Xen project Mailing List

[Xen-devel] [PATCH] x86: guard more stack pages

To: "xen-devel" <xen-devel@xxxxxxxxxxxxxxxxxxxx>

From: "Jan Beulich" <JBeulich@xxxxxxxx>

Date: Fri, 02 Mar 2018 04:24:12 -0700

Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Delivery-date: Fri, 02 Mar 2018 11:24:17 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

There's no reason to keep the unused pages (of which there are actually two; respective commentary also gets adjusted) mapped. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> --- a/xen/arch/x86/mm.c +++ b/xen/arch/x86/mm.c @@ -5563,10 +5563,11 @@ void memguard_unguard_range(void *p, uns void memguard_guard_stack(void *p) { - BUILD_BUG_ON((PRIMARY_STACK_SIZE + PAGE_SIZE) > STACK_SIZE); - p = (void *)((unsigned long)p + STACK_SIZE - - PRIMARY_STACK_SIZE - PAGE_SIZE); - memguard_guard_range(p, PAGE_SIZE); + /* IST_MAX IST pages + at least 1 guard page + primary stack. */ + BUILD_BUG_ON((IST_MAX + 1) * PAGE_SIZE + PRIMARY_STACK_SIZE > STACK_SIZE); + + memguard_guard_range(p + IST_MAX * PAGE_SIZE, + STACK_SIZE - PRIMARY_STACK_SIZE - IST_MAX * PAGE_SIZE); } void memguard_unguard_stack(void *p) --- a/xen/arch/x86/x86_64/traps.c +++ b/xen/arch/x86/x86_64/traps.c @@ -301,8 +301,8 @@ void subarch_percpu_traps_init(void) unsigned char *stub_page; unsigned int offset; - /* IST_MAX IST pages + 1 syscall page + 1 guard page + primary stack. */ - BUILD_BUG_ON((IST_MAX + 2) * PAGE_SIZE + PRIMARY_STACK_SIZE > STACK_SIZE); + /* IST_MAX IST pages + at least 1 guard page + primary stack. */ + BUILD_BUG_ON((IST_MAX + 1) * PAGE_SIZE + PRIMARY_STACK_SIZE > STACK_SIZE); stub_page = map_domain_page(_mfn(this_cpu(stubs.mfn))); --- a/xen/include/asm-x86/current.h +++ b/xen/include/asm-x86/current.h @@ -16,9 +16,9 @@ * * 7 - Primary stack (with a struct cpu_info at the top) * 6 - Primary stack - * 5 - Optionally not preset (MEMORY_GUARD) + * 5 - Optionally not present (MEMORY_GUARD) * 4 - unused - * 3 - Syscall trampolines + * 3 - unused * 2 - MCE IST stack * 1 - NMI IST stack * 0 - Double Fault IST stack _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.