Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP5:Update
xen.19021
xsa275-2.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File xsa275-2.patch of Package xen.19021
Subject: AMD/IOMMU: suppress PTE merging after initial table creation From: Jan Beulich jbeulich@suse.com Tue Nov 20 16:03:32 2018 +0100 Date: Tue Nov 20 16:03:32 2018 +0100: Git: 2b3463f77dd09553b45b64cb22da8bba6ac99ad2 The logic is not fit for this purpose, so simply disable its use until it can be fixed / replaced. Note that this re-enables merging for the table creation case, which was disabled as a (perhaps unintended) side effect of the earlier "amd/iommu: fix flush checks". It relies on no page getting mapped more than once (with different properties) in this process, as that would still be beyond what the merging logic can cope with. But arch_iommu_populate_page_table() guarantees this afaict. This is part of XSA-275. Signed-off-by: Jan Beulich <jbeulich@suse.com> master commit: 937ef32565fa3a81fdb37b9dd5aa99a1b87afa75 master date: 2018-11-20 14:55:14 +0100 Index: xen-4.7.6-testing/xen/common/domain.c =================================================================== --- xen-4.7.6-testing.orig/xen/common/domain.c +++ xen-4.7.6-testing/xen/common/domain.c @@ -1031,6 +1031,20 @@ int domain_unpause_by_systemcontroller(s prev = cmpxchg(&d->controller_pause_count, old, new); } while ( prev != old ); + /* + * d->controller_pause_count is initialised to 1, and the toolstack is + * responsible for making one unpause hypercall when it wishes the guest + * to start running. + * + * All other toolstack operations should make a pair of pause/unpause + * calls and rely on the reference counting here. + * + * Creation is considered finished when the controller reference count + * first drops to 0. + */ + if ( new == 0 ) + d->creation_finished = 1; + domain_unpause(d); return 0; Index: xen-4.7.6-testing/xen/drivers/passthrough/amd/iommu_map.c =================================================================== --- xen-4.7.6-testing.orig/xen/drivers/passthrough/amd/iommu_map.c +++ xen-4.7.6-testing/xen/drivers/passthrough/amd/iommu_map.c @@ -695,11 +695,24 @@ int amd_iommu_map_page(struct domain *d, !!(flags & IOMMUF_writable), !!(flags & IOMMUF_readable)); - /* Do not increase pde count if io mapping has not been changed */ - if ( !need_flush ) - goto out; + if ( need_flush ) + { + amd_iommu_flush_pages(d, gfn, 0); + /* No further merging, as the logic doesn't cope. */ + hd->arch.no_merge = 1; + } - amd_iommu_flush_pages(d, gfn, 0); + /* + * Suppress merging of non-R/W mappings or after initial table creation, + * as the merge logic does not cope with this. + */ + if ( hd->arch.no_merge || flags != (IOMMUF_writable | IOMMUF_readable) ) + goto out; + if ( d->creation_finished ) + { + hd->arch.no_merge = 1; + goto out; + } for ( merge_level = IOMMU_PAGING_MODE_LEVEL_2; merge_level <= hd->arch.paging_mode; merge_level++ ) @@ -769,6 +782,10 @@ int amd_iommu_unmap_page(struct domain * /* mark PTE as 'page not present' */ clear_iommu_pte_present(pt_mfn[1], gfn); + + /* No further merging in amd_iommu_map_page(), as the logic doesn't cope. */ + hd->arch.no_merge = 1; + spin_unlock(&hd->arch.mapping_lock); amd_iommu_flush_pages(d, gfn, 0); Index: xen-4.7.6-testing/xen/include/asm-x86/hvm/iommu.h =================================================================== --- xen-4.7.6-testing.orig/xen/include/asm-x86/hvm/iommu.h +++ xen-4.7.6-testing/xen/include/asm-x86/hvm/iommu.h @@ -59,6 +59,7 @@ struct arch_iommu /* amd iommu support */ int paging_mode; + bool_t no_merge; struct page_info *root_table; struct guest_iommu *g_iommu; }; Index: xen-4.7.6-testing/xen/include/xen/sched.h =================================================================== --- xen-4.7.6-testing.orig/xen/include/xen/sched.h +++ xen-4.7.6-testing/xen/include/xen/sched.h @@ -387,6 +387,12 @@ struct domain bool_t disable_migrate; /* Is this guest being debugged by dom0? */ bool_t debugger_attached; + /* + * Set to true at the very end of domain creation, when the domain is + * unpaused for the first time by the systemcontroller. + */ + bool_t creation_finished; + /* Which guest this guest has privileges on */ struct domain *target;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor