forked from QubesOS/qubes-vmm-xen
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
3 changed files
with
215 additions
and
1 deletion.
There are no files selected for viewing
118 changes: 118 additions & 0 deletions
118
patch-866dedab-x86-PV-also-cover-Dom0-in-SPEC_CTRL-PRED_CMD-emulati.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,118 @@ | ||
| From 866dedabb3e51a56c1b9ad4206ee0ffaf0b5c4b3 Mon Sep 17 00:00:00 2001 | ||
| From: Jan Beulich <[email protected]> | ||
| Date: Thu, 22 Mar 2018 10:19:05 +0100 | ||
| Subject: [PATCH] x86/PV: also cover Dom0 in SPEC_CTRL / PRED_CMD emulation | ||
|
|
||
| Introduce a helper wrapping the pv_cpuid()-style domain_cpuid() / | ||
| cpuid_count() (or alike) invocations, and use it instead of plain | ||
| domain_cpuid() in MSR access emulation. | ||
|
|
||
| Reported-by: Jason Andryuk <[email protected]> | ||
| Signed-off-by: Jan Beulich <[email protected]> | ||
| --- | ||
| xen/arch/x86/traps.c | 40 +++++++++++++++++++--------------------- | ||
| 1 file changed, 19 insertions(+), 21 deletions(-) | ||
|
|
||
| diff --git a/xen/arch/x86/traps.c b/xen/arch/x86/traps.c | ||
| index 4053721b64..8a3a71dcb4 100644 | ||
| --- a/xen/arch/x86/traps.c | ||
| +++ b/xen/arch/x86/traps.c | ||
| @@ -960,6 +960,17 @@ int cpuid_hypervisor_leaves( uint32_t idx, uint32_t sub_idx, | ||
| return 1; | ||
| } | ||
|
|
||
| +static void _domain_cpuid(const struct domain *currd, | ||
| + unsigned int leaf, unsigned int subleaf, | ||
| + unsigned int *eax, unsigned int *ebx, | ||
| + unsigned int *ecx, unsigned int *edx) | ||
| +{ | ||
| + if ( !is_control_domain(currd) && !is_hardware_domain(currd) ) | ||
| + domain_cpuid(currd, leaf, subleaf, eax, ebx, ecx, edx); | ||
| + else | ||
| + cpuid_count(leaf, subleaf, eax, ebx, ecx, edx); | ||
| +} | ||
| + | ||
| void pv_cpuid(struct cpu_user_regs *regs) | ||
| { | ||
| uint32_t leaf, subleaf, a, b, c, d; | ||
| @@ -983,10 +994,7 @@ void pv_cpuid(struct cpu_user_regs *regs) | ||
| */ | ||
| unsigned int limit = (leaf >> 16) != 0x8000 ? 0 : 0x80000000, dummy; | ||
|
|
||
| - if ( !is_control_domain(currd) && !is_hardware_domain(currd) ) | ||
| - domain_cpuid(currd, limit, 0, &limit, &dummy, &dummy, &dummy); | ||
| - else | ||
| - limit = cpuid_eax(limit); | ||
| + _domain_cpuid(currd, limit, 0, &limit, &dummy, &dummy, &dummy); | ||
| if ( leaf > limit ) | ||
| { | ||
| regs->eax = 0; | ||
| @@ -997,10 +1005,7 @@ void pv_cpuid(struct cpu_user_regs *regs) | ||
| } | ||
| } | ||
|
|
||
| - if ( !is_control_domain(currd) && !is_hardware_domain(currd) ) | ||
| - domain_cpuid(currd, leaf, subleaf, &a, &b, &c, &d); | ||
| - else | ||
| - cpuid_count(leaf, subleaf, &a, &b, &c, &d); | ||
| + _domain_cpuid(currd, leaf, subleaf, &a, &b, &c, &d); | ||
|
|
||
| switch ( leaf ) | ||
| { | ||
| @@ -1169,11 +1174,7 @@ void pv_cpuid(struct cpu_user_regs *regs) | ||
| break; | ||
|
|
||
| case XSTATE_CPUID: | ||
| - | ||
| - if ( !is_control_domain(currd) && !is_hardware_domain(currd) ) | ||
| - domain_cpuid(currd, 1, 0, &tmp, &tmp, &_ecx, &tmp); | ||
| - else | ||
| - _ecx = cpuid_ecx(1); | ||
| + _domain_cpuid(currd, 1, 0, &tmp, &tmp, &_ecx, &tmp); | ||
| _ecx &= pv_featureset[FEATURESET_1c]; | ||
|
|
||
| if ( !(_ecx & cpufeat_mask(X86_FEATURE_XSAVE)) || subleaf >= 63 ) | ||
| @@ -1192,10 +1193,7 @@ void pv_cpuid(struct cpu_user_regs *regs) | ||
| xstate_sizes[_XSTATE_YMM]); | ||
| } | ||
|
|
||
| - if ( !is_control_domain(currd) && !is_hardware_domain(currd) ) | ||
| - domain_cpuid(currd, 7, 0, &tmp, &_ebx, &tmp, &tmp); | ||
| - else | ||
| - cpuid_count(7, 0, &tmp, &_ebx, &tmp, &tmp); | ||
| + _domain_cpuid(currd, 7, 0, &tmp, &_ebx, &tmp, &tmp); | ||
| _ebx &= pv_featureset[FEATURESET_7b0]; | ||
|
|
||
| if ( _ebx & cpufeat_mask(X86_FEATURE_AVX512F) ) | ||
| @@ -2511,7 +2509,7 @@ static int priv_op_read_msr(unsigned int reg, uint64_t *val, | ||
| break; | ||
|
|
||
| case MSR_SPEC_CTRL: | ||
| - domain_cpuid(currd, 7, 0, &dummy, &dummy, &dummy, &edx); | ||
| + _domain_cpuid(currd, 7, 0, &dummy, &dummy, &dummy, &edx); | ||
| if ( !(edx & cpufeat_mask(X86_FEATURE_IBRSB)) ) | ||
| break; | ||
| *val = curr->arch.spec_ctrl; | ||
| @@ -2739,7 +2737,7 @@ static int priv_op_write_msr(unsigned int reg, uint64_t val, | ||
| break; | ||
|
|
||
| case MSR_SPEC_CTRL: | ||
| - domain_cpuid(currd, 7, 0, &dummy, &dummy, &dummy, &edx); | ||
| + _domain_cpuid(currd, 7, 0, &dummy, &dummy, &dummy, &edx); | ||
| if ( !(edx & cpufeat_mask(X86_FEATURE_IBRSB)) ) | ||
| break; /* MSR available? */ | ||
|
|
||
| @@ -2755,8 +2753,8 @@ static int priv_op_write_msr(unsigned int reg, uint64_t val, | ||
| return X86EMUL_OKAY; | ||
|
|
||
| case MSR_PRED_CMD: | ||
| - domain_cpuid(currd, 7, 0, &dummy, &dummy, &dummy, &edx); | ||
| - domain_cpuid(currd, 0x80000008, 0, &dummy, &ebx, &dummy, &dummy); | ||
| + _domain_cpuid(currd, 7, 0, &dummy, &dummy, &dummy, &edx); | ||
| + _domain_cpuid(currd, 0x80000008, 0, &dummy, &ebx, &dummy, &dummy); | ||
| if ( !(edx & cpufeat_mask(X86_FEATURE_IBRSB)) && | ||
| !(ebx & cpufeat_mask(X86_FEATURE_IBPB)) ) | ||
| break; /* MSR available? */ | ||
| -- | ||
| 2.16.2 | ||
|
|
94 changes: 94 additions & 0 deletions
94
patch-da926644-x86-spec_ctrl-Fix-several-bugs-in-SPEC_CTRL_ENTRY_FR.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,94 @@ | ||
| From da9266448c56c5a0ec9defe7f10c8b22c93b33a6 Mon Sep 17 00:00:00 2001 | ||
| From: Andrew Cooper <[email protected]> | ||
| Date: Tue, 6 Mar 2018 16:11:24 +0100 | ||
| Subject: [PATCH] x86/spec_ctrl: Fix several bugs in | ||
| SPEC_CTRL_ENTRY_FROM_INTR_IST | ||
| MIME-Version: 1.0 | ||
| Content-Type: text/plain; charset=UTF-8 | ||
| Content-Transfer-Encoding: 8bit | ||
|
|
||
| DO_OVERWRITE_RSB clobbers %rax, meaning in practice that the bti_ist_info | ||
| field gets zeroed. Older versions of this code had the DO_OVERWRITE_RSB | ||
| register selectable, so reintroduce this ability and use it to cause the | ||
| INTR_IST path to use %rdx instead. | ||
|
|
||
| The use of %dl for the %cs.rpl check means that when an IST interrupt hits | ||
| Xen, we try to load 1 into the high 32 bits of MSR_SPEC_CTRL, suffering a #GP | ||
| fault instead. | ||
|
|
||
| Also, drop an unused label which was a copy/paste mistake. | ||
|
|
||
| Reported-by: Boris Ostrovsky <[email protected]> | ||
| Reported-by: Zhenzhong Duan <[email protected]> | ||
| Signed-off-by: Andrew Cooper <[email protected]> | ||
| Reviewed-by: Jan Beulich <[email protected]> | ||
| Reviewed-by: Wei Liu <[email protected]> | ||
| Reviewed-by: Roger Pau Monné <[email protected]> | ||
| master commit: a2b08fbed388f18235fda5ba1655c1483ef3e215 | ||
| master date: 2018-02-14 13:22:15 +0000 | ||
| --- | ||
| xen/include/asm-x86/spec_ctrl_asm.h | 12 ++++++------ | ||
| 1 file changed, 6 insertions(+), 6 deletions(-) | ||
|
|
||
| diff --git a/xen/include/asm-x86/spec_ctrl_asm.h b/xen/include/asm-x86/spec_ctrl_asm.h | ||
| index 7a43daf231..69cf3cc2f1 100644 | ||
| --- a/xen/include/asm-x86/spec_ctrl_asm.h | ||
| +++ b/xen/include/asm-x86/spec_ctrl_asm.h | ||
| @@ -79,10 +79,10 @@ | ||
| * - SPEC_CTRL_EXIT_TO_GUEST | ||
| */ | ||
|
|
||
| -.macro DO_OVERWRITE_RSB | ||
| +.macro DO_OVERWRITE_RSB tmp=rax | ||
| /* | ||
| * Requires nothing | ||
| - * Clobbers %rax, %rcx | ||
| + * Clobbers \tmp (%rax by default), %rcx | ||
| * | ||
| * Requires 256 bytes of stack space, but %rsp has no net change. Based on | ||
| * Google's performance numbers, the loop is unrolled to 16 iterations and two | ||
| @@ -97,7 +97,7 @@ | ||
| * optimised with mov-elimination in modern cores. | ||
| */ | ||
| mov $16, %ecx /* 16 iterations, two calls per loop */ | ||
| - mov %rsp, %rax /* Store the current %rsp */ | ||
| + mov %rsp, %\tmp /* Store the current %rsp */ | ||
|
|
||
| .L\@_fill_rsb_loop: | ||
|
|
||
| @@ -114,7 +114,7 @@ | ||
|
|
||
| sub $1, %ecx | ||
| jnz .L\@_fill_rsb_loop | ||
| - mov %rax, %rsp /* Restore old %rsp */ | ||
| + mov %\tmp, %rsp /* Restore old %rsp */ | ||
| .endm | ||
|
|
||
| .macro DO_SPEC_CTRL_ENTRY_FROM_VMEXIT ibrs_val:req | ||
| @@ -273,7 +273,7 @@ | ||
| testb $BTI_IST_RSB, %al | ||
| jz .L\@_skip_rsb | ||
|
|
||
| - DO_OVERWRITE_RSB | ||
| + DO_OVERWRITE_RSB tmp=rdx /* Clobbers %rcx/%rdx */ | ||
|
|
||
| .L\@_skip_rsb: | ||
|
|
||
| @@ -285,13 +285,13 @@ | ||
| setz %dl | ||
| and %dl, STACK_CPUINFO_FIELD(use_shadow_spec_ctrl)(%r14) | ||
|
|
||
| -.L\@_entry_from_xen: | ||
| /* | ||
| * Load Xen's intended value. SPEC_CTRL_IBRS vs 0 is encoded in the | ||
| * bottom bit of bti_ist_info, via a deliberate alias with BTI_IST_IBRS. | ||
| */ | ||
| mov $MSR_SPEC_CTRL, %ecx | ||
| and $BTI_IST_IBRS, %eax | ||
| + xor %edx, %edx | ||
| wrmsr | ||
|
|
||
| /* Opencoded UNLIKELY_START() with no condition. */ | ||
| -- | ||
| 2.16.2 | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters