hvm/mtrr: use the hardware number of variable ranges for Dom0

Expand the size of the variable ranges array to match the size of the
underlying hardware, this is a preparatory change for copying the
hardware MTRR state for Dom0.

Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>

diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index 3e2abeb2740188a500a7852bfd8de70d860e5445..c7eb943ed36ddcc4049146751106abffef2c9cd7 100644 (file)
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -3476,10 +3476,13 @@ int hvm_msr_read_intercept(unsigned int msr, uint64_t *msr_content)
         index = msr - MSR_MTRRfix4K_C0000;
         *msr_content = fixed_range_base[index + 3];
         break;
-    case MSR_IA32_MTRR_PHYSBASE(0)...MSR_IA32_MTRR_PHYSMASK(MTRR_VCNT-1):
+    case MSR_IA32_MTRR_PHYSBASE(0)...MSR_IA32_MTRR_PHYSMASK(MTRR_VCNT_MAX - 1):
         if ( !d->arch.cpuid->basic.mtrr )
             goto gp_fault;
         index = msr - MSR_IA32_MTRR_PHYSBASE(0);
+        if ( (index / 2) >=
+             MASK_EXTR(v->arch.hvm_vcpu.mtrr.mtrr_cap, MTRRcap_VCNT) )
+            goto gp_fault;
         *msr_content = var_range_base[index];
         break;
 
@@ -3637,10 +3640,13 @@ int hvm_msr_write_intercept(unsigned int msr, uint64_t msr_content,
                                      index, msr_content) )
             goto gp_fault;
         break;
-    case MSR_IA32_MTRR_PHYSBASE(0)...MSR_IA32_MTRR_PHYSMASK(MTRR_VCNT-1):
+    case MSR_IA32_MTRR_PHYSBASE(0)...MSR_IA32_MTRR_PHYSMASK(MTRR_VCNT_MAX - 1):
         if ( !d->arch.cpuid->basic.mtrr )
             goto gp_fault;
-        if ( !mtrr_var_range_msr_set(v->domain, &v->arch.hvm_vcpu.mtrr,
+        index = msr - MSR_IA32_MTRR_PHYSBASE(0);
+        if ( ((index / 2) >=
+              MASK_EXTR(v->arch.hvm_vcpu.mtrr.mtrr_cap, MTRRcap_VCNT)) ||
+             !mtrr_var_range_msr_set(v->domain, &v->arch.hvm_vcpu.mtrr,
                                      msr, msr_content) )
             goto gp_fault;
         break;

diff --git a/xen/arch/x86/hvm/mtrr.c b/xen/arch/x86/hvm/mtrr.c
index 7db0d473e8aead17bc0e297d74b51212f9096483..4021d972fef4b201c9917d240a461c3c9c2afa45 100644 (file)
--- a/xen/arch/x86/hvm/mtrr.c
+++ b/xen/arch/x86/hvm/mtrr.c
@@ -154,14 +154,26 @@ uint8_t pat_type_2_pte_flags(uint8_t pat_type)
 int hvm_vcpu_cacheattr_init(struct vcpu *v)
 {
     struct mtrr_state *m = &v->arch.hvm_vcpu.mtrr;
+    unsigned int num_var_ranges =
+        is_hardware_domain(v->domain) ? MASK_EXTR(mtrr_state.mtrr_cap,
+                                                  MTRRcap_VCNT)
+                                      : MTRR_VCNT;
+
+    if ( num_var_ranges > MTRR_VCNT_MAX )
+    {
+        ASSERT(is_hardware_domain(v->domain));
+        printk("WARNING: limited Dom%u variable range MTRRs from %u to %u\n",
+               v->domain->domain_id, num_var_ranges, MTRR_VCNT_MAX);
+        num_var_ranges = MTRR_VCNT_MAX;
+    }
 
     memset(m, 0, sizeof(*m));
 
-    m->var_ranges = xzalloc_array(struct mtrr_var_range, MTRR_VCNT);
+    m->var_ranges = xzalloc_array(struct mtrr_var_range, num_var_ranges);
     if ( m->var_ranges == NULL )
         return -ENOMEM;
 
-    m->mtrr_cap = (1u << 10) | (1u << 8) | MTRR_VCNT;
+    m->mtrr_cap = (1u << 10) | (1u << 8) | num_var_ranges;
 
     v->arch.hvm_vcpu.pat_cr =
         ((uint64_t)PAT_TYPE_WRBACK) |               /* PAT0: WB */
@@ -448,6 +460,12 @@ bool_t mtrr_var_range_msr_set(
     uint64_t *var_range_base = (uint64_t*)m->var_ranges;
 
     index = msr - MSR_IA32_MTRR_PHYSBASE(0);
+    if ( (index / 2) >= MASK_EXTR(m->mtrr_cap, MTRRcap_VCNT) )
+    {
+        ASSERT_UNREACHABLE();
+        return 0;
+    }
+
     if ( var_range_base[index] == msr_content )
         return 1;
 
@@ -691,6 +709,15 @@ static int hvm_save_mtrr_msr(struct domain *d, hvm_domain_context_t *h)
         };
         unsigned int i;
 
+        if ( MASK_EXTR(hw_mtrr.msr_mtrr_cap, MTRRcap_VCNT) >
+             (ARRAY_SIZE(hw_mtrr.msr_mtrr_var) / 2) )
+        {
+            dprintk(XENLOG_G_ERR,
+                    "HVM save: %pv: too many (%lu) variable range MTRRs\n",
+                    v, MASK_EXTR(hw_mtrr.msr_mtrr_cap, MTRRcap_VCNT));
+            return -EINVAL;
+        }
+
         hvm_get_guest_pat(v, &hw_mtrr.msr_pat_cr);
 
         for ( i = 0; i < MASK_EXTR(hw_mtrr.msr_mtrr_cap, MTRRcap_VCNT); i++ )

diff --git a/xen/include/asm-x86/mtrr.h b/xen/include/asm-x86/mtrr.h
index b1f7af6396e125f824e445377edf211f429a471b..72d0690e287217161f497f911e065e4a93c15461 100644 (file)
--- a/xen/include/asm-x86/mtrr.h
+++ b/xen/include/asm-x86/mtrr.h
@@ -39,6 +39,9 @@ typedef u8 mtrr_type;
 #define MTRR_PHYSBASE_SHIFT      12
 /* Number of variable range MSR pairs we emulate for HVM guests: */
 #define MTRR_VCNT                8
+/* Maximum number of variable range MSR pairs if FE is supported. */
+#define MTRR_VCNT_MAX            ((MSR_MTRRfix64K_00000 - \
+                                   MSR_IA32_MTRR_PHYSBASE(0)) / 2)
 
 struct mtrr_var_range {
        uint64_t base;