[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [xen master] x86: re-run exception-from-stub recovery selftests with CET-SS enabled
commit cfe3ad67127b86e1b1c06993b86422673a51b050 Author: Jan Beulich <jbeulich@xxxxxxxx> AuthorDate: Tue Feb 27 13:49:52 2024 +0100 Commit: Jan Beulich <jbeulich@xxxxxxxx> CommitDate: Tue Feb 27 13:49:52 2024 +0100 x86: re-run exception-from-stub recovery selftests with CET-SS enabled On the BSP, shadow stacks are enabled only relatively late in the booting process. They in particular aren't active yet when initcalls are run. Keep the testing there, but invoke that testing a 2nd time when shadow stacks are active, to make sure we won't regress that case after addressing XSA-451. While touching this code, switch the guard from NDEBUG to CONFIG_DEBUG, such that IS_ENABLED() can validly be used at the new call site. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Acked-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> --- xen/arch/x86/extable.c | 8 +++++--- xen/arch/x86/include/asm/setup.h | 2 ++ xen/arch/x86/setup.c | 4 ++++ 3 files changed, 11 insertions(+), 3 deletions(-) diff --git a/xen/arch/x86/extable.c b/xen/arch/x86/extable.c index fe6c5dbfc7..8415cd1fa2 100644 --- a/xen/arch/x86/extable.c +++ b/xen/arch/x86/extable.c @@ -144,10 +144,11 @@ search_exception_table(const struct cpu_user_regs *regs, unsigned long *stub_ra) return 0; } -#ifndef NDEBUG +#ifdef CONFIG_DEBUG +#include <asm/setup.h> #include <asm/traps.h> -static int __init cf_check stub_selftest(void) +int __init cf_check stub_selftest(void) { static const struct { uint8_t opc[8]; @@ -171,7 +172,8 @@ static int __init cf_check stub_selftest(void) unsigned int i; bool fail = false; - printk("Running stub recovery selftests...\n"); + printk("%s stub recovery selftests...\n", + system_state < SYS_STATE_active ? "Running" : "Re-running"); for ( i = 0; i < ARRAY_SIZE(tests); ++i ) { diff --git a/xen/arch/x86/include/asm/setup.h b/xen/arch/x86/include/asm/setup.h index 1ced1299c7..1849e60cd6 100644 --- a/xen/arch/x86/include/asm/setup.h +++ b/xen/arch/x86/include/asm/setup.h @@ -38,6 +38,8 @@ void *bootstrap_map(const module_t *mod); int remove_xen_ranges(struct rangeset *r); +int cf_check stub_selftest(void); + extern uint8_t kbd_shift_flags; #ifdef NDEBUG diff --git a/xen/arch/x86/setup.c b/xen/arch/x86/setup.c index a0d99f8324..e487591fe0 100644 --- a/xen/arch/x86/setup.c +++ b/xen/arch/x86/setup.c @@ -740,6 +740,10 @@ static void noreturn init_done(void) system_state = SYS_STATE_active; + /* Re-run stub recovery self-tests with CET-SS active. */ + if ( IS_ENABLED(CONFIG_DEBUG) && cpu_has_xen_shstk ) + stub_selftest(); + domain_unpause_by_systemcontroller(dom0); /* MUST be done prior to removing .init data. */ -- generated by git-patchbot for /home/xen/git/xen.git#master
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |