[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 62/65] x86/entry: Make IDT entrypoints CET-IBT compatible
- To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
- From: Jan Beulich <jbeulich@xxxxxxxx>
- Date: Fri, 3 Dec 2021 14:23:55 +0100
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=omDvQtMbf62t8NfugCyDhm6LIXr3IUu9OA3WrUT9o4U=; b=U8fJshMIPMYzapMeRc6K3UM9JG3eDEonP8oTxWwSPksXlNaHfTpzDFzGOn7CC0DC2oQBp56uB4WrtwHBcSan+XdnGPGIwXWwM123IVGi1vzXASMQ2ldjABGMT8CRcIzLvhWIW8n2Yam/dUIi/8fw3GRtLKHv1F6es5CEgjNGC4m6TnBgClmjJ88ug/e5QIFozN3hVgd3XMWqGLR1aStzrmWcthEcoVbl87US1mCliNnNDHbNFo/+GyTBy3YovcYyocgI16N39+xmBpKflsgENjwp7//lGRhyy4mt1nXSPpPs5jNFXuUr+KwGCeoJtCl2aIW+3Yyi4orOuO785U5Ygg==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PZq8C14XO8eM2H6nJqWGIbHlm+46JJCSTz1Yh3IMU/pg34oqLF+gJAfrOtJSOp+sEvJmQvHHP4qmWEeM3E8K+aZGD3+yE6OSY1eR0HDRU/56slMMmZx4eevSNFEcIZ0cA1UfXJKkUjSuBcCs90gfbfGgfJyypC5lPZ7yPhPWViTfaD2Uh3OYNA4VqYFzJmdn1Sm5J6qgpAimFjJEOCMaWtjrOv7oYz0wCOlLIi5ngUb7bRyzM/OPMvHqSu2NOf0sEy0b7/W3CVgfNPMpoWfGyDuC6kTC/19SG3PoKPMRwsvhw03xZPHLviENrwe253NIsxhlHIts4ZrdSko+2q0rjA==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
- Cc: Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
- Delivery-date: Fri, 03 Dec 2021 13:24:13 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 26.11.2021 13:34, Andrew Cooper wrote:
> Each IDT vector needs to land on an endbr64 instruction. This is especially
> important for the #CP handler, which will escalate to #DF if the endbr64 is
> missing.
>
> Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
One remark though:
> @@ -1136,7 +1158,8 @@ autogen_stubs: /* Automatically generated stubs. */
> #endif
>
> ALIGN
> -1: pushq $0
> +1: ENDBR64
> + pushq $0
> movb $vec,4(%rsp)
> jmp common_interrupt
>
> @@ -1146,7 +1169,8 @@ autogen_stubs: /* Automatically generated stubs. */
> .elseif vec == X86_EXC_CSO || vec == X86_EXC_SPV || \
> vec == X86_EXC_VE || (vec > X86_EXC_CP && vec < TRAP_nr)
>
> -1: test $8,%spl /* 64bit exception frames are 16 byte aligned,
> but the word */
> +1: ENDBR64
> + test $8,%spl /* 64bit exception frames are 16 byte aligned,
> but the word */
> jz 2f /* size is 8 bytes. Check whether the
> processor gave us an */
> pushq $0 /* error code, and insert an empty one if not.
> */
> 2: movb $vec,4(%rsp)
Like with initializers of compound objects vs trailing commas there, I
think it would help if we moved away from placing insns on the same
lines as labels. As can be seen here, inserting something always means
touching two lines instead of just adding one.
Jan
|
