git: b717e6878059 - main - {emulators,sysutils}/xen-{kernel,tools}: update to 4.16.0
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 30 Mar 2022 10:31:02 UTC
The branch main has been updated by royger (src committer):
URL: https://cgit.FreeBSD.org/ports/commit/?id=b717e6878059d9ca5dee77cbfa6d8f6db38b0f87
commit b717e6878059d9ca5dee77cbfa6d8f6db38b0f87
Author: Roger Pau Monné <royger@FreeBSD.org>
AuthorDate: 2022-03-29 13:55:42 +0000
Commit: Roger Pau Monné <royger@FreeBSD.org>
CommitDate: 2022-03-30 10:30:55 +0000
{emulators,sysutils}/xen-{kernel,tools}: update to 4.16.0
Add fixes for XSA-{395,398} and backport clang retpoline support from
unstable.
Sponsored by: Citrix Systems R&D
Approved by: bapt (implicit)
---
emulators/xen-kernel/Makefile | 32 +-
emulators/xen-kernel/distinfo | 6 +-
...gnment-of-function-parameters-in-compat-m.patch | 105 ------
...-x86-mtrr-remove-stale-function-prototype.patch | 31 --
...ne-split-retpoline-compiler-support-into-.patch | 66 ++++
...-x86-spec-ctrl-Drop-use_spec_ctrl-boolean.patch | 65 ++++
.../0002-x86-clang-add-retpoline-support.patch | 56 +++
...mtrr-move-epte_get_entry_emt-to-p2m-ept.c.patch | 377 ---------------------
...-ctrl-Introduce-new-has_spec_ctrl-boolean.patch | 97 ++++++
...ce-WB-cache-attributes-for-grant-and-fore.patch | 139 --------
emulators/xen-kernel/files/xsa395.patch | 42 +++
...spec-ctrl-Cease-using-thunk-lfence-on-AMD.patch | 118 +++++++
sysutils/xen-tools/Makefile | 21 +-
sysutils/xen-tools/distinfo | 6 +-
...gnment-of-function-parameters-in-compat-m.patch | 105 ------
sysutils/xen-tools/pkg-plist | 49 +--
16 files changed, 506 insertions(+), 809 deletions(-)
diff --git a/emulators/xen-kernel/Makefile b/emulators/xen-kernel/Makefile
index bb8cdb93dab0..72ace54c0a32 100644
--- a/emulators/xen-kernel/Makefile
+++ b/emulators/xen-kernel/Makefile
@@ -1,6 +1,6 @@
PORTNAME= xen
-PORTVERSION= 4.15.0
-PORTREVISION= 2
+PORTVERSION= 4.16.0
+PORTREVISION= 0
CATEGORIES= emulators
MASTER_SITES= http://downloads.xenproject.org/release/xen/${PORTVERSION}/
PKGNAMESUFFIX= -kernel
@@ -21,15 +21,21 @@ MAKE_ARGS= clang=y PYTHON=${PYTHON_CMD} ARCH=x86_64
NO_MTREE= yes
STRIP= #
PLIST_FILES= /boot/xen \
- lib/debug/boot/xen.debug
+ /boot/xen-debug \
+ lib/debug/boot/xen.debug \
+ lib/debug/boot/xen-debug.debug
-# Fix grant/foreign mapping cache attributes on Intel.
-EXTRA_PATCHES+= ${PATCHDIR}/0001-x86-mtrr-remove-stale-function-prototype.patch:-p1 \
- ${PATCHDIR}/0002-x86-mtrr-move-epte_get_entry_emt-to-p2m-ept.c.patch:-p1 \
- ${PATCHDIR}/0003-x86-ept-force-WB-cache-attributes-for-grant-and-fore.patch:-p1
+# XSA-395
+EXTRA_PATCHES+= ${PATCHDIR}/xsa395.patch:-p1
-# Fix build with clang 13.0.0
-EXTRA_PATCHES+= ${PATCHDIR}/0001-efi-fix-alignment-of-function-parameters-in-compat-m.patch:-p1
+# XSA-398
+EXTRA_PATCHES+= ${PATCHDIR}/0001-x86-spec-ctrl-Drop-use_spec_ctrl-boolean.patch:-p1 \
+ ${PATCHDIR}/0002-x86-spec-ctrl-Introduce-new-has_spec_ctrl-boolean.patch:-p1 \
+ ${PATCHDIR}/xsa398-4.16-6-x86-spec-ctrl-Cease-using-thunk-lfence-on-AMD.patch:-p1
+
+# Add retpoline support for clang builds
+EXTRA_PATCHES+= ${PATCHDIR}/0001-x86-retpoline-split-retpoline-compiler-support-into-.patch:-p1 \
+ ${PATCHDIR}/0002-x86-clang-add-retpoline-support.patch:-p1
.include <bsd.port.options.mk>
@@ -39,7 +45,13 @@ IGNORE= only supported on FreeBSD
# The ports native 'build' target cannot be used because it sets
# CFLAGS, and that breaks the Xen build system.
+#
+# Build both a production and a debug hypervisor.
do-build:
+ ${MAKE_CMD} -j${MAKE_JOBS_NUMBER} -C ${WRKSRC} build-xen ${MAKE_ARGS} debug=y
+ cp ${WRKSRC}/xen/xen ${WRKSRC}/xen/xen-debug
+ cp ${WRKSRC}/xen/xen-syms ${WRKSRC}/xen/xen-debug-syms
+ ${MAKE_CMD} -j${MAKE_JOBS_NUMBER} -C ${WRKSRC} clean-xen ${MAKE_ARGS}
${MAKE_CMD} -j${MAKE_JOBS_NUMBER} -C ${WRKSRC} build-xen ${MAKE_ARGS}
do-install:
@@ -47,5 +59,7 @@ do-install:
${MKDIR} ${STAGEDIR}${PREFIX}/lib/debug/boot/
${INSTALL_PROGRAM} ${WRKSRC}/xen/xen ${STAGEDIR}/boot
${INSTALL_DATA} ${WRKSRC}/xen/xen-syms ${STAGEDIR}${PREFIX}/lib/debug/boot/xen.debug
+ ${INSTALL_PROGRAM} ${WRKSRC}/xen/xen-debug ${STAGEDIR}/boot
+ ${INSTALL_DATA} ${WRKSRC}/xen/xen-debug-syms ${STAGEDIR}${PREFIX}/lib/debug/boot/xen-debug.debug
.include <bsd.port.mk>
diff --git a/emulators/xen-kernel/distinfo b/emulators/xen-kernel/distinfo
index 740fd456bc18..d197e536add4 100644
--- a/emulators/xen-kernel/distinfo
+++ b/emulators/xen-kernel/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1620647879
-SHA256 (xen-4.15.0.tar.gz) = 6cf41394726c9f2913edcd6707457d9b7a910a4d75d95e9ecdebf02b00f1adad
-SIZE (xen-4.15.0.tar.gz) = 40785399
+TIMESTAMP = 1648563575
+SHA256 (xen-4.16.0.tar.gz) = adc87a90e614d090a2014b9aebae8d815a7348bf329d169b3cb655256d0ee995
+SIZE (xen-4.16.0.tar.gz) = 44982322
diff --git a/emulators/xen-kernel/files/0001-efi-fix-alignment-of-function-parameters-in-compat-m.patch b/emulators/xen-kernel/files/0001-efi-fix-alignment-of-function-parameters-in-compat-m.patch
deleted file mode 100644
index 1612c5a113a1..000000000000
--- a/emulators/xen-kernel/files/0001-efi-fix-alignment-of-function-parameters-in-compat-m.patch
+++ /dev/null
@@ -1,105 +0,0 @@
-From be12fcca8b784e456df3adedbffe657d753c5ff9 Mon Sep 17 00:00:00 2001
-From: Roger Pau Monne <roger.pau@citrix.com>
-Date: Thu, 18 Nov 2021 09:28:06 +0100
-Subject: [PATCH] efi: fix alignment of function parameters in compat mode
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Currently the max_store_size, remain_store_size and max_size in
-compat_pf_efi_runtime_call are 4 byte aligned, which makes clang
-13.0.0 complain with:
-
-In file included from compat.c:30:
-./runtime.c:646:13: error: passing 4-byte aligned argument to 8-byte aligned parameter 2 of 'QueryVariableInfo' may result in an unaligned pointer access [-Werror,-Walign-mismatch]
- &op->u.query_variable_info.max_store_size,
- ^
-./runtime.c:647:13: error: passing 4-byte aligned argument to 8-byte aligned parameter 3 of 'QueryVariableInfo' may result in an unaligned pointer access [-Werror,-Walign-mismatch]
- &op->u.query_variable_info.remain_store_size,
- ^
-./runtime.c:648:13: error: passing 4-byte aligned argument to 8-byte aligned parameter 4 of 'QueryVariableInfo' may result in an unaligned pointer access [-Werror,-Walign-mismatch]
- &op->u.query_variable_info.max_size);
- ^
-Fix this by bouncing the variables on the stack in order for them to
-be 8 byte aligned.
-
-Note this could be done in a more selective manner to only apply to
-compat code calls, but given the overhead of making an EFI call doing
-an extra copy of 3 variables doesn't seem to warrant the special
-casing.
-
-Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
-Release-Acked-by: Ian Jackson <iwj@xenproject.org>
-Reviewed-by: Ian Jackson <iwj@xenproject.org>
-Signed-off-by: Ian Jackson <iwj@xenproject.org>
-Reviewed-by: Jan Beulich <jbeulich@suse.com>
-
----
-Changes since v3:
- - Remove hard tabs. Apply Jan's r-b as authorised in email.
-Changes since v2:
- - Adjust the commentary as per discussion.
-Changes since v1:
- - Copy back the results.
----
- xen/common/efi/runtime.c | 31 +++++++++++++++++++++++++++----
- 1 file changed, 27 insertions(+), 4 deletions(-)
-
-diff --git a/xen/common/efi/runtime.c b/xen/common/efi/runtime.c
-index 375b94229e..d2fdc28df3 100644
---- a/xen/common/efi/runtime.c
-+++ b/xen/common/efi/runtime.c
-@@ -607,6 +607,9 @@ int efi_runtime_call(struct xenpf_efi_runtime_call *op)
- break;
-
- case XEN_EFI_query_variable_info:
-+ {
-+ uint64_t max_store_size, remain_store_size, max_size;
-+
- if ( op->misc & ~XEN_EFI_VARINFO_BOOT_SNAPSHOT )
- return -EINVAL;
-
-@@ -638,16 +641,36 @@ int efi_runtime_call(struct xenpf_efi_runtime_call *op)
-
- if ( !efi_enabled(EFI_RS) || (efi_rs->Hdr.Revision >> 16) < 2 )
- return -EOPNOTSUPP;
-+
-+ /*
-+ * Bounce the variables onto the stack to make them 8 byte aligned when
-+ * called from the compat handler, as their placement in
-+ * compat_pf_efi_runtime_call will make them 4 byte aligned instead and
-+ * and compilers may validly complain.
-+ *
-+ * Note that while the function parameters are OUT only, copy the
-+ * values here anyway just in case. This is done regardless of whether
-+ * called from the compat handler or not, as it's not worth the extra
-+ * logic to differentiate.
-+ */
-+ max_store_size = op->u.query_variable_info.max_store_size;
-+ remain_store_size = op->u.query_variable_info.remain_store_size;
-+ max_size = op->u.query_variable_info.max_size;
-+
- state = efi_rs_enter();
- if ( !state.cr3 )
- return -EOPNOTSUPP;
- status = efi_rs->QueryVariableInfo(
-- op->u.query_variable_info.attr,
-- &op->u.query_variable_info.max_store_size,
-- &op->u.query_variable_info.remain_store_size,
-- &op->u.query_variable_info.max_size);
-+ op->u.query_variable_info.attr, &max_store_size, &remain_store_size,
-+ &max_size);
- efi_rs_leave(&state);
-+
-+ op->u.query_variable_info.max_store_size = max_store_size;
-+ op->u.query_variable_info.remain_store_size = remain_store_size;
-+ op->u.query_variable_info.max_size = max_size;
-+
- break;
-+ }
-
- case XEN_EFI_query_capsule_capabilities:
- case XEN_EFI_update_capsule:
---
-2.33.0
-
diff --git a/emulators/xen-kernel/files/0001-x86-mtrr-remove-stale-function-prototype.patch b/emulators/xen-kernel/files/0001-x86-mtrr-remove-stale-function-prototype.patch
deleted file mode 100644
index b4cd1a4061ce..000000000000
--- a/emulators/xen-kernel/files/0001-x86-mtrr-remove-stale-function-prototype.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From c8aaa97f84170192b05b3020a55c69f71d84629f Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= <roger.pau@citrix.com>
-Date: Mon, 31 May 2021 12:47:12 +0200
-Subject: [PATCH 1/3] x86/mtrr: remove stale function prototype
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Fixes: 1c84d04673 ('VMX: remove the problematic set_uc_mode logic')
-Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
-Acked-by: Jan Beulich <jbeulich@suse.com>
----
- xen/include/asm-x86/mtrr.h | 2 --
- 1 file changed, 2 deletions(-)
-
-diff --git a/xen/include/asm-x86/mtrr.h b/xen/include/asm-x86/mtrr.h
-index 4be704cb6a..24e5de5c22 100644
---- a/xen/include/asm-x86/mtrr.h
-+++ b/xen/include/asm-x86/mtrr.h
-@@ -78,8 +78,6 @@ extern u32 get_pat_flags(struct vcpu *v, u32 gl1e_flags, paddr_t gpaddr,
- extern int epte_get_entry_emt(struct domain *, unsigned long gfn, mfn_t mfn,
- unsigned int order, uint8_t *ipat,
- bool_t direct_mmio);
--extern void ept_change_entry_emt_with_range(
-- struct domain *d, unsigned long start_gfn, unsigned long end_gfn);
- extern unsigned char pat_type_2_pte_flags(unsigned char pat_type);
- extern int hold_mtrr_updates_on_aps;
- extern void mtrr_aps_sync_begin(void);
---
-2.31.1
-
diff --git a/emulators/xen-kernel/files/0001-x86-retpoline-split-retpoline-compiler-support-into-.patch b/emulators/xen-kernel/files/0001-x86-retpoline-split-retpoline-compiler-support-into-.patch
new file mode 100644
index 000000000000..bee5db0ab16c
--- /dev/null
+++ b/emulators/xen-kernel/files/0001-x86-retpoline-split-retpoline-compiler-support-into-.patch
@@ -0,0 +1,66 @@
+From e245bc154300b5d0367b64e8b937c9d1da508ad3 Mon Sep 17 00:00:00 2001
+From: Roger Pau Monne <roger.pau@citrix.com>
+Date: Fri, 18 Feb 2022 15:34:14 +0100
+Subject: [PATCH 1/2] x86/retpoline: split retpoline compiler support into
+ separate option
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Keep the previous option as a way to signal generic retpoline support
+regardless of the underlying compiler, while introducing a new
+CC_HAS_INDIRECT_THUNK that signals whether the underlying compiler
+supports retpoline.
+
+No functional change intended.
+
+Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
+Acked-by: Andrew Cooper <andrew.cooper3@citrix.com>
+---
+ xen/arch/x86/Kconfig | 6 +++++-
+ xen/arch/x86/arch.mk | 10 ++++++----
+ 2 files changed, 11 insertions(+), 5 deletions(-)
+
+diff --git a/xen/arch/x86/Kconfig b/xen/arch/x86/Kconfig
+index b4abfca46f..fe89fa7274 100644
+--- a/xen/arch/x86/Kconfig
++++ b/xen/arch/x86/Kconfig
+@@ -32,9 +32,13 @@ config ARCH_DEFCONFIG
+ string
+ default "arch/x86/configs/x86_64_defconfig"
+
+-config INDIRECT_THUNK
++config CC_HAS_INDIRECT_THUNK
+ def_bool $(cc-option,-mindirect-branch-register)
+
++config INDIRECT_THUNK
++ def_bool y
++ depends on CC_HAS_INDIRECT_THUNK
++
+ config HAS_AS_CET_SS
+ # binutils >= 2.29 or LLVM >= 6
+ def_bool $(as-instr,wrssq %rax$(comma)0;setssbsy)
+diff --git a/xen/arch/x86/arch.mk b/xen/arch/x86/arch.mk
+index bfd5eaa35f..15d0cbe487 100644
+--- a/xen/arch/x86/arch.mk
++++ b/xen/arch/x86/arch.mk
+@@ -42,10 +42,12 @@ CFLAGS += -mno-red-zone -fpic
+ # SSE setup for variadic function calls.
+ CFLAGS += -mno-sse $(call cc-option,$(CC),-mskip-rax-setup)
+
+-# Compile with thunk-extern, indirect-branch-register if avaiable.
+-CFLAGS-$(CONFIG_INDIRECT_THUNK) += -mindirect-branch=thunk-extern
+-CFLAGS-$(CONFIG_INDIRECT_THUNK) += -mindirect-branch-register
+-CFLAGS-$(CONFIG_INDIRECT_THUNK) += -fno-jump-tables
++ifeq ($(CONFIG_INDIRECT_THUNK),y)
++# Compile with gcc thunk-extern, indirect-branch-register if available.
++CFLAGS-$(CONFIG_CC_IS_GCC) += -mindirect-branch=thunk-extern
++CFLAGS-$(CONFIG_CC_IS_GCC) += -mindirect-branch-register
++CFLAGS-$(CONFIG_CC_IS_GCC) += -fno-jump-tables
++endif
+
+ # If supported by the compiler, reduce stack alignment to 8 bytes. But allow
+ # this to be overridden elsewhere.
+--
+2.35.1
+
diff --git a/emulators/xen-kernel/files/0001-x86-spec-ctrl-Drop-use_spec_ctrl-boolean.patch b/emulators/xen-kernel/files/0001-x86-spec-ctrl-Drop-use_spec_ctrl-boolean.patch
new file mode 100644
index 000000000000..42bde92c5de5
--- /dev/null
+++ b/emulators/xen-kernel/files/0001-x86-spec-ctrl-Drop-use_spec_ctrl-boolean.patch
@@ -0,0 +1,65 @@
+From 7f34b6a895d10744bab32fc843246c45da444d8b Mon Sep 17 00:00:00 2001
+From: Andrew Cooper <andrew.cooper3@citrix.com>
+Date: Tue, 25 Jan 2022 16:09:59 +0000
+Subject: [PATCH 1/2] x86/spec-ctrl: Drop use_spec_ctrl boolean
+
+Several bugfixes have reduced the utility of this variable from it's original
+purpose, and now all it does is aid in the setup of SCF_ist_wrmsr.
+
+Simplify the logic by drop the variable, and doubling up the setting of
+SCF_ist_wrmsr for the PV and HVM blocks, which will make the AMD SPEC_CTRL
+support easier to follow. Leave a comment explaining why SCF_ist_wrmsr is
+still necessary for the VMExit case.
+
+No functional change.
+
+Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
+Reviewed-by: Jan Beulich <jbeulich@suse.com>
+(cherry picked from commit ec083bf552c35e10347449e21809f4780f8155d2)
+---
+ xen/arch/x86/spec_ctrl.c | 14 ++++++++------
+ 1 file changed, 8 insertions(+), 6 deletions(-)
+
+diff --git a/xen/arch/x86/spec_ctrl.c b/xen/arch/x86/spec_ctrl.c
+index c18cc8aa49..8a550d0a09 100644
+--- a/xen/arch/x86/spec_ctrl.c
++++ b/xen/arch/x86/spec_ctrl.c
+@@ -927,7 +927,7 @@ static __init void mds_calculations(uint64_t caps)
+ void __init init_speculation_mitigations(void)
+ {
+ enum ind_thunk thunk = THUNK_DEFAULT;
+- bool use_spec_ctrl = false, ibrs = false, hw_smt_enabled;
++ bool ibrs = false, hw_smt_enabled;
+ bool cpu_has_bug_taa;
+ uint64_t caps = 0;
+
+@@ -1016,19 +1016,21 @@ void __init init_speculation_mitigations(void)
+ {
+ if ( opt_msr_sc_pv )
+ {
+- use_spec_ctrl = true;
++ default_spec_ctrl_flags |= SCF_ist_wrmsr;
+ setup_force_cpu_cap(X86_FEATURE_SC_MSR_PV);
+ }
+
+ if ( opt_msr_sc_hvm )
+ {
+- use_spec_ctrl = true;
++ /*
++ * While the guest MSR_SPEC_CTRL value is loaded/saved atomically,
++ * Xen's value is not restored atomically. An early NMI hitting
++ * the VMExit path needs to restore Xen's value for safety.
++ */
++ default_spec_ctrl_flags |= SCF_ist_wrmsr;
+ setup_force_cpu_cap(X86_FEATURE_SC_MSR_HVM);
+ }
+
+- if ( use_spec_ctrl )
+- default_spec_ctrl_flags |= SCF_ist_wrmsr;
+-
+ if ( ibrs )
+ default_xen_spec_ctrl |= SPEC_CTRL_IBRS;
+ }
+--
+2.35.1
+
diff --git a/emulators/xen-kernel/files/0002-x86-clang-add-retpoline-support.patch b/emulators/xen-kernel/files/0002-x86-clang-add-retpoline-support.patch
new file mode 100644
index 000000000000..e650a71b59ab
--- /dev/null
+++ b/emulators/xen-kernel/files/0002-x86-clang-add-retpoline-support.patch
@@ -0,0 +1,56 @@
+From 9412486707f8f1ca2eb31c2ef330c5e39c0a2f30 Mon Sep 17 00:00:00 2001
+From: Roger Pau Monne <roger.pau@citrix.com>
+Date: Fri, 18 Feb 2022 15:34:15 +0100
+Subject: [PATCH 2/2] x86/clang: add retpoline support
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Detect whether the compiler supports clang retpoline option and enable
+by default if available, just like it's done for gcc.
+
+Note clang already disables jump tables when retpoline is enabled, so
+there's no need to also pass the fno-jump-tables parameter. Also clang
+already passes the return address in a register always on amd64, so
+there's no need for any equivalent mindirect-branch-register
+parameter.
+
+Reported-by: Andrew Cooper <andrew.cooper3@citrix.com>
+Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
+Acked-by: Andrew Cooper <andrew.cooper3@citrix.com>
+---
+ xen/arch/x86/Kconfig | 3 ++-
+ xen/arch/x86/arch.mk | 3 +++
+ 2 files changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/xen/arch/x86/Kconfig b/xen/arch/x86/Kconfig
+index fe89fa7274..1465874097 100644
+--- a/xen/arch/x86/Kconfig
++++ b/xen/arch/x86/Kconfig
+@@ -33,7 +33,8 @@ config ARCH_DEFCONFIG
+ default "arch/x86/configs/x86_64_defconfig"
+
+ config CC_HAS_INDIRECT_THUNK
+- def_bool $(cc-option,-mindirect-branch-register)
++ def_bool $(cc-option,-mindirect-branch-register) || \
++ $(cc-option,-mretpoline-external-thunk)
+
+ config INDIRECT_THUNK
+ def_bool y
+diff --git a/xen/arch/x86/arch.mk b/xen/arch/x86/arch.mk
+index 15d0cbe487..edfc043dbb 100644
+--- a/xen/arch/x86/arch.mk
++++ b/xen/arch/x86/arch.mk
+@@ -47,6 +47,9 @@ ifeq ($(CONFIG_INDIRECT_THUNK),y)
+ CFLAGS-$(CONFIG_CC_IS_GCC) += -mindirect-branch=thunk-extern
+ CFLAGS-$(CONFIG_CC_IS_GCC) += -mindirect-branch-register
+ CFLAGS-$(CONFIG_CC_IS_GCC) += -fno-jump-tables
++
++# Enable clang retpoline support if available.
++CFLAGS-$(CONFIG_CC_IS_CLANG) += -mretpoline-external-thunk
+ endif
+
+ # If supported by the compiler, reduce stack alignment to 8 bytes. But allow
+--
+2.35.1
+
diff --git a/emulators/xen-kernel/files/0002-x86-mtrr-move-epte_get_entry_emt-to-p2m-ept.c.patch b/emulators/xen-kernel/files/0002-x86-mtrr-move-epte_get_entry_emt-to-p2m-ept.c.patch
deleted file mode 100644
index 5490b63534c0..000000000000
--- a/emulators/xen-kernel/files/0002-x86-mtrr-move-epte_get_entry_emt-to-p2m-ept.c.patch
+++ /dev/null
@@ -1,377 +0,0 @@
-From bad7fc7a20452f5ba5e2aaf0019affec7fa87271 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= <roger.pau@citrix.com>
-Date: Thu, 17 Jun 2021 17:58:11 +0200
-Subject: [PATCH 2/3] x86/mtrr: move epte_get_entry_emt to p2m-ept.c
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-This is an EPT specific function, so it shouldn't live in the generic
-mtrr file. Such movement is also needed for future work that will
-require passing a p2m_type_t parameter to epte_get_entry_emt, and
-making that type visible to the mtrr users is cumbersome and
-unneeded.
-
-Moving epte_get_entry_emt out of mtrr.c requires making the helper to
-get the MTRR type of an address from the mtrr state public. While
-there rename the function to start with the mtrr prefix, like other
-mtrr related functions.
-
-While there fix some of the types of the function parameters.
-
-No functional change intended.
-
-Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
-Reviewed-by: Jan Beulich <jbeulich@suse.com>
-Reviewed-by: Kevin Tian <kevin.tian@intel.com>
----
- xen/arch/x86/hvm/mtrr.c | 109 +---------------------------
- xen/arch/x86/mm/p2m-ept.c | 115 ++++++++++++++++++++++++++++--
- xen/include/asm-x86/hvm/vmx/vmx.h | 2 +
- xen/include/asm-x86/mtrr.h | 5 +-
- 4 files changed, 117 insertions(+), 114 deletions(-)
-
-diff --git a/xen/arch/x86/hvm/mtrr.c b/xen/arch/x86/hvm/mtrr.c
-index fb051d59c3..4a9f3177ed 100644
---- a/xen/arch/x86/hvm/mtrr.c
-+++ b/xen/arch/x86/hvm/mtrr.c
-@@ -194,8 +194,7 @@ void hvm_vcpu_cacheattr_destroy(struct vcpu *v)
- * May return a negative value when order > 0, indicating to the caller
- * that the respective mapping needs splitting.
- */
--static int get_mtrr_type(const struct mtrr_state *m,
-- paddr_t pa, unsigned int order)
-+int mtrr_get_type(const struct mtrr_state *m, paddr_t pa, unsigned int order)
- {
- uint8_t overlap_mtrr = 0;
- uint8_t overlap_mtrr_pos = 0;
-@@ -323,7 +322,7 @@ static uint8_t effective_mm_type(struct mtrr_state *m,
- * just use it
- */
- if ( gmtrr_mtype == NO_HARDCODE_MEM_TYPE )
-- mtrr_mtype = get_mtrr_type(m, gpa, 0);
-+ mtrr_mtype = mtrr_get_type(m, gpa, 0);
- else
- mtrr_mtype = gmtrr_mtype;
-
-@@ -350,7 +349,7 @@ uint32_t get_pat_flags(struct vcpu *v,
- guest_eff_mm_type = effective_mm_type(g, pat, gpaddr,
- gl1e_flags, gmtrr_mtype);
- /* 2. Get the memory type of host physical address, with MTRR */
-- shadow_mtrr_type = get_mtrr_type(&mtrr_state, spaddr, 0);
-+ shadow_mtrr_type = mtrr_get_type(&mtrr_state, spaddr, 0);
-
- /* 3. Find the memory type in PAT, with host MTRR memory type
- * and guest effective memory type.
-@@ -789,108 +788,6 @@ void memory_type_changed(struct domain *d)
- }
- }
-
--int epte_get_entry_emt(struct domain *d, unsigned long gfn, mfn_t mfn,
-- unsigned int order, uint8_t *ipat, bool_t direct_mmio)
--{
-- int gmtrr_mtype, hmtrr_mtype;
-- struct vcpu *v = current;
-- unsigned long i;
--
-- *ipat = 0;
--
-- if ( v->domain != d )
-- v = d->vcpu ? d->vcpu[0] : NULL;
--
-- /* Mask, not add, for order so it works with INVALID_MFN on unmapping */
-- if ( rangeset_overlaps_range(mmio_ro_ranges, mfn_x(mfn),
-- mfn_x(mfn) | ((1UL << order) - 1)) )
-- {
-- if ( !order || rangeset_contains_range(mmio_ro_ranges, mfn_x(mfn),
-- mfn_x(mfn) | ((1UL << order) - 1)) )
-- {
-- *ipat = 1;
-- return MTRR_TYPE_UNCACHABLE;
-- }
-- /* Force invalid memory type so resolve_misconfig() will split it */
-- return -1;
-- }
--
-- if ( !mfn_valid(mfn) )
-- {
-- *ipat = 1;
-- return MTRR_TYPE_UNCACHABLE;
-- }
--
-- if ( !direct_mmio && !is_iommu_enabled(d) && !cache_flush_permitted(d) )
-- {
-- *ipat = 1;
-- return MTRR_TYPE_WRBACK;
-- }
--
-- for ( i = 0; i < (1ul << order); i++ )
-- {
-- if ( is_special_page(mfn_to_page(mfn_add(mfn, i))) )
-- {
-- if ( order )
-- return -1;
-- *ipat = 1;
-- return MTRR_TYPE_WRBACK;
-- }
-- }
--
-- if ( direct_mmio )
-- return MTRR_TYPE_UNCACHABLE;
--
-- gmtrr_mtype = hvm_get_mem_pinned_cacheattr(d, _gfn(gfn), order);
-- if ( gmtrr_mtype >= 0 )
-- {
-- *ipat = 1;
-- return gmtrr_mtype != PAT_TYPE_UC_MINUS ? gmtrr_mtype
-- : MTRR_TYPE_UNCACHABLE;
-- }
-- if ( gmtrr_mtype == -EADDRNOTAVAIL )
-- return -1;
--
-- gmtrr_mtype = is_hvm_domain(d) && v ?
-- get_mtrr_type(&v->arch.hvm.mtrr,
-- gfn << PAGE_SHIFT, order) :
-- MTRR_TYPE_WRBACK;
-- hmtrr_mtype = get_mtrr_type(&mtrr_state, mfn_x(mfn) << PAGE_SHIFT, order);
-- if ( gmtrr_mtype < 0 || hmtrr_mtype < 0 )
-- return -1;
--
-- /* If both types match we're fine. */
-- if ( likely(gmtrr_mtype == hmtrr_mtype) )
-- return hmtrr_mtype;
--
-- /* If either type is UC, we have to go with that one. */
-- if ( gmtrr_mtype == MTRR_TYPE_UNCACHABLE ||
-- hmtrr_mtype == MTRR_TYPE_UNCACHABLE )
-- return MTRR_TYPE_UNCACHABLE;
--
-- /* If either type is WB, we have to go with the other one. */
-- if ( gmtrr_mtype == MTRR_TYPE_WRBACK )
-- return hmtrr_mtype;
-- if ( hmtrr_mtype == MTRR_TYPE_WRBACK )
-- return gmtrr_mtype;
--
-- /*
-- * At this point we have disagreeing WC, WT, or WP types. The only
-- * combination that can be cleanly resolved is WT:WP. The ones involving
-- * WC need to be converted to UC, both due to the memory ordering
-- * differences and because WC disallows reads to be cached (WT and WP
-- * permit this), while WT and WP require writes to go straight to memory
-- * (WC can buffer them).
-- */
-- if ( (gmtrr_mtype == MTRR_TYPE_WRTHROUGH &&
-- hmtrr_mtype == MTRR_TYPE_WRPROT) ||
-- (gmtrr_mtype == MTRR_TYPE_WRPROT &&
-- hmtrr_mtype == MTRR_TYPE_WRTHROUGH) )
-- return MTRR_TYPE_WRPROT;
--
-- return MTRR_TYPE_UNCACHABLE;
--}
--
- /*
- * Local variables:
- * mode: C
-diff --git a/xen/arch/x86/mm/p2m-ept.c b/xen/arch/x86/mm/p2m-ept.c
-index 23d411f01d..542fe5ef34 100644
---- a/xen/arch/x86/mm/p2m-ept.c
-+++ b/xen/arch/x86/mm/p2m-ept.c
-@@ -20,6 +20,7 @@
- #include <public/hvm/dm_op.h>
- #include <asm/altp2m.h>
- #include <asm/current.h>
-+#include <asm/iocap.h>
- #include <asm/paging.h>
- #include <asm/types.h>
- #include <asm/domain.h>
-@@ -485,6 +486,109 @@ static int ept_invalidate_emt_range(struct p2m_domain *p2m,
- return rc;
- }
-
-+int epte_get_entry_emt(struct domain *d, gfn_t gfn, mfn_t mfn,
-+ unsigned int order, bool *ipat, bool direct_mmio)
-+{
-+ int gmtrr_mtype, hmtrr_mtype;
-+ struct vcpu *v = current;
-+ unsigned long i;
-+
-+ *ipat = false;
-+
-+ if ( v->domain != d )
-+ v = d->vcpu ? d->vcpu[0] : NULL;
-+
-+ /* Mask, not add, for order so it works with INVALID_MFN on unmapping */
-+ if ( rangeset_overlaps_range(mmio_ro_ranges, mfn_x(mfn),
-+ mfn_x(mfn) | ((1UL << order) - 1)) )
-+ {
-+ if ( !order || rangeset_contains_range(mmio_ro_ranges, mfn_x(mfn),
-+ mfn_x(mfn) | ((1UL << order) - 1)) )
-+ {
-+ *ipat = true;
-+ return MTRR_TYPE_UNCACHABLE;
-+ }
-+ /* Force invalid memory type so resolve_misconfig() will split it */
-+ return -1;
-+ }
-+
-+ if ( !mfn_valid(mfn) )
-+ {
-+ *ipat = true;
-+ return MTRR_TYPE_UNCACHABLE;
-+ }
-+
-+ if ( !direct_mmio && !is_iommu_enabled(d) && !cache_flush_permitted(d) )
-+ {
-+ *ipat = true;
-+ return MTRR_TYPE_WRBACK;
-+ }
-+
-+ for ( i = 0; i < (1ul << order); i++ )
-+ {
-+ if ( is_special_page(mfn_to_page(mfn_add(mfn, i))) )
-+ {
-+ if ( order )
-+ return -1;
-+ *ipat = true;
-+ return MTRR_TYPE_WRBACK;
-+ }
-+ }
-+
-+ if ( direct_mmio )
-+ return MTRR_TYPE_UNCACHABLE;
-+
-+ gmtrr_mtype = hvm_get_mem_pinned_cacheattr(d, gfn, order);
-+ if ( gmtrr_mtype >= 0 )
-+ {
-+ *ipat = true;
-+ return gmtrr_mtype != PAT_TYPE_UC_MINUS ? gmtrr_mtype
-+ : MTRR_TYPE_UNCACHABLE;
-+ }
-+ if ( gmtrr_mtype == -EADDRNOTAVAIL )
-+ return -1;
-+
-+ gmtrr_mtype = is_hvm_domain(d) && v ?
-+ mtrr_get_type(&v->arch.hvm.mtrr,
-+ gfn << PAGE_SHIFT, order) :
-+ MTRR_TYPE_WRBACK;
-+ hmtrr_mtype = mtrr_get_type(&mtrr_state, mfn_x(mfn) << PAGE_SHIFT,
-+ order);
-+ if ( gmtrr_mtype < 0 || hmtrr_mtype < 0 )
-+ return -1;
-+
-+ /* If both types match we're fine. */
-+ if ( likely(gmtrr_mtype == hmtrr_mtype) )
-+ return hmtrr_mtype;
-+
-+ /* If either type is UC, we have to go with that one. */
-+ if ( gmtrr_mtype == MTRR_TYPE_UNCACHABLE ||
-+ hmtrr_mtype == MTRR_TYPE_UNCACHABLE )
-+ return MTRR_TYPE_UNCACHABLE;
-+
-+ /* If either type is WB, we have to go with the other one. */
-+ if ( gmtrr_mtype == MTRR_TYPE_WRBACK )
-+ return hmtrr_mtype;
-+ if ( hmtrr_mtype == MTRR_TYPE_WRBACK )
-+ return gmtrr_mtype;
-+
-+ /*
-+ * At this point we have disagreeing WC, WT, or WP types. The only
-+ * combination that can be cleanly resolved is WT:WP. The ones involving
-+ * WC need to be converted to UC, both due to the memory ordering
-+ * differences and because WC disallows reads to be cached (WT and WP
-+ * permit this), while WT and WP require writes to go straight to memory
-+ * (WC can buffer them).
-+ */
-+ if ( (gmtrr_mtype == MTRR_TYPE_WRTHROUGH &&
-+ hmtrr_mtype == MTRR_TYPE_WRPROT) ||
-+ (gmtrr_mtype == MTRR_TYPE_WRPROT &&
-+ hmtrr_mtype == MTRR_TYPE_WRTHROUGH) )
-+ return MTRR_TYPE_WRPROT;
-+
-+ return MTRR_TYPE_UNCACHABLE;
-+}
-+
- /*
- * Resolve deliberately mis-configured (EMT field set to an invalid value)
- * entries in the page table hierarchy for the given GFN:
-@@ -519,7 +623,7 @@ static int resolve_misconfig(struct p2m_domain *p2m, unsigned long gfn)
-
- if ( level == 0 || is_epte_superpage(&e) )
- {
-- uint8_t ipat = 0;
-+ bool ipat;
-
- if ( e.emt != MTRR_NUM_TYPES )
- break;
-@@ -535,7 +639,7 @@ static int resolve_misconfig(struct p2m_domain *p2m, unsigned long gfn)
- e.emt = 0;
- if ( !is_epte_valid(&e) || !is_epte_present(&e) )
- continue;
-- e.emt = epte_get_entry_emt(p2m->domain, gfn + i,
-+ e.emt = epte_get_entry_emt(p2m->domain, _gfn(gfn + i),
- _mfn(e.mfn), 0, &ipat,
- e.sa_p2mt == p2m_mmio_direct);
- e.ipat = ipat;
-@@ -553,7 +657,8 @@ static int resolve_misconfig(struct p2m_domain *p2m, unsigned long gfn)
- }
- else
- {
-- int emt = epte_get_entry_emt(p2m->domain, gfn, _mfn(e.mfn),
-+ int emt = epte_get_entry_emt(p2m->domain, _gfn(gfn),
-+ _mfn(e.mfn),
- level * EPT_TABLE_ORDER, &ipat,
- e.sa_p2mt == p2m_mmio_direct);
- bool_t recalc = e.recalc;
-@@ -678,7 +783,7 @@ ept_set_entry(struct p2m_domain *p2m, gfn_t gfn_, mfn_t mfn,
- int ret, rc = 0;
- bool_t entry_written = 0;
- bool_t direct_mmio = (p2mt == p2m_mmio_direct);
-- uint8_t ipat = 0;
-+ bool ipat = false;
- bool_t need_modify_vtd_table = 1;
- bool_t vtd_pte_present = 0;
- unsigned int iommu_flags = p2m_get_iommu_flags(p2mt, mfn);
-@@ -790,7 +895,7 @@ ept_set_entry(struct p2m_domain *p2m, gfn_t gfn_, mfn_t mfn,
-
- if ( mfn_valid(mfn) || p2m_allows_invalid_mfn(p2mt) )
- {
-- int emt = epte_get_entry_emt(p2m->domain, gfn, mfn,
-+ int emt = epte_get_entry_emt(p2m->domain, _gfn(gfn), mfn,
- i * EPT_TABLE_ORDER, &ipat, direct_mmio);
-
- if ( emt >= 0 )
-diff --git a/xen/include/asm-x86/hvm/vmx/vmx.h b/xen/include/asm-x86/hvm/vmx/vmx.h
-index 534e9fc221..f668ee1f09 100644
---- a/xen/include/asm-x86/hvm/vmx/vmx.h
-+++ b/xen/include/asm-x86/hvm/vmx/vmx.h
-@@ -599,6 +599,8 @@ void ept_p2m_uninit(struct p2m_domain *p2m);
-
- void ept_walk_table(struct domain *d, unsigned long gfn);
- bool_t ept_handle_misconfig(uint64_t gpa);
-+int epte_get_entry_emt(struct domain *d, gfn_t gfn, mfn_t mfn,
-+ unsigned int order, bool *ipat, bool direct_mmio);
- void setup_ept_dump(void);
- void p2m_init_altp2m_ept(struct domain *d, unsigned int i);
- /* Locate an alternate p2m by its EPTP */
-diff --git a/xen/include/asm-x86/mtrr.h b/xen/include/asm-x86/mtrr.h
-index 24e5de5c22..e0fd1005ce 100644
---- a/xen/include/asm-x86/mtrr.h
-+++ b/xen/include/asm-x86/mtrr.h
-@@ -72,12 +72,11 @@ extern int mtrr_add_page(unsigned long base, unsigned long size,
- unsigned int type, char increment);
- extern int mtrr_del(int reg, unsigned long base, unsigned long size);
- extern int mtrr_del_page(int reg, unsigned long base, unsigned long size);
-+extern int mtrr_get_type(const struct mtrr_state *m, paddr_t pa,
-+ unsigned int order);
- extern void mtrr_centaur_report_mcr(int mcr, u32 lo, u32 hi);
- extern u32 get_pat_flags(struct vcpu *v, u32 gl1e_flags, paddr_t gpaddr,
- paddr_t spaddr, uint8_t gmtrr_mtype);
--extern int epte_get_entry_emt(struct domain *, unsigned long gfn, mfn_t mfn,
-- unsigned int order, uint8_t *ipat,
-- bool_t direct_mmio);
- extern unsigned char pat_type_2_pte_flags(unsigned char pat_type);
- extern int hold_mtrr_updates_on_aps;
- extern void mtrr_aps_sync_begin(void);
---
-2.31.1
-
diff --git a/emulators/xen-kernel/files/0002-x86-spec-ctrl-Introduce-new-has_spec_ctrl-boolean.patch b/emulators/xen-kernel/files/0002-x86-spec-ctrl-Introduce-new-has_spec_ctrl-boolean.patch
new file mode 100644
index 000000000000..7b6b1e062721
--- /dev/null
+++ b/emulators/xen-kernel/files/0002-x86-spec-ctrl-Introduce-new-has_spec_ctrl-boolean.patch
@@ -0,0 +1,97 @@
+From 08fc03c855c071e9b1aaaa96403f2a90433336a7 Mon Sep 17 00:00:00 2001
+From: Andrew Cooper <andrew.cooper3@citrix.com>
+Date: Tue, 25 Jan 2022 17:14:48 +0000
+Subject: [PATCH 2/2] x86/spec-ctrl: Introduce new has_spec_ctrl boolean
+
+Most MSR_SPEC_CTRL setup will be common between Intel and AMD. Instead of
+opencoding an OR of two features everywhere, introduce has_spec_ctrl instead.
+
+Reword the comment above the Intel specific alternatives block to highlight
+that it is Intel specific, and pull the setting of default_xen_spec_ctrl.IBRS
+out because it will want to be common.
+
+No functional change.
+
+Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
+Reviewed-by: Jan Beulich <jbeulich@suse.com>
+(cherry picked from commit 5d9eff3a312763d889cfbf3c8468b6dfb3ab490c)
+---
+ xen/arch/x86/spec_ctrl.c | 22 +++++++++++-----------
+ 1 file changed, 11 insertions(+), 11 deletions(-)
+
+diff --git a/xen/arch/x86/spec_ctrl.c b/xen/arch/x86/spec_ctrl.c
+index 8a550d0a09..2072daf662 100644
+--- a/xen/arch/x86/spec_ctrl.c
++++ b/xen/arch/x86/spec_ctrl.c
+@@ -927,7 +927,7 @@ static __init void mds_calculations(uint64_t caps)
+ void __init init_speculation_mitigations(void)
+ {
+ enum ind_thunk thunk = THUNK_DEFAULT;
+- bool ibrs = false, hw_smt_enabled;
++ bool has_spec_ctrl, ibrs = false, hw_smt_enabled;
+ bool cpu_has_bug_taa;
+ uint64_t caps = 0;
+
+@@ -936,6 +936,8 @@ void __init init_speculation_mitigations(void)
+
+ hw_smt_enabled = check_smt_enabled();
+
++ has_spec_ctrl = boot_cpu_has(X86_FEATURE_IBRSB);
++
+ /*
+ * First, disable the use of retpolines if Xen is using shadow stacks, as
+ * they are incompatible.
+@@ -973,11 +975,11 @@ void __init init_speculation_mitigations(void)
+ */
+ else if ( retpoline_safe(caps) )
+ thunk = THUNK_RETPOLINE;
+- else if ( boot_cpu_has(X86_FEATURE_IBRSB) )
++ else if ( has_spec_ctrl )
+ ibrs = true;
+ }
+ /* Without compiler thunk support, use IBRS if available. */
+- else if ( boot_cpu_has(X86_FEATURE_IBRSB) )
++ else if ( has_spec_ctrl )
+ ibrs = true;
+ }
+
+@@ -1008,10 +1010,7 @@ void __init init_speculation_mitigations(void)
+ else if ( thunk == THUNK_JMP )
+ setup_force_cpu_cap(X86_FEATURE_IND_THUNK_JMP);
+
+- /*
+- * If we are on hardware supporting MSR_SPEC_CTRL, see about setting up
+- * the alternatives blocks so we can virtualise support for guests.
+- */
++ /* Intel hardware: MSR_SPEC_CTRL alternatives setup. */
+ if ( boot_cpu_has(X86_FEATURE_IBRSB) )
+ {
+ if ( opt_msr_sc_pv )
+@@ -1030,11 +1029,12 @@ void __init init_speculation_mitigations(void)
+ default_spec_ctrl_flags |= SCF_ist_wrmsr;
+ setup_force_cpu_cap(X86_FEATURE_SC_MSR_HVM);
+ }
+-
+- if ( ibrs )
+- default_xen_spec_ctrl |= SPEC_CTRL_IBRS;
+ }
+
++ /* If we have IBRS available, see whether we should use it. */
++ if ( has_spec_ctrl && ibrs )
++ default_xen_spec_ctrl |= SPEC_CTRL_IBRS;
++
+ /* If we have SSBD available, see whether we should use it. */
+ if ( boot_cpu_has(X86_FEATURE_SSBD) && opt_ssbd )
+ default_xen_spec_ctrl |= SPEC_CTRL_SSBD;
+@@ -1268,7 +1268,7 @@ void __init init_speculation_mitigations(void)
+ * boot won't have any other code running in a position to mount an
+ * attack.
+ */
+- if ( boot_cpu_has(X86_FEATURE_IBRSB) )
++ if ( has_spec_ctrl )
+ {
+ bsp_delay_spec_ctrl = !cpu_has_hypervisor && default_xen_spec_ctrl;
+
+--
+2.35.1
+
diff --git a/emulators/xen-kernel/files/0003-x86-ept-force-WB-cache-attributes-for-grant-and-fore.patch b/emulators/xen-kernel/files/0003-x86-ept-force-WB-cache-attributes-for-grant-and-fore.patch
deleted file mode 100644
index 8119283dd746..000000000000
--- a/emulators/xen-kernel/files/0003-x86-ept-force-WB-cache-attributes-for-grant-and-fore.patch
+++ /dev/null
@@ -1,139 +0,0 @@
-From 8ce6832518035a17e2d89a98235359f3d551f2c1 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= <roger.pau@citrix.com>
-Date: Thu, 17 Jun 2021 18:00:57 +0200
-Subject: [PATCH 3/3] x86/ept: force WB cache attributes for grant and foreign
- maps
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Force WB type for grants and foreign pages. Those are usually mapped
-over unpopulated physical ranges in the p2m, and those ranges would
-usually be UC in the MTRR state, which is unlikely to be the correct
-cache attribute. It's also cumbersome (or even impossible) for the
-guest to be setting the MTRR type for all those mappings as WB, as
-MTRR ranges are finite.
-
-Note that this is not an issue on AMD because WB cache attribute is
-already set on grants and foreign mappings in the p2m and MTRR types
-are ignored. Also on AMD Xen cannot force a cache attribute because of
-the lack of ignore PAT equivalent, so the behavior here slightly
-diverges between AMD and Intel (or EPT vs NPT/shadow).
-
-Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
-Reviewed-by: Jan Beulich <jbeulich@suse.com>
-Reviewed-by: Kevin Tian <kevin.tian@intel.com>
----
- xen/arch/x86/mm/p2m-ept.c | 38 +++++++++++++++++++++++++------
- xen/include/asm-x86/hvm/vmx/vmx.h | 2 +-
- 2 files changed, 32 insertions(+), 8 deletions(-)
-
-diff --git a/xen/arch/x86/mm/p2m-ept.c b/xen/arch/x86/mm/p2m-ept.c
*** 614 LINES SKIPPED ***