[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[xen master] xen/arm64: entry: Don't jump outside of an alternative

To: xen-changelog@xxxxxxxxxxxxxxxxxxxx
From: patchbot@xxxxxxx
Date: Fri, 30 Jun 2023 14:23:53 +0000
Delivery-date: Fri, 30 Jun 2023 14:23:54 +0000
List-id: "Change log for Mercurial \(receive only\)" <xen-changelog.lists.xenproject.org>

commit ef62b34aeb6ad152d9f5a94592814ca23b2dfab0
Author:     Julien Grall <jgrall@xxxxxxxxxx>
AuthorDate: Thu Jun 29 20:55:18 2023 +0100
Commit:     Julien Grall <jgrall@xxxxxxxxxx>
CommitDate: Thu Jun 29 20:58:09 2023 +0100

    xen/arm64: entry: Don't jump outside of an alternative
    
    The instruction CBNZ can only jump to a pc-relative that is in the
    range +/- 1MB.
    
    Alternative instructions replacement are living in a separate
    subsection of the init section. This is usually placed towards
    the end of the linker. Whereas text is towards the beginning.
    
    While today Xen is quite small (~1MB), it could grow up to
    2MB in the current setup. So there is no guarantee that the
    target address in the text section will be within the range +/-
    1MB of the CBNZ in alternative section.
    
    The easiest solution is to have the target address within the
    same section of the alternative. This means that we need to
    duplicate a couple of instructions.
    
    Signed-off-by: Julien Grall <jgrall@xxxxxxxxxx>
    Reviewed-by: Michal Orzel <michal.orzel@xxxxxxx>
    
    ----
    
    I couldn't come up with a solution that would not change the number
    of instructions executed in the entry path.
---
 xen/arch/arm/arm64/entry.S | 21 ++++++++++++++++-----
 1 file changed, 16 insertions(+), 5 deletions(-)

diff --git a/xen/arch/arm/arm64/entry.S b/xen/arch/arm/arm64/entry.S
index 95f1a92684..523c6d23d9 100644
--- a/xen/arch/arm/arm64/entry.S
+++ b/xen/arch/arm/arm64/entry.S
@@ -242,13 +242,24 @@
         msr     daifclr, \iflags
         bl      enter_hypervisor_from_guest
 
+        /*
+         * CBNZ can only address an offset of +/- 1MB. This means, it is
+         * not possible to jump outside of an alternative because
+         * the .text section and .altinstr_replacement may be further
+         * apart. The easiest way is to duplicate the few instructions
+         * that need to be skipped.
+         */
         alternative_if SKIP_SYNCHRONIZE_SERROR_ENTRY_EXIT
-        cbnz    x19, 1f
-        alternative_else_nop_endif
-
-        mov     x0, sp
-        bl      do_trap_\trap
+        cbnz      x19, 1f
+        mov       x0, sp
+        bl        do_trap_\trap
 1:
+        alternative_else
+        nop
+        mov       x0, sp
+        bl        do_trap_\trap
+        alternative_endif
+
         exit    hyp=0, compat=\compat
         .endm
 
--
generated by git-patchbot for /home/xen/git/xen.git#master

Prev by Date: [xen master] xen/arm32: head: Remove 'r6' from the clobber list of create_page_tables()
Next by Date: [xen master] xen/arm64: head: Rework PRINT() to work when the string is not withing +/- 1MB
Previous by thread: [xen master] xen/arm32: head: Remove 'r6' from the clobber list of create_page_tables()
Next by thread: [xen master] xen/arm64: head: Rework PRINT() to work when the string is not withing +/- 1MB
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.