From nobody Thu Jun 30 06:54:21 2022
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id D34FE8782E3;
	Thu, 30 Jun 2022 06:54:21 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4LYTb15bQzz3NW2;
	Thu, 30 Jun 2022 06:54:21 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1656572061;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=QPoFo2feOQqId7NoerKcOCX5bVzfNczk0U+27JrqwWg=;
	b=fDE7gWSN5898/C11R/nfRcqFjyo8K+pezSyyC2bsbSt2aqXp801n3vLi9b/0qxJHfMiA48
	GVbHSYcu/PBmP9SsXWBJglxthHj4YXFT9ke8K0l9e5KboK5kgOtMLgrupcaU7pAVv4FlLx
	nbrvL0QkV1QYtYkRFc4wbgg6jLozzDx9KOV9jg4+Iux+ZGyRLpZbx127xfm2m9cNdRrKg+
	uXIemYWjy6H7ZEkNhLC2dKf1SrpsY7Sxo941irZeR/POwPWK4X5u7P5XgvC8OtYtZfzP4W
	HD54e4oGlsIt1e+gteIFeegsMvD1EdEgUOq51Y4WSobu7KVaXQqETT5NsD4zAA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id A03AF2164B;
	Thu, 30 Jun 2022 06:54:21 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 25U6sLWY056496;
	Thu, 30 Jun 2022 06:54:21 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 25U6sLSs056495;
	Thu, 30 Jun 2022 06:54:21 GMT
	(envelope-from git)
Date: Thu, 30 Jun 2022 06:54:21 GMT
Message-Id: <202206300654.25U6sLSs056495@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-main@FreeBSD.org
From: =?utf-8?Q?Roger=20Pau=20Monn=C3=A9?= <royger@FreeBSD.org>
Subject: git: 77cb05db0cee - main - x86/xen: stop assuming kernel memory loading order in PVH
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-all@freebsd.org
X-BeenThere: dev-commits-src-all@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: royger
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 77cb05db0cee0b052cc1a75da0741eb404eed473
Auto-Submitted: auto-generated
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1656572061;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=QPoFo2feOQqId7NoerKcOCX5bVzfNczk0U+27JrqwWg=;
	b=dwsbJ6yJrOCizXdLY9If57PpEevciasyMEe14196V3KJUYZPPNvRDWoNePm3/kFwVBLym5
	2llTopBYMNKFvr1gLW/3/qWUYSXGOrrLARUUhUQQZiOgfDEea0F3Vbx3Z0CN806EUvmsxQ
	6oBtJq6FAV523Cy8+Kk8dBoOT3o10asSPbFccaMzudhoN0VRPPbvegTiOgYREeHXC+d6Z+
	S4JDHt+iYI64vQMg1S4BhKmiF7eioH5xPWQfGpiaEdghTW0sADp33PDGnLKUofBAa8Yaf8
	ZLDw6h0os8xgiXmh6nnX7AbIyd4tQbhyufZ6sl7XUScCXJD/rWYHTinIHhA5mg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1656572061; a=rsa-sha256; cv=none;
	b=sGg164xzied4ulnCjwrkA2q5GhJrQBump9l85Kw8od7YKRAo16XCMmm3B11+uuKGpcoRVC
	coFs95dU7bA7Kjj4o9Ekh0WZwAzd7WYpCOa92Kybf7lnh7nOwvQyZG9063owLlyqumzy1h
	8xh/DM60elx93ci/ww6ldT/dqGr2aVbcN427CLoUCkUZxThLPeTUz8qqTsggpK5m0sWrNW
	XyXpgTFsgqOHaUmyXmNPNsNe3f4UB6je9g2l5i/X+F/AbnYgT7U4FESx+HjpSi58WPEGqW
	NV+ORhoWI9/nbtGZevbZn8QmGyCPOyD9pMfkUfJyaLMSJ8Fe9DZHCPW2keRN2g==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
X-ThisMailContainsUnwantedMimeParts: N

The branch main has been updated by royger:

URL: https://cgit.FreeBSD.org/src/commit/?id=77cb05db0cee0b052cc1a75da0741eb404eed473

commit 77cb05db0cee0b052cc1a75da0741eb404eed473
Author:     Roger Pau Monné <royger@FreeBSD.org>
AuthorDate: 2022-06-28 15:37:00 +0000
Commit:     Roger Pau Monné <royger@FreeBSD.org>
CommitDate: 2022-06-30 06:53:16 +0000

    x86/xen: stop assuming kernel memory loading order in PVH
    
    Do not assume that start_info will always be loaded at the highest
    memory address, and instead check the position of all the loaded
    elements in order to find the last loaded one, and thus a likely safe
    place to use as early boot allocation memory space.
    
    Reported by: markj, cperciva
    Sponsored by: Citrix Systems R&D
    Reviewed by: markj
    Differential revision: https://reviews.freebsd.org/D35628
---
 sys/x86/xen/pv.c | 52 ++++++++++++++++++++++++++++++----------------------
 1 file changed, 30 insertions(+), 22 deletions(-)

diff --git a/sys/x86/xen/pv.c b/sys/x86/xen/pv.c
index c5d7629d0bc5..796b3ca844de 100644
--- a/sys/x86/xen/pv.c
+++ b/sys/x86/xen/pv.c
@@ -68,6 +68,7 @@ __FBSDID("$FreeBSD$");
 #include <machine/intr_machdep.h>
 #include <machine/md_var.h>
 #include <machine/metadata.h>
+#include <machine/cpu.h>
 
 #include <xen/xen-os.h>
 #include <xen/hvm.h>
@@ -143,10 +144,36 @@ hammer_time_xen(vm_paddr_t start_info_paddr)
 	}
 
 	/*
-	 * The hvm_start_into structure is always appended after loading
-	 * the kernel and modules.
+	 * Select the higher address to use as physfree: either after
+	 * start_info, after the kernel, after the memory map or after any of
+	 * the modules.  We assume enough memory to be available after the
+	 * selected address for the needs of very early memory allocations.
 	 */
-	physfree = roundup2(start_info_paddr + PAGE_SIZE, PAGE_SIZE);
+	physfree = roundup2(start_info_paddr + sizeof(struct hvm_start_info),
+	    PAGE_SIZE);
+	physfree = MAX(roundup2((vm_paddr_t)_end - KERNBASE, PAGE_SIZE),
+	    physfree);
+
+	if (start_info->memmap_paddr != 0)
+		physfree = MAX(roundup2(start_info->memmap_paddr +
+		    start_info->memmap_entries *
+		    sizeof(struct hvm_memmap_table_entry), PAGE_SIZE),
+		    physfree);
+
+	if (start_info->modlist_paddr != 0) {
+		unsigned int i;
+
+		if (start_info->nr_modules == 0) {
+			xc_printf(
+			    "ERROR: modlist_paddr != 0 but nr_modules == 0\n");
+			HYPERVISOR_shutdown(SHUTDOWN_crash);
+		}
+		mod = (struct hvm_modlist_entry *)
+		    (start_info->modlist_paddr + KERNBASE);
+		for (i = 0; i < start_info->nr_modules; i++)
+			physfree = MAX(roundup2(mod[i].paddr + mod[i].size,
+			    PAGE_SIZE), physfree);
+	}
 
 	xatp.domid = DOMID_SELF;
 	xatp.idx = 0;
@@ -168,25 +195,6 @@ hammer_time_xen(vm_paddr_t start_info_paddr)
 	bzero_early(kenv, PAGE_SIZE);
 	init_static_kenv(kenv, PAGE_SIZE);
 
-	if (start_info->modlist_paddr != 0) {
-		if (start_info->modlist_paddr >= physfree) {
-			xc_printf(
-			    "ERROR: unexpected module list memory address\n");
-			HYPERVISOR_shutdown(SHUTDOWN_crash);
-		}
-		if (start_info->nr_modules == 0) {
-			xc_printf(
-			    "ERROR: modlist_paddr != 0 but nr_modules == 0\n");
-			HYPERVISOR_shutdown(SHUTDOWN_crash);
-		}
-		mod = (struct hvm_modlist_entry *)
-		    (start_info->modlist_paddr + KERNBASE);
-		if (mod[0].paddr >= physfree) {
-			xc_printf("ERROR: unexpected module memory address\n");
-			HYPERVISOR_shutdown(SHUTDOWN_crash);
-		}
-	}
-
 	/* Set the hooks for early functions that diverge from bare metal */
 	init_ops = xen_pvh_init_ops;
 	hvm_start_flags = start_info->flags;