[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen stable-4.7] x86/xpti: don't map stack guard pages



commit b7756369dbadb49a5b42bfaab8ca8e1f7e23f7d8
Author:     Jan Beulich <jbeulich@xxxxxxxx>
AuthorDate: Tue Mar 20 14:46:22 2018 +0100
Commit:     Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Tue Mar 20 14:46:22 2018 +0100

    x86/xpti: don't map stack guard pages
    
    Other than for the main mappings, don't even do this in release builds,
    as there are no huge page shattering concerns here.
    
    Note that since we don't run on the restructed page tables while HVM
    guests execute, the non-present mappings won't trigger the triple fault
    issue AMD SVM is susceptible to with our current placement of STGI vs
    TR loading.
    
    Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
    Acked-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    master commit: d303784b68237ff3050daa184f560179dda21b8c
    master date: 2018-03-06 16:46:57 +0100
---
 xen/arch/x86/mm.c        | 8 ++++++++
 xen/arch/x86/smpboot.c   | 3 ++-
 xen/include/asm-x86/mm.h | 1 +
 3 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/xen/arch/x86/mm.c b/xen/arch/x86/mm.c
index 7572a01459..2409a5d473 100644
--- a/xen/arch/x86/mm.c
+++ b/xen/arch/x86/mm.c
@@ -6833,6 +6833,14 @@ void memguard_unguard_stack(void *p)
     memguard_unguard_range(p, PAGE_SIZE);
 }
 
+bool_t memguard_is_stack_guard_page(unsigned long addr)
+{
+    addr &= STACK_SIZE - 1;
+
+    return addr >= STACK_SIZE - PRIMARY_STACK_SIZE - PAGE_SIZE &&
+           addr < STACK_SIZE - PRIMARY_STACK_SIZE;
+}
+
 void arch_dump_shared_mem_info(void)
 {
     printk("Shared frames %u -- Saved frames %u\n",
diff --git a/xen/arch/x86/smpboot.c b/xen/arch/x86/smpboot.c
index 61aac13920..3f572b285a 100644
--- a/xen/arch/x86/smpboot.c
+++ b/xen/arch/x86/smpboot.c
@@ -790,7 +790,8 @@ static int setup_cpu_root_pgt(unsigned int cpu)
 
     /* Install direct map page table entries for stack, IDT, and TSS. */
     for ( off = rc = 0; !rc && off < STACK_SIZE; off += PAGE_SIZE )
-        rc = clone_mapping(__va(__pa(stack_base[cpu])) + off, rpt);
+        if ( !memguard_is_stack_guard_page(off) )
+            rc = clone_mapping(__va(__pa(stack_base[cpu])) + off, rpt);
 
     if ( !rc )
         rc = clone_mapping(idt_tables[cpu], rpt);
diff --git a/xen/include/asm-x86/mm.h b/xen/include/asm-x86/mm.h
index 7c184d51a5..a560dfa731 100644
--- a/xen/include/asm-x86/mm.h
+++ b/xen/include/asm-x86/mm.h
@@ -500,6 +500,7 @@ void memguard_unguard_range(void *p, unsigned long l);
 
 void memguard_guard_stack(void *p);
 void memguard_unguard_stack(void *p);
+bool_t __attribute_const__ memguard_is_stack_guard_page(unsigned long addr);
 
 struct mmio_ro_emulate_ctxt {
         unsigned long cr2;
--
generated by git-patchbot for /home/xen/git/xen.git#stable-4.7

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/xen-changelog

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.