Re: [Xen-devel] [PATCH v3] x86: fix a crash in SPEC_CTRL_ENTRY_FROM_INTR_IST

[Zhenzhong Duan <zhenzhong.duan@xxxxxxxxxx>]

在 2018/2/14 17:58, Jan Beulich 写道:
> > > > On 14.02.18 at 10:25, <zhenzhong.duan@xxxxxxxxxx> wrote:
> > --- a/xen/include/asm-x86/spec_ctrl_asm.h
> > +++ b/xen/include/asm-x86/spec_ctrl_asm.h
> > @@ -269,28 +269,29 @@
> >    * This is logical merge of DO_OVERWRITE_RSB and DO_SPEC_CTRL_ENTRY
> >    * maybexen=1, but with conditionals rather than alternatives.
> >    */
> > -    movzbl STACK_CPUINFO_FIELD(bti_ist_info)(%r14), %eax
> > +    movzbl STACK_CPUINFO_FIELD(bti_ist_info)(%r14), %edx
> >   
> > -    testb $BTI_IST_RSB, %al
> > +    testb $BTI_IST_RSB, %dl
> >       jz .L\@_skip_rsb
> >   
> >       DO_OVERWRITE_RSB
> >   
> >   .L\@_skip_rsb:
> >   
> > -    testb $BTI_IST_WRMSR, %al
> > +    testb $BTI_IST_WRMSR, %dl
> >       jz .L\@_skip_wrmsr
> >   
> > +    mov %edx, %eax
> >       xor %edx, %edx
> >       testb $3, UREGS_cs(%rsp)
> >       setz %dl
> >       and %dl, STACK_CPUINFO_FIELD(use_shadow_spec_ctrl)(%r14)
> >   
> > -.L\@_entry_from_xen:
> >       /*
> >        * Load Xen's intended value.  SPEC_CTRL_IBRS vs 0 is encoded in the
> >        * bottom bit of bti_ist_info, via a deliberate alias with BTI_IST_IBRS.
> >        */
> > +    xor %edx, %edx
> >       mov $MSR_SPEC_CTRL, %ecx
> >       and $BTI_IST_IBRS, %eax
> >       wrmsr
> While indeed you add one less instruction, you don't shrink overall
> code size compared to v2. I also prefer v2 because of being more
> explicit about the register needing to be preserved across
> DO_OVERWRITE_RSB.
Then Ok, in fact my inital thought is to avoid unnecessory mov 
instructions around DO_OVERWRITE_RSB in the 'jmp _skip_wrmsr' case, so 
tried to remove them.
--
thanks
zduan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel