[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] x86/cet: Clear IST supervisor token busy bits on S3 resume

  • To: Jan Beulich <jbeulich@xxxxxxxx>
  • From: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>
  • Date: Wed, 16 Mar 2022 20:56:52 +0000
  • Accept-language: en-GB, en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=VgySFfHdbaCVSIEys9jxPhUbGA9vV3rmvJ7Y1Ffdl28=; b=UswdiMPJ94NsdHdruYnYCEw88AXrW0knLhAFvMpiBXQ3DWi+JXZfoL8GSDuGRYRfQ+ZrxF3Ecggb7mdDQn8DtPsj23sdXJw5uYDwiCgnJkjcOrTOiwJsxIZ2bbjMbBD03WUohojRWFGZYvOFmTqGIxkxDOepT6xRc0J3fLhXC03Sm+FL1jj7sq64w/u7/KugSz55qBR/aJtvz1wDdb2I+FzPhYslM9xDyJsHH6liidN+7Kh2z1dMoO0+pErFnmWyhiK03L4RnJyz3iTPR5s7yD5BRHDLtv+ROp3Dalvg7cqoaf2UOo3XBcWzXH1TAkF3z87/WK3eZLMeq9CNfenXLA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kW9/nncQ/1EIrUBuuNhy/oYnY1AwiaGij6E25+7nSzI/vLHRj9Ba/GnNkf1jjARa2zbvi73ypl7iU4MURZrox/pG8X2OM6ON42dSqauC1+QYH0wABBegjRC0KjtTknsznj02Bgj32jFmS7ZNWkQe+nV8196cEza1nHUxQkDGAa00AZJfYxdZEx2GYqEwgzRZJF5ofv0lRsEvBGPkLoE9A2IAcJXNsT6HkJ4p+xQ8mP1Y9tG1MMucXxbGOwn3Mv15rYVdpi9/ZSM0NUlgB7lPaJ/Lsf+1+dyzvazTAyU8Dl8KX/BBE3flnZim5ahN4MZlMp6lbd9V05YC1h7VQU6H1A==
  • Authentication-results: esa1.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com
  • Cc: Roger Pau Monne <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Wed, 16 Mar 2022 20:57:22 +0000
  • Ironport-data: A9a23:EUnO76Nn/W6//H7vrR2Yl8FynXyQoLVcMsEvi/4bfWQNrUor3zZTz GRMD2rQa/eJZGvyet50PY/no0oO7MOEm941Sgto+SlhQUwRpJueD7x1DKtR0wB+jCHnZBg6h ynLQoCYdKjYdleF+lH1dOKJQUBUjclkfJKlYAL/En03FFcMpBsJ00o5wbZi29Aw27BVPivW0 T/Mi5yHULOa82Yc3lI8s8pvfzs24ZweEBtB1rAPTagjUG32zhH5P7pGTU2FFFPqQ5E8IwKPb 72rIIdVXI/u10xF5tuNyt4Xe6CRK1LYFVDmZnF+A8BOjvXez8CbP2lS2Pc0MC9qZzu1c99Zx NF0r66tEC4See7VtrUtfgBVLQx/IvgTkFPHCSDXXc27ykTHdz3nwul0DVFwNoodkgp1KTgQr 7pCcmlLN03dwbLtqF64YrAEasALBc/nJo4A/FpnyinUF60OSpHfWaTao9Rf2V/cg+gQQ6aFO JtBM1KDajzlfBd9K3AUEa4Hnf+Di1vCVGRjrVys8P9fD2/7k1UqjemF3MDuUtmDX8BchEubj mPA4WXiAxseOcCfyDyK6XaljKnEmiaTcJIfEvi0++BnhHWXx3cPE1sGWF2ju/67h0WiHdVFJ CQ8+CAjsKwz/0yDVcTmUluzp3vslgEYc8pdFas98g7l90bPy1/HXC5eFGcHMYF48p9tLdA36 rOXt9/tPCZdreS8cjXe75nFnR6rNBY4LHBXMEfoUjA5y9XkpYgyiDfGQdBiDLO5g7XJJN3g/ 9yZhHNg3utO1Kbnw43+pAma2Gz0+vAlWyZvvm3qsnSZAhSVjWJPT6ih8hDl4PlJN+51pXHR7 SFfy6ByAA3jZKxhdRBhos1QRNlFBN7faVUwZGKD+bF6r1xBHFb5IehtDMlWfhsBDyr9UWaBj LXvkQ1Q/oRPG3ChcLV6ZYm8Y+xzk/S/T4W/D6qEN4AUCnSUSONh1Ho3DaJ39zqx+HXAbIllY cvLGSpSJSty5VtbIMqeGL5GjO5DKtEWzmLPX5HrpylLIpLFDEN5vYwtaQPUBshgtfvsiFyMr 753apvboz0CAbaWSnSGruYuwaUicCFT6Wbe8JcMKIZu42NORQkcNhMm6eh4KtI/wPgNyLugE 7PUchYw9WcTTEbvcG2iQntidKnuTdB4q3c6NjYrJlGmxz4oZoPH0UvVX8JfkWUPnAC78cNJc g==
  • Ironport-hdrordr: A9a23:H6XyjaPcckFzsMBcT2/155DYdb4zR+YMi2TDiHofdfUFSKClfp 6V8cjzjSWE9Qr4WBkb6LW90DHpewKSyXcH2/hsAV7EZniphILIFvAv0WKG+VPd8kLFh5dgPM tbAstD4ZjLfCJHZKXBkUiF+rQbsaG6GcmT7I+0pRYMcegpUdAa0+4QMHfBLqQcfngjOXNNLu v72iMxnUvGRZ14VLXYOlA1G8z44/HbnpPvZhALQzQ97hOVsD+u4LnmVzCFwxY3SVp0sPcf2F mAtza8yrSosvm9xBOZ/XTU9Y5qlNzozcYGLNCQi/ISNi7nhm+TFcdcsvy5zXIISdOUmRIXee r30lAd1gNImjXsl1SO0F7QMs/boW8TAjHZuAelaDDY0LPErXoBerR8bMRiA0HkAgMbzaFBOO gg5RPpi7NHSRzHhyjz/N7OSlVjkVe1u2MrlaoJg2VYSpZ2Us4bkWUzxjIdLH47JlOz1GnnKp gbMOjMoPJNNV+KZXHQuWdihNSqQ3QoBx+DBkwPoNac3TRalG1wixJw/r1Tol4QsJYmD5VU7e XNNapl0LlIU88NdKp4QOMMW9G+BGDBSQ/FdGiSPVPkHqcaPG+lke+83JwloOWxPJAYxpo7n5 rMFFteqG4pYkrrTdaD2ZVamyq9NllVnQ6dvf22y6IJyIEUHoCbQhFrYGpe5vednw==
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHYN5LV95qT5IqqP0y7/NV/gPy3Uqy+8M2AgAOQxYA=
  • Thread-topic: [PATCH] x86/cet: Clear IST supervisor token busy bits on S3 resume
On 14/03/2022 14:29, Jan Beulich wrote:
> On 14.03.2022 12:00, Andrew Cooper wrote:
>> Stacks are not freed across S3.  Execution just stops, leaving supervisor
>> token busy bits active.  Fixing this for the primary shadow stack was done
>> previously, but there is a (rare) risk that an IST token is left busy too.
>> This will manifest as #DF next time the IST vector gets used.
> Thinking about it some more - wouldn't it be more natural to turn off
> CET as CPUs are being brought down (and for the BSP as late as possible
> before actually invoking S3)? That way no new busy bits can be written
> anymore.

I did consider that, but I don't want to go down that route.  It's too
easy to let that turn into a bug where we fail to turn shstk back on,
particularly as we have cpu parking rather than full offline.

It's far safer IMO to ensure that shstk is active for all activities in
Xen context.

~Andrew

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.