[PATCH for-4.16] x86/cpuid: prevent shrinking migrated policies max leaves

Wed, 10 Nov 2021 09:41:38 -0800 

CPUID policies from guest being migrated shouldn't have the maximum
leaves shrink, as that would be a guest visible change. The hypervisor
has no knowledge on whether a guest has been migrated or is build from
scratch, and hence it must not blindly shrink the CPUID policy in
recalculate_cpuid_policy. Remove the
x86_cpuid_policy_shrink_max_leaves call from recalculate_cpuid_policy.
Removing such call could be seen as a partial revert of 540d911c28.

Instead let the toolstack shrink the policies for newly created
guests, while keeping the previous values for guests that are migrated
in. Note that guests migrated in without a CPUID policy won't get any
kind of shrinking applied.

Fixes: 540d911c28 ('x86/CPUID: shrink max_{,sub}leaf fields according to actual 
leaf contents')
Signed-off-by: Roger Pau MonnĂ© <[email protected]>
---
Cc: Ian Jackson <[email protected]>

This is a regression introduced in this release cycle, so we should
consider whether we want to take this patch. It's mostly moving a
shrink call from the hypervisor into the toolstack and making it more
selective.

Main risks would be this shrinking somehow altering the recalculations
of the CPUID policy done by the hypervisor. Removing the shirk itself
in the hypervisor shouldn't cause issues as that wasn't done before,
and reporting empty max leaf should be fine.
---
 tools/libs/guest/xg_cpuid_x86.c | 7 +++++++
 xen/arch/x86/cpuid.c            | 2 --
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/tools/libs/guest/xg_cpuid_x86.c b/tools/libs/guest/xg_cpuid_x86.c
index 198892ebdf..3ffd5f683b 100644
--- a/tools/libs/guest/xg_cpuid_x86.c
+++ b/tools/libs/guest/xg_cpuid_x86.c
@@ -638,6 +638,13 @@ int xc_cpuid_apply_policy(xc_interface *xch, uint32_t 
domid, bool restore,
         }
     }
 
+    /*
+     * Do not try to shrink the policy if restoring, as that could cause
+     * guest visible changes in the maximum leaf fields.
+     */
+    if ( !restore )
+        x86_cpuid_policy_shrink_max_leaves(p);
+
     rc = x86_cpuid_copy_to_buffer(p, leaves, &nr_leaves);
     if ( rc )
     {
diff --git a/xen/arch/x86/cpuid.c b/xen/arch/x86/cpuid.c
index 2079a30ae4..8ac55f0806 100644
--- a/xen/arch/x86/cpuid.c
+++ b/xen/arch/x86/cpuid.c
@@ -719,8 +719,6 @@ void recalculate_cpuid_policy(struct domain *d)
 
     if ( !p->extd.page1gb )
         p->extd.raw[0x19] = EMPTY_LEAF;
-
-    x86_cpuid_policy_shrink_max_leaves(p);
 }
 
 int init_domain_cpuid_policy(struct domain *d)
-- 
2.33.0

Reply via email to