdef CONFIG_XEN_PVH
/* /*
* A PV guest starts with default flags that are not set for PVH, set them * A PV guest starts with default flags that are not set for PVH, set them
* here asap. * here asap.
...@@ -1508,12 +1509,15 @@ static void __init xen_pvh_early_guest_init(void) ...@@ -1508,12 +1509,15 @@ static void __init xen_pvh_early_guest_init(void)
return; return;
xen_have_vector_callback = 1; xen_have_vector_callback = 1;
xen_pvh_early_cpu_init(0, false);
xen_pvh_set_cr_flags(0); xen_pvh_set_cr_flags(0);
#ifdef CONFIG_X86_32 #ifdef CONFIG_X86_32
BUG(); /* PVH: Implement proper support. */ BUG(); /* PVH: Implement proper support. */
#endif #endif
} }
#endif /* CONFIG_XEN_PVH */
/* First C function to be called on Xen boot */ /* First C function to be called on Xen boot */
asmlinkage __visible void __init xen_start_kernel(void) asmlinkage __visible void __init xen_start_kernel(void)
...@@ -1528,7 +1532,9 @@ asmlinkage __visible void __init xen_start_kernel(void) ...@@ -1528,7 +1532,9 @@ asmlinkage __visible void __init xen_start_kernel(void)
xen_domain_type = XEN_PV_DOMAIN; xen_domain_type = XEN_PV_DOMAIN;
xen_setup_features(); xen_setup_features();
#ifdef CONFIG_XEN_PVH
xen_pvh_early_guest_init(); xen_pvh_early_guest_init();
#endif
xen_setup_machphys_mapping(); xen_setup_machphys_mapping();
/* Install Xen paravirt ops */ /* Install Xen paravirt ops */
......
...@@ -37,6 +37,7 @@ ...@@ -37,6 +37,7 @@
#include <xen/hvc-console.h> #include <xen/hvc-console.h>
#include "xen-ops.h" #include "xen-ops.h"
#include "mmu.h" #include "mmu.h"
#include "smp.h"
cpumask_var_t xen_cpu_initialized_map; cpumask_var_t xen_cpu_initialized_map;
...@@ -99,10 +100,14 @@ static void cpu_bringup(void) ...@@ -99,10 +100,14 @@ static void cpu_bringup(void)
wmb(); /* make sure everything is out */ wmb(); /* make sure everything is out */
} }
/* Note: cpu parameter is only relevant for PVH */ /*
static void cpu_bringup_and_idle(int cpu) * Note: cpu parameter is only relevant for PVH. The reason for passing it
* is we can't do smp_processor_id until the percpu segments are loaded, for
* which we need the cpu number! So we pass it in rdi as first parameter.
*/
asmlinkage __visible void cpu_bringup_and_idle(int cpu)
{ {
#ifdef CONFIG_X86_64 #ifdef CONFIG_XEN_PVH
if (xen_feature(XENFEAT_auto_translated_physmap) && if (xen_feature(XENFEAT_auto_translated_physmap) &&
xen_feature(XENFEAT_supervisor_mode_kernel)) xen_feature(XENFEAT_supervisor_mode_kernel))
xen_pvh_secondary_vcpu_init(cpu); xen_pvh_secondary_vcpu_init(cpu);
...@@ -374,11 +379,10 @@ cpu_initialize_context(unsigned int cpu, struct task_struct *idle) ...@@ -374,11 +379,10 @@ cpu_initialize_context(unsigned int cpu, struct task_struct *idle)
ctxt->user_regs.fs = __KERNEL_PERCPU; ctxt->user_regs.fs = __KERNEL_PERCPU;
ctxt->user_regs.gs = __KERNEL_STACK_CANARY; ctxt->user_regs.gs = __KERNEL_STACK_CANARY;
#endif #endif
ctxt->user_regs.eip = (unsigned long)cpu_bringup_and_idle;
memset(&ctxt->fpu_ctxt, 0, sizeof(ctxt->fpu_ctxt)); memset(&ctxt->fpu_ctxt, 0, sizeof(ctxt->fpu_ctxt));
