|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen stable-4.7] x86: don't latch wrong (stale) GS base addresses
commit f8e806fddc5502350a7e546e69387de46ab1eca4
Author: Jan Beulich <jbeulich@xxxxxxxx>
AuthorDate: Thu Nov 16 11:59:21 2017 +0100
Commit: Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Thu Nov 16 11:59:21 2017 +0100
x86: don't latch wrong (stale) GS base addresses
load_segments() writes selector registers before doing any of the base
address updates. Any of these selector loads can cause a page fault in
case it references the LDT, and the LDT page accessed was only recently
installed. Therefore the call tree map_ldt_shadow_page() ->
guest_get_eff_kern_l1e() -> toggle_guest_mode() would in such a case
wrongly latch the outgoing vCPU's GS.base into the incoming vCPU's
recorded state.
Split page table toggling from GS handling - neither
guest_get_eff_kern_l1e() nor guest_io_okay() need more than the page
tables being the kernel ones for the memory access they want to do.
Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
master commit: a711f6f24a7157ae70d1cc32e61b98f23dc0c584
master date: 2017-10-27 13:49:10 +0100
---
xen/arch/x86/mm.c | 2 +-
xen/arch/x86/traps.c | 2 +-
xen/arch/x86/x86_64/traps.c | 11 ++++++++++-
xen/include/asm-x86/domain.h | 2 ++
4 files changed, 14 insertions(+), 3 deletions(-)
diff --git a/xen/arch/x86/mm.c b/xen/arch/x86/mm.c
index a9f4cf1..785438b 100644
--- a/xen/arch/x86/mm.c
+++ b/xen/arch/x86/mm.c
@@ -582,7 +582,7 @@ static inline void guest_get_eff_kern_l1e(struct vcpu *v,
unsigned long addr,
void *eff_l1e)
{
bool_t user_mode = !(v->arch.flags & TF_kernel_mode);
-#define TOGGLE_MODE() if ( user_mode ) toggle_guest_mode(v)
+#define TOGGLE_MODE() if ( user_mode ) toggle_guest_pt(v)
TOGGLE_MODE();
guest_get_eff_l1e(addr, eff_l1e);
diff --git a/xen/arch/x86/traps.c b/xen/arch/x86/traps.c
index 3200850..05b4b08 100644
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -1946,7 +1946,7 @@ static int guest_io_okay(
{
/* If in user mode, switch to kernel mode just to read I/O bitmap. */
int user_mode = !(v->arch.flags & TF_kernel_mode);
-#define TOGGLE_MODE() if ( user_mode ) toggle_guest_mode(v)
+#define TOGGLE_MODE() if ( user_mode ) toggle_guest_pt(v)
if ( iopl_ok(v, regs) )
return 1;
diff --git a/xen/arch/x86/x86_64/traps.c b/xen/arch/x86/x86_64/traps.c
index a379d19..2281610 100644
--- a/xen/arch/x86/x86_64/traps.c
+++ b/xen/arch/x86/x86_64/traps.c
@@ -277,8 +277,17 @@ void toggle_guest_mode(struct vcpu *v)
else
v->arch.pv_vcpu.gs_base_user = __rdgsbase();
}
- v->arch.flags ^= TF_kernel_mode;
asm volatile ( "swapgs" );
+
+ toggle_guest_pt(v);
+}
+
+void toggle_guest_pt(struct vcpu *v)
+{
+ if ( is_pv_32bit_vcpu(v) )
+ return;
+
+ v->arch.flags ^= TF_kernel_mode;
update_cr3(v);
/* Don't flush user global mappings from the TLB. Don't tick TLB clock. */
asm volatile ( "mov %0, %%cr3" : : "r" (v->arch.cr3) : "memory" );
diff --git a/xen/include/asm-x86/domain.h b/xen/include/asm-x86/domain.h
index 5ef761b..67fd35b 100644
--- a/xen/include/asm-x86/domain.h
+++ b/xen/include/asm-x86/domain.h
@@ -76,6 +76,8 @@ void mapcache_override_current(struct vcpu *);
/* x86/64: toggle guest between kernel and user modes. */
void toggle_guest_mode(struct vcpu *);
+/* x86/64: toggle guest page tables between kernel and user modes. */
+void toggle_guest_pt(struct vcpu *);
/*
* Initialise a hypercall-transfer page. The given pointer must be mapped
--
generated by git-patchbot for /home/xen/git/xen.git#stable-4.7
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
https://lists.xenproject.org/xen-changelog
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |