[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [xen staging] x86/emul: Update emulation stubs to be CET-IBT compatible
commit 0d101568d29e8b4bfd33f20031fedec2652aa0cf Author: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> AuthorDate: Mon Nov 1 10:09:59 2021 +0000 Commit: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> CommitDate: Wed Feb 23 15:33:43 2022 +0000 x86/emul: Update emulation stubs to be CET-IBT compatible All indirect branches need to land on an endbr64 instruction. For stub_selftests(), use endbr64 unconditionally for simplicity. For ioport and instruction emulation, add endbr64 conditionally. Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx> --- xen/arch/x86/extable.c | 12 +++++++----- xen/arch/x86/pv/emul-priv-op.c | 7 +++++++ xen/arch/x86/x86_emulate.c | 13 +++++++++++-- 3 files changed, 25 insertions(+), 7 deletions(-) diff --git a/xen/arch/x86/extable.c b/xen/arch/x86/extable.c index 4d1875585f..4913c4a6dd 100644 --- a/xen/arch/x86/extable.c +++ b/xen/arch/x86/extable.c @@ -129,20 +129,22 @@ search_exception_table(const struct cpu_user_regs *regs) static int __init cf_check stub_selftest(void) { static const struct { - uint8_t opc[4]; + uint8_t opc[8]; uint64_t rax; union stub_exception_token res; } tests[] __initconst = { - { .opc = { 0x0f, 0xb9, 0xc3, 0xc3 }, /* ud1 */ +#define endbr64 0xf3, 0x0f, 0x1e, 0xfa + { .opc = { endbr64, 0x0f, 0xb9, 0xc3, 0xc3 }, /* ud1 */ .res.fields.trapnr = TRAP_invalid_op }, - { .opc = { 0x90, 0x02, 0x00, 0xc3 }, /* nop; add (%rax),%al */ + { .opc = { endbr64, 0x90, 0x02, 0x00, 0xc3 }, /* nop; add (%rax),%al */ .rax = 0x0123456789abcdef, .res.fields.trapnr = TRAP_gp_fault }, - { .opc = { 0x02, 0x04, 0x04, 0xc3 }, /* add (%rsp,%rax),%al */ + { .opc = { endbr64, 0x02, 0x04, 0x04, 0xc3 }, /* add (%rsp,%rax),%al */ .rax = 0xfedcba9876543210, .res.fields.trapnr = TRAP_stack_error }, - { .opc = { 0xcc, 0xc3, 0xc3, 0xc3 }, /* int3 */ + { .opc = { endbr64, 0xcc, 0xc3, 0xc3, 0xc3 }, /* int3 */ .res.fields.trapnr = TRAP_int3 }, +#undef endbr64 }; unsigned long addr = this_cpu(stubs.addr) + STUB_BUF_SIZE / 2; unsigned int i; diff --git a/xen/arch/x86/pv/emul-priv-op.c b/xen/arch/x86/pv/emul-priv-op.c index c46c072f93..22b10dec2a 100644 --- a/xen/arch/x86/pv/emul-priv-op.c +++ b/xen/arch/x86/pv/emul-priv-op.c @@ -26,6 +26,7 @@ #include <asm/amd.h> #include <asm/debugreg.h> +#include <asm/endbr.h> #include <asm/hpet.h> #include <asm/hypercall.h> #include <asm/mc146818rtc.h> @@ -111,6 +112,12 @@ static io_emul_stub_t *io_emul_stub_setup(struct priv_op_ctxt *ctxt, u8 opcode, p = ctxt->io_emul_stub; + if ( cpu_has_xen_ibt ) + { + place_endbr64(p); + p += 4; + } + APPEND_BUFF(prologue); APPEND_CALL(load_guest_gprs); diff --git a/xen/arch/x86/x86_emulate.c b/xen/arch/x86/x86_emulate.c index 60191a94dc..720740f29b 100644 --- a/xen/arch/x86/x86_emulate.c +++ b/xen/arch/x86/x86_emulate.c @@ -17,6 +17,7 @@ #include <asm/xstate.h> #include <asm/amd.h> /* cpu_has_amd_erratum() */ #include <asm/debugreg.h> +#include <asm/endbr.h> /* Avoid namespace pollution. */ #undef cmpxchg @@ -29,11 +30,19 @@ cpu_has_amd_erratum(¤t_cpu_data, AMD_ERRATUM_##nr) #define get_stub(stb) ({ \ + void *ptr; \ BUILD_BUG_ON(STUB_BUF_SIZE / 2 < MAX_INST_LEN + 1); \ ASSERT(!(stb).ptr); \ (stb).addr = this_cpu(stubs.addr) + STUB_BUF_SIZE / 2; \ - memset(((stb).ptr = map_domain_page(_mfn(this_cpu(stubs.mfn)))) + \ - ((stb).addr & ~PAGE_MASK), 0xcc, STUB_BUF_SIZE / 2); \ + (stb).ptr = map_domain_page(_mfn(this_cpu(stubs.mfn))) + \ + ((stb).addr & ~PAGE_MASK); \ + ptr = memset((stb).ptr, 0xcc, STUB_BUF_SIZE / 2); \ + if ( cpu_has_xen_ibt ) \ + { \ + place_endbr64(ptr); \ + ptr += 4; \ + } \ + ptr; \ }) #define put_stub(stb) ({ \ if ( (stb).ptr ) \ -- generated by git-patchbot for /home/xen/git/xen.git#staging
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |