Xen project Mailing List

Re: [PATCH v2 68/70] x86/setup: Rework MSR_S_CET handling for CET-IBT

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Date: Tue, 15 Feb 2022 17:46:36 +0100

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=U8inlhwNEt2P04YrXuqFHUIjMp/G8CmrvHaCp+hNFLU=; b=oE03AeRfXlXuARz7YyeVEgRP9UbwRognXldrjoamoDzlJVKJNLjAo9bqAbb1Vqtjq1iRO6hC6F1P2dd9w2qclV2H/K89YphkaOGEbZnUlwkFW62J+doDCYdGE/EjLTB4aaoSmRFB1b1qALFx/biXmFR/lm8mfybdC6VXZ65cB50XyuNdAQGBN9Ytj5VpHMoAg1Mgm3tGBbDb368JJ5ttQ1b1KEAwXEUTIv4cpxlSanOZklXR5n6ZkjGByBW6waolE70NsWSIzDT5pwyqTCCGCrvjBn94A0Il/hGH70Fviv2SBKdEn4YNfA9D+poOMGxbbmno3cVfDD7fJN25vSpa4w==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XA5uwhJPWHJYEH5PJaASoAZ30tweUiNtLkWTu9a0Nl+NQtSRxfLprUZsny77qeeCNuy6P1v5EgLpMfkqT+TLrmpaXS35xhhtvtL/TFbmemT7yO3FqkhbFBo/DlCV2/zQuv1WSUjWmEbcs6b9adQCwftbihDlj9ypTufMe2IMZZDaMQFVV4B2xZaKqjimYJ5n6tdVP67VrlVllZYr7UKc8hmz7xZpFGte9rzfzZYPwE2JEGQUzM/oo7BRubDct5Or+NUXn9FTdYS3VEFFUtXn3m+ZuB7drsSXa0ojAk6fVk9PGfcmKKW4V4I033NglIaf1mB0ilLri+hbVKDwZEZ7+g==

Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;

Cc: Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Tue, 15 Feb 2022 16:46:51 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 14.02.2022 13:51, Andrew Cooper wrote: > CET-SS and CET-IBT can be independently controlled, so the configuration of > MSR_S_CET can't be constant any more. > > Introduce xen_msr_s_cet_value(), mostly because I don't fancy > writing/maintaining that logic in assembly. Use this in the 3 paths which > alter MSR_S_CET when both features are potentially active. > > To active CET-IBT, we only need CR4.CET and MSR_S_CET.ENDBR_EN. This is > common with the CET-SS setup, so reorder the operations to set up CR4 and > MSR_S_CET for any nonzero result from xen_msr_s_cet_value(), and set up > MSR_PL0_SSP and SSP if SHSTK_EN was also set. > > Adjust the crash path to disable CET-IBT too. > > Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx> albeit with a nit and a remark: > --- a/xen/arch/x86/acpi/wakeup_prot.S > +++ b/xen/arch/x86/acpi/wakeup_prot.S > @@ -63,7 +63,26 @@ ENTRY(s3_resume) > pushq %rax > lretq > 1: > -#ifdef CONFIG_XEN_SHSTK > +#if defined(CONFIG_XEN_SHSTK) || defined(CONFIG_XEN_IBT) > + call xen_msr_s_cet_value > + test %eax, %eax > + jz .L_cet_done > + > + /* Set up MSR_S_CET. */ > + mov $MSR_S_CET, %ecx > + xor %edx, %edx > + wrmsr > + > + /* Enable CR4.CET. */ > + mov $XEN_MINIMAL_CR4 | X86_CR4_CET, %ecx > + mov %rcx, %cr4 > + > + /* WARNING! call/ret now fatal (iff SHSTK) until SETSSBSY loads SSP > */ > + > +#if defined(CONFIG_XEN_SHSTK) Just #ifdef, as it was before? > @@ -90,10 +101,6 @@ ENTRY(s3_resume) > mov %edi, %eax > wrmsr > > - /* Enable CET. MSR_INTERRUPT_SSP_TABLE is set up later in > load_system_tables(). */ > - mov $XEN_MINIMAL_CR4 | X86_CR4_CET, %ebx > - mov %rbx, %cr4 The latter part of this comment could do with retaining. Jan

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.