Commit b1ddd406 authored by Arnd Bergmann's avatar Arnd Bergmann Committed by Juergen Gross
Browse files

xen: remove pre-xen3 fallback handlers 



The legacy hypercall handlers were originally added with
a comment explaining that "copying the argument structures in
HYPERVISOR_event_channel_op() and HYPERVISOR_physdev_op() into the local
variable is sufficiently safe" and only made sure to not write
past the end of the argument structure, the checks in linux/string.h
disagree with that, when link-time optimizations are used:

In function 'memcpy',
    inlined from 'pirq_query_unmask' at drivers/xen/fallback.c:53:2,
    inlined from '__startup_pirq' at drivers/xen/events/events_base.c:529:2,
    inlined from 'restore_pirqs' at drivers/xen/events/events_base.c:1439:3,
    inlined from 'xen_irq_resume' at drivers/xen/events/events_base.c:1581:2:
include/linux/string.h:350:3: error: call to '__read_overflow2' declared with attribute error: detected read beyond size of object passed as 2nd parameter
   __read_overflow2();
   ^

Further research turned out that only Xen 3.0.2 or earlier required the
fallback at all, while all versions in use today don't need it.
As far as I can tell, it is not even possible to run a mainline kernel
on those old Xen releases, at the time when they were in use, only
a patched kernel was supported anyway.

Fixes: cf47a83f ("xen/hypercall: fix hypercall fallback code for very old hypervisors")
Reviewed-by: default avatarBoris Ostrovsky <boris.ostrovsky@oracle.com>
Cc: Jan Beulich <JBeulich@suse.com>
Signed-off-by: default avatarArnd Bergmann <arnd@arndb.de>
Signed-off-by: default avatarJuergen Gross <jgross@suse.com>
parent 85eb278c

arch/x86/include/asm/xen/hypercall.h

+2 −11
Original line number Diff line number Diff line
@@ -332,15 +332,11 @@ HYPERVISOR_update_va_mapping(unsigned long va, pte_t new_val, 
		return _hypercall4(int, update_va_mapping, va,

				   new_val.pte, new_val.pte >> 32, flags);

}

extern int __must_check xen_event_channel_op_compat(int, void *);



static inline int

HYPERVISOR_event_channel_op(int cmd, void *arg)

{

	int rc = _hypercall2(int, event_channel_op, cmd, arg);

	if (unlikely(rc == -ENOSYS))

		rc = xen_event_channel_op_compat(cmd, arg);

	return rc;

	return _hypercall2(int, event_channel_op, cmd, arg);

}



static inline int
@@ -355,15 +351,10 @@ HYPERVISOR_console_io(int cmd, int count, char *str) 
	return _hypercall3(int, console_io, cmd, count, str);

}



extern int __must_check xen_physdev_op_compat(int, void *);



static inline int

HYPERVISOR_physdev_op(int cmd, void *arg)

{

	int rc = _hypercall2(int, physdev_op, cmd, arg);

	if (unlikely(rc == -ENOSYS))

		rc = xen_physdev_op_compat(cmd, arg);

	return rc;

	return _hypercall2(int, physdev_op, cmd, arg);

}



static inline int

drivers/xen/Makefile

+0 −1
Original line number Diff line number Diff line 
# SPDX-License-Identifier: GPL-2.0

obj-$(CONFIG_HOTPLUG_CPU)		+= cpu_hotplug.o

obj-$(CONFIG_X86)			+= fallback.o

obj-y	+= grant-table.o features.o balloon.o manage.o preempt.o time.o

obj-y	+= mem-reservation.o

obj-y	+= events/

drivers/xen/fallback.c

deleted100644 → 0
+0 −81
Original line number Diff line number Diff line 
#include <linux/kernel.h>

#include <linux/string.h>

#include <linux/bug.h>

#include <linux/export.h>

#include <asm/hypervisor.h>

#include <asm/xen/hypercall.h>



int xen_event_channel_op_compat(int cmd, void *arg)

{

	struct evtchn_op op;

	int rc;



	op.cmd = cmd;

	memcpy(&op.u, arg, sizeof(op.u));

	rc = _hypercall1(int, event_channel_op_compat, &op);



	switch (cmd) {

	case EVTCHNOP_close:

	case EVTCHNOP_send:

	case EVTCHNOP_bind_vcpu:

	case EVTCHNOP_unmask:

		/* no output */

		break;



#define COPY_BACK(eop) \

	case EVTCHNOP_##eop: \

		memcpy(arg, &op.u.eop, sizeof(op.u.eop)); \

		break



	COPY_BACK(bind_interdomain);

	COPY_BACK(bind_virq);

	COPY_BACK(bind_pirq);

	COPY_BACK(status);

	COPY_BACK(alloc_unbound);

	COPY_BACK(bind_ipi);

#undef COPY_BACK



	default:

		WARN_ON(rc != -ENOSYS);

		break;

	}



	return rc;

}

EXPORT_SYMBOL_GPL(xen_event_channel_op_compat);



int xen_physdev_op_compat(int cmd, void *arg)

{

	struct physdev_op op;

	int rc;



	op.cmd = cmd;

	memcpy(&op.u, arg, sizeof(op.u));

	rc = _hypercall1(int, physdev_op_compat, &op);



	switch (cmd) {

	case PHYSDEVOP_IRQ_UNMASK_NOTIFY:

	case PHYSDEVOP_set_iopl:

	case PHYSDEVOP_set_iobitmap:

	case PHYSDEVOP_apic_write:

		/* no output */

		break;



#define COPY_BACK(pop, fld) \

	case PHYSDEVOP_##pop: \

		memcpy(arg, &op.u.fld, sizeof(op.u.fld)); \

		break



	COPY_BACK(irq_status_query, irq_status_query);

	COPY_BACK(apic_read, apic_op);

	COPY_BACK(ASSIGN_VECTOR, irq_op);

#undef COPY_BACK



	default:

		WARN_ON(rc != -ENOSYS);

		break;

	}



	return rc;

}

EXPORT_SYMBOL_GPL(xen_physdev_op_compat);

CRA Git | Maintained and supported by SUSTech CRA and CCSE