[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [xen stable-4.16] x86/kexec: Fix kexec-reboot with CET active
commit 89262602e2d0deab5be5efddd27caa2a813c49ff Author: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> AuthorDate: Mon Mar 7 20:19:18 2022 +0000 Commit: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> CommitDate: Fri Mar 25 17:06:38 2022 +0000 x86/kexec: Fix kexec-reboot with CET active The kexec_reloc() asm has an indirect jump to relocate onto the identity trampoline. While we clear CET in machine_crash_shutdown(), we fail to clear CET for the non-crash path. This in turn highlights that the same is true of resetting the CPUID masking/faulting. Move both pieces of logic from machine_crash_shutdown() to machine_kexec(), the latter being common for all kexec transitions. Adjust the condition for CET being considered active to check in CR4, which is simpler and more robust. Fixes: 311434bfc9d1 ("x86/setup: Rework MSR_S_CET handling for CET-IBT") Fixes: b60ab42db2f0 ("x86/shstk: Activate Supervisor Shadow Stacks") Fixes: 5ab9564c6fa1 ("x86/cpu: Context switch cpuid masks and faulting state in context_switch()") Reported-by: David Vrabel <dvrabel@xxxxxxxxxxxx> Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> Reviewed-by: David Vrabel <dvrabel@xxxxxxxxxxxx> (cherry picked from commit 7f5b2448bd724f5f24426b2595a9bdceb1e5a346) --- xen/arch/x86/crash.c | 10 ---------- xen/arch/x86/machine_kexec.c | 10 ++++++++++ 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/xen/arch/x86/crash.c b/xen/arch/x86/crash.c index cfc6bdab7b..05a6104378 100644 --- a/xen/arch/x86/crash.c +++ b/xen/arch/x86/crash.c @@ -197,16 +197,6 @@ void machine_crash_shutdown(void) nmi_shootdown_cpus(); - /* Reset CPUID masking and faulting to the host's default. */ - ctxt_switch_levelling(NULL); - - /* Disable CET. */ - if ( cpu_has_xen_shstk || cpu_has_xen_ibt ) - { - wrmsrl(MSR_S_CET, 0); - write_cr4(read_cr4() & ~X86_CR4_CET); - } - info = kexec_crash_save_info(); info->xen_phys_start = xen_phys_start; info->dom0_pfn_to_mfn_frame_list_list = diff --git a/xen/arch/x86/machine_kexec.c b/xen/arch/x86/machine_kexec.c index 08ec9fd43b..bc2c76c6b9 100644 --- a/xen/arch/x86/machine_kexec.c +++ b/xen/arch/x86/machine_kexec.c @@ -173,6 +173,16 @@ void machine_kexec(struct kexec_image *image) _update_gate_addr_lower(&idt_tables[i][TRAP_machine_check], &trap_nop); } + /* Reset CPUID masking and faulting to the host's default. */ + ctxt_switch_levelling(NULL); + + /* Disable CET. */ + if ( read_cr4() & X86_CR4_CET ) + { + wrmsrl(MSR_S_CET, 0); + write_cr4(read_cr4() & ~X86_CR4_CET); + } + /* Explicitly enable NMIs on this CPU. Some crashdump kernels do * not like running with NMIs disabled. */ enable_nmis(); -- generated by git-patchbot for /home/xen/git/xen.git#stable-4.16
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |