Xen project Mailing List

Re: [PATCH 2/4] x86: reduce CET-SS related #ifdef-ary

From: Roger Pau Monné <roger.pau@xxxxxxxxxx>

Date: Mon, 27 Jul 2020 17:00:02 +0200

Authentication-results: esa5.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none

Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Delivery-date: Mon, 27 Jul 2020 15:00:12 +0000

Ironport-sdr: V4ujmgoOXi3dcztOsZvxoPbi352l92IsXh3e1o0vRIzcIcSFavIRh56fhekWu4K9n9S2U4y3Y8 mYpR/Fk6HqZ14vmJjFvg6Sb6CoIyNCMevSJxF7morJGqCKqMeZ9Sr/zSg+F25MEGAV9iLAwVAh Z0xwg0EfU67qe/QMcAAMXs+88Wxq559J1782ovBmOwOl0Bng1NSUy01vnscHWzkZEvlq7WvCcn ISp05G+Z7AB5y0Qlub8syfNYUQKNhd2Kqx+i58UI/99qL7lySZNwpmh1WCnsM+N/OroE6qnQWm Zrs=

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Wed, Jul 15, 2020 at 12:48:46PM +0200, Jan Beulich wrote: > Commit b586a81b7a90 ("x86/CET: Fix build following c/s 43b98e7190") had > to introduce a number of #ifdef-s to make the build work with older tool > chains. Introduce an assembler macro covering for tool chains not > knowing of CET-SS, allowing some conditionals where just SETSSBSY is the > problem to be dropped again. > > No change to generated code. > > Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Looks like an improvement overall in code clarity: Reviewed-by: Roger Pau Monné <roger.pau@xxxxxxxxxx> Can you test on clang? Just to be on the safe side, otherwise I can test it. > --- > Now that I've done this I'm not longer sure which direction is better to > follow: On one hand this introduces dead code (even if just NOPs) into > CET-SS-disabled builds. Otoh this is a step towards breaking the tool > chain version dependency of the feature. > > I've also dropped conditionals around bigger chunks of code; while I > think that's preferable, I'm open to undo those parts. > > --- a/xen/arch/x86/boot/x86_64.S > +++ b/xen/arch/x86/boot/x86_64.S > @@ -31,7 +31,6 @@ ENTRY(__high_start) > jz .L_bsp > > /* APs. Set up shadow stacks before