File xsa435-0-06.patch of Package xen.31430
From c17072fc164a72583fda8e2b836c71d2e3f8e84d Mon Sep 17 00:00:00 2001
From: Andrew Cooper <andrew.cooper3@citrix.com>
Date: Wed, 15 Dec 2021 15:36:59 +0000
Subject: x86/cpuid: Split dom0 handling out of init_domain_cpuid_policy()
To implement dom0-cpuid= support, the special cases would need extending.
However there is already a problem with late hwdom where the special cases
override toolstack settings, which is unintended and poor behaviour.
Introduce a new init_dom0_cpuid_policy() for the purpose, moving the ITSC and
ARCH_CAPS logic. The is_hardware_domain() can be dropped, and for now there
is no need to rerun recalculate_cpuid_policy(); this is a relatively expensive
operation, and will become more-so over time.
Rearrange the logic in create_dom0() to make room for a call to
init_dom0_cpuid_policy(). The AMX plans for having variable sized XSAVE
states require that modifications to the policy happen before vCPUs are
created.
Additionally, factor out domid into a variable so we can be slightly more
correct in the case of a failure, and also print the error from
domain_create(). This will at least help distinguish -EINVAL from -ENOMEM.
No practical change in behaviour.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
--- a/xen/arch/x86/cpuid.c
+++ b/xen/arch/x86/cpuid.c
@@ -641,22 +641,28 @@ int init_domain_cpuid_policy(struct doma
if ( !p )
return -ENOMEM;
- if ( d->disable_migrate )
- p->extd.itsc = cpu_has_itsc;
-
d->arch.cpuid = p;
recalculate_cpuid_policy(d);
+ return 0;
+}
+
+void __init init_dom0_cpuid_policy(struct domain *d)
+{
+ struct cpuid_policy *p = d->arch.cpuid;
+
+ /* dom0 can't migrate. Give it ITSC if available. */
+ if ( cpu_has_itsc )
+ p->extd.itsc = true;
+
/*
* Expose the "hardware speculation behaviour" bits of ARCH_CAPS to dom0,
* so dom0 can turn off workarounds as appropriate. Temporary, until the
* domain policy logic gains a better understanding of MSRs.
*/
- if ( is_hardware_domain(d) && boot_cpu_has(X86_FEATURE_ARCH_CAPS) )
+ if ( cpu_has_arch_caps )
p->feat.arch_caps = true;
-
- return 0;
}
void guest_cpuid(const struct vcpu *v, uint32_t leaf,
--- a/xen/arch/x86/setup.c
+++ b/xen/arch/x86/setup.c
@@ -695,6 +695,7 @@ void __init noreturn __start_xen(unsigne
int i, j, e820_warn = 0, bytes = 0;
bool acpi_boot_table_init_done = false, relocated = false;
int ret;
+ domid_t domid;
struct ns16550_defaults ns16550 = {
.data_bits = 8,
.parity = 'n',
@@ -1751,10 +1752,16 @@ void __init noreturn __start_xen(unsigne
if ( iommu_enabled )
dom0_cfg.flags |= XEN_DOMCTL_CDF_iommu;
- /* Create initial domain 0. */
- dom0 = domain_create(get_initial_domain_id(), &dom0_cfg, !pv_shim);
- if ( IS_ERR(dom0) || (alloc_dom0_vcpu0(dom0) == NULL) )
- panic("Error creating domain 0\n");
+ /* Create initial domain. Not d0 for pvshim. */
+ domid = get_initial_domain_id();
+ dom0 = domain_create(domid, &dom0_cfg, !pv_shim);
+ if ( IS_ERR(dom0) )
+ panic("Error creating d%u: %ld\n", domid, PTR_ERR(dom0));
+
+ init_dom0_cpuid_policy(dom0);
+
+ if ( alloc_dom0_vcpu0(dom0) == NULL )
+ panic("Error creating d%uv0\n", domid);
/* Grab the DOM0 command line. */
cmdline = (char *)(mod[0].string ? __va(mod[0].string) : NULL);
--- a/xen/include/asm-x86/cpuid.h
+++ b/xen/include/asm-x86/cpuid.h
@@ -58,6 +58,9 @@ bool recheck_cpu_features(unsigned int c
/* Allocate and initialise a CPUID policy suitable for the domain. */
int init_domain_cpuid_policy(struct domain *d);
+/* Apply dom0-specific tweaks to the CPUID policy. */
+void init_dom0_cpuid_policy(struct domain *d);
+
/* Clamp the CPUID policy to reality. */
void recalculate_cpuid_policy(struct domain *d);