if (!xen_feature(XENFEAT_auto_translated_physmap)) { if (!xen_feature(XENFEAT_auto_translated_physmap)) {
ctxt->user_regs.eip = (unsigned long)cpu_bringup_and_idle;
ctxt->flags = VGCF_IN_KERNEL; ctxt->flags = VGCF_IN_KERNEL;
ctxt->user_regs.eflags = 0x1000; /* IOPL_RING1 */ ctxt->user_regs.eflags = 0x1000; /* IOPL_RING1 */
ctxt->user_regs.ds = __USER_DS; ctxt->user_regs.ds = __USER_DS;
...@@ -413,15 +417,18 @@ cpu_initialize_context(unsigned int cpu, struct task_struct *idle) ...@@ -413,15 +417,18 @@ cpu_initialize_context(unsigned int cpu, struct task_struct *idle)
(unsigned long)xen_failsafe_callback; (unsigned long)xen_failsafe_callback;
ctxt->user_regs.cs = __KERNEL_CS; ctxt->user_regs.cs = __KERNEL_CS;
per_cpu(xen_cr3, cpu) = __pa(swapper_pg_dir); per_cpu(xen_cr3, cpu) = __pa(swapper_pg_dir);
#ifdef CONFIG_X86_32
} }
#else #ifdef CONFIG_XEN_PVH
} else else {
/* N.B. The user_regs.eip (cpu_bringup_and_idle) is called with /*
* %rdi having the cpu number - which means are passing in * The vcpu comes on kernel page tables which have the NX pte
* as the first parameter the cpu. Subtle! * bit set. This means before DS/SS is touched, NX in
* EFER must be set. Hence the following assembly glue code.
*/ */
ctxt->user_regs.eip = (unsigned long)xen_pvh_early_cpu_init;
ctxt->user_regs.rdi = cpu; ctxt->user_regs.rdi = cpu;
ctxt->user_regs.rsi = true; /* entry == true */
}
#endif #endif
ctxt->user_regs.esp = idle->thread.sp0 - sizeof(struct pt_regs); ctxt->user_regs.esp = idle->thread.sp0 - sizeof(struct pt_regs);
ctxt->ctrlreg[3] = xen_pfn_to_cr3(virt_to_mfn(swapper_pg_dir)); ctxt->ctrlreg[3] = xen_pfn_to_cr3(virt_to_mfn(swapper_pg_dir));
......
...@@ -8,4 +8,12 @@ extern void xen_send_IPI_allbutself(int vector); ...@@ -8,4 +8,12 @@ extern void xen_send_IPI_allbutself(int vector);
extern void xen_send_IPI_all(int vector); extern void xen_send_IPI_all(int vector);
extern void xen_send_IPI_self(int vector); extern void xen_send_IPI_self(int vector);
#ifdef CONFIG_XEN_PVH
extern void xen_pvh_early_cpu_init(int cpu, bool entry);
#else
static inline void xen_pvh_early_cpu_init(int cpu, bool entry)
{
}
#endif
#endif #endif
...@@ -47,6 +47,41 @@ ENTRY(startup_xen) ...@@ -47,6 +47,41 @@ ENTRY(startup_xen)
__FINIT __FINIT
#ifdef CONFIG_XEN_PVH
/*
* xen_pvh_early_cpu_init() - early PVH VCPU initialization
* @cpu: this cpu number (%rdi)
* @entry: true if this is a secondary vcpu coming up on this entry
* point, false if this is the boot CPU being initialized for
* the first time (%rsi)
*
* Note: This is called as a function on the boot CPU, and is the entry point
* on the secondary CPU.
*/
ENTRY(xen_pvh_early_cpu_init)
mov %rsi, %r11
/* Gather features to see if NX implemented. */
mov $0x80000001, %eax
cpuid
mov %edx, %esi
mov $MSR_EFER, %ecx
rdmsr
bts $_EFER_SCE, %eax
bt $20, %esi
jnc 1f /* No NX, skip setting it */
bts $_EFER_NX, %eax
1: wrmsr
#ifdef CONFIG_SMP
cmp $0, %r11b
jne cpu_bringup_and_idle
#endif
ret
#endif /* CONFIG_XEN_PVH */
.pushsection .text .pushsection .text
.balign PAGE_SIZE .balign PAGE_SIZE
ENTRY(hypercall_page) ENTRY(hypercall_page)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment