From patchwork Wed Jul 20 16:10:45 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Julien Grall <julien.grall@arm.com>
X-Patchwork-Id: 72448
Delivered-To: patch@linaro.org
Received: by 10.140.29.52 with SMTP id a49csp66528qga;
 Wed, 20 Jul 2016 09:14:22 -0700 (PDT)
X-Received: by 10.107.133.93 with SMTP id h90mr45005604iod.16.1469031253877; 
 Wed, 20 Jul 2016 09:14:13 -0700 (PDT)
Return-Path: <xen-devel-bounces@lists.xen.org>
Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120])
 by mx.google.com with ESMTPS id 70si2553144itz.31.2016.07.20.09.14.13
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Wed, 20 Jul 2016 09:14:13 -0700 (PDT)
Received-SPF: neutral (google.com: 192.237.175.120 is neither permitted nor
 denied by best guess record for domain of
 xen-devel-bounces@lists.xen.org) client-ip=192.237.175.120; 
Authentication-Results: mx.google.com;
 spf=neutral (google.com: 192.237.175.120 is neither permitted nor
 denied by best guess record for domain of
 xen-devel-bounces@lists.xen.org)
 smtp.mailfrom=xen-devel-bounces@lists.xen.org
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
 by lists.xenproject.org with esmtp (Exim 4.84_2)
 (envelope-from <xen-devel-bounces@lists.xen.org>)
 id 1bPu5p-0007Tx-Ch; Wed, 20 Jul 2016 16:11:29 +0000
Received: from mail6.bemta5.messagelabs.com ([195.245.231.135])
 by lists.xenproject.org with esmtp (Exim 4.84_2)
 (envelope-from <julien.grall@arm.com>) id 1bPu5o-0007Sk-Re
 for xen-devel@lists.xen.org; Wed, 20 Jul 2016 16:11:28 +0000
Received: from [85.158.139.211] by server-16.bemta-5.messagelabs.com id
 25/D9-26103-FA2AF875; Wed, 20 Jul 2016 16:11:27 +0000
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrGLMWRWlGSWpSXmKPExsVysyfVTXf9ov5
 wg6+dMhZLPi5mcWD0OLr7N1MAYxRrZl5SfkUCa8aNMxvYCvbyV1x/4tbAOJGni5GLQ0hgE6NE
 964edgjnNKPEqdn9zF2MnBxsApoSdz5/YgKxRQSkJa59vswIUsQs0M4osXzjPxaQhLBAjMTW5
 wfAilgEVCXed6wFinNw8Aq4SOy+IQASlhCQkzh5bDIriM0p4Cpx/uRPRhBbCKhk09tvzBMYuR
 cwMqxi1ChOLSpLLdI1MtZLKspMzyjJTczM0TU0MNXLTS0uTkxPzUlMKtZLzs/dxAj0bz0DA+M
 Oxh3tfocYJTmYlER5VUV7w4X4kvJTKjMSizPii0pzUosPMcpwcChJ8Eot7A8XEixKTU+tSMvM
 AQYaTFqCg0dJhJcLJM1bXJCYW5yZDpE6xagoJc7rDpIQAElklObBtcGC+xKjrJQwLyMDA4MQT
 0FqUW5mCar8K0ZxDkYlYV4hkCk8mXklcNNfAS1mAlo8RwBscUkiQkqqgdGgfemEuxsZBR3+Ww
 g+Yoxc/aNO7bWxN9exaKdtgXv9fUQYXuXfjK2XfGAsHy3x88uKTv93la//Ne28/jPCsMn4e5m
 wxOfwEuWDykKsH5ccKjE/vDb0Xtr79BkCd9YHnXk5VyLUk2PR9JtMS6p538jM8Ody4+cRst9u
 W6JucGPpjzMWFtL7EpRYijMSDbWYi4oTAUxrtjdpAgAA
X-Env-Sender: julien.grall@arm.com
X-Msg-Ref: server-12.tower-206.messagelabs.com!1469031086!14223986!1
X-Originating-IP: [217.140.101.70]
X-SpamReason: No, hits=0.0 required=7.0 tests=
X-StarScan-Received: 
X-StarScan-Version: 8.77; banners=-,-,-
X-VirusChecked: Checked
Received: (qmail 24252 invoked from network); 20 Jul 2016 16:11:27 -0000
Received: from foss.arm.com (HELO foss.arm.com) (217.140.101.70)
 by server-12.tower-206.messagelabs.com with SMTP;
 20 Jul 2016 16:11:27 -0000
Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249])
 by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 497CF523;
 Wed, 20 Jul 2016 09:12:37 -0700 (PDT)
Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com
 [10.1.218.32])
 by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id
 9D0A33F387; Wed, 20 Jul 2016 09:11:25 -0700 (PDT)
From: Julien Grall <julien.grall@arm.com>
To: xen-devel@lists.xen.org
Date: Wed, 20 Jul 2016 17:10:45 +0100
Message-Id: <1469031064-23344-4-git-send-email-julien.grall@arm.com>
X-Mailer: git-send-email 1.9.1
In-Reply-To: <1469031064-23344-1-git-send-email-julien.grall@arm.com>
References: <1469031064-23344-1-git-send-email-julien.grall@arm.com>
Cc: proskurin@sec.in.tum.de, Julien Grall <julien.grall@arm.com>,
 sstabellini@kernel.org, wei.chen@linaro.org, steve.capper@arm.com
Subject: [Xen-devel] [PATCH 03/22] xen/arm: p2m: Restrict usage of
 get_page_from_gva to the current vCPU
X-BeenThere: xen-devel@lists.xen.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: Xen developer discussion <xen-devel.lists.xen.org>
List-Unsubscribe: <https://lists.xen.org/cgi-bin/mailman/options/xen-devel>, 
 <mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <https://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>, 
 <mailto:xen-devel-request@lists.xen.org?subject=subscribe>
MIME-Version: 1.0
Errors-To: xen-devel-bounces@lists.xen.org
Sender: "Xen-devel" <xen-devel-bounces@lists.xen.org>

The function get_page_from_gva translates a guest virtual address to a
machine address. The translation involves the register VTTBR_EL2,
TTBR0_EL1, TTBR1_EL1 and SCTLR_EL1.

Currently, only the first register is context switch is the current
domain is not the same. This will result to use the wrong TTBR*_EL1 and
SCTLR_EL1 for the translation.

To fix the code properly, we would have to context switch all the
registers mentioned above when the vCPU in parameter is not the current
one. Similar things would need to be done in the callee
p2m_mem_check_and_get_page.

Given that the only caller of this function with the vCPU that may not
be current is a guest debugging function (show_guest_stack), restrict
the usage to the current vCPU for the time being.

A proper fix will be send separately.

Signed-off-by: Julien Grall <julien.grall@arm.com>
---
    This patch is candidate to be backported up to Xen 4.5.
---
 xen/arch/arm/p2m.c | 24 ++++++++----------------
 1 file changed, 8 insertions(+), 16 deletions(-)

diff --git a/xen/arch/arm/p2m.c b/xen/arch/arm/p2m.c
index 1111d6f..64d84cc 100644
--- a/xen/arch/arm/p2m.c
+++ b/xen/arch/arm/p2m.c
@@ -1530,24 +1530,16 @@ struct page_info *get_page_from_gva(struct vcpu *v, vaddr_t va,
     paddr_t maddr = 0;
     int rc;
 
-    spin_lock(&p2m->lock);
-
-    if ( unlikely(d != current->domain) )
-    {
-        unsigned long irq_flags;
-
-        local_irq_save(irq_flags);
-        p2m_load_VTTBR(d);
+    /*
+     * XXX: To support a different vCPU, we would need to load the
+     * VTTBR_EL2, TTBR0_EL1, TTBR1_EL1 and SCTLR_EL1
+     */
+    if ( v != current )
+        return NULL;
 
-        rc = gvirt_to_maddr(va, &maddr, flags);
+    spin_lock(&p2m->lock);
 
-        p2m_load_VTTBR(current->domain);
-        local_irq_restore(irq_flags);
-    }
-    else
-    {
-        rc = gvirt_to_maddr(va, &maddr, flags);
-    }
+    rc = gvirt_to_maddr(va, &maddr, flags);
 
     if ( rc )
         goto err;