[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen master] x86/cpuid: leak OSXSAVE only when XSAVE is not clear in policy

To: xen-changelog@xxxxxxxxxxxxxxxxxxxx
From: patchbot@xxxxxxx
Date: Mon, 01 Jul 2019 02:58:16 +0000
Delivery-date: Mon, 01 Jul 2019 02:58:19 +0000
List-id: "Change log for Mercurial \(receive only\)" <xen-changelog.lists.xenproject.org>

commit 902888922e6feda2c485cc4bdeffd0d6e6c26e14
Author:     Igor Druzhinin <igor.druzhinin@xxxxxxxxxx>
AuthorDate: Thu Jun 27 20:41:54 2019 +0100
Commit:     Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
CommitDate: Fri Jun 28 13:17:53 2019 +0100

    x86/cpuid: leak OSXSAVE only when XSAVE is not clear in policy
    
    This fixes booting of old non-PV-OPS kernels which historically
    looked for OSXSAVE instead of XSAVE bit in CPUID to check whether
    XSAVE feature is enabled. If such a guest appears to be started on
    an XSAVE enabled CPU and the feature is explicitly cleared in
    policy, leaked OSXSAVE bit from Xen will lead to guest crash early in
    boot.
    
    Signed-off-by: Igor Druzhinin <igor.druzhinin@xxxxxxxxxx>
    Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
---
 xen/arch/x86/cpuid.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/xen/arch/x86/cpuid.c b/xen/arch/x86/cpuid.c
index ea9bfc51b6..ab1a48ff90 100644
--- a/xen/arch/x86/cpuid.c
+++ b/xen/arch/x86/cpuid.c
@@ -770,7 +770,8 @@ void guest_cpuid(const struct vcpu *v, uint32_t leaf,
              *    damage itself.
              *
              * - Enlightened CPUID or CPUID faulting available:
-             *    Xen can fully control what is seen here.  Guest kernels need
+             *    Xen can fully control what is seen here.  When the guest has
+             *    been configured to have XSAVE available, guest kernels need
              *    to see the leaked OSXSAVE via the enlightened path, but
              *    guest userspace and the native is given architectural
              *    behaviour.
@@ -780,7 +781,8 @@ void guest_cpuid(const struct vcpu *v, uint32_t leaf,
              */
             /* OSXSAVE clear in policy.  Fast-forward CR4 back in. */
             if ( (v->arch.pv.ctrlreg[4] & X86_CR4_OSXSAVE) ||
-                 (regs->entry_vector == TRAP_invalid_op &&
+                 (p->basic.xsave &&
+                  regs->entry_vector == TRAP_invalid_op &&
                   guest_kernel_mode(v, regs) &&
                   (read_cr4() & X86_CR4_OSXSAVE)) )
                 res->c |= cpufeat_mask(X86_FEATURE_OSXSAVE);
--
generated by git-patchbot for /home/xen/git/xen.git#master

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/xen-changelog

Prev by Date: [Xen-changelog] [xen master] xen/gnttab: Reduce code volume when using union grant_combo
Next by Date: [Xen-changelog] [xen master] x86/svm: Drop svm_vm{load, save}() helpers
Previous by thread: [Xen-changelog] [xen master] xen/gnttab: Reduce code volume when using union grant_combo
Next by thread: [Xen-changelog] [xen master] x86/svm: Drop svm_vm{load, save}() helpers
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.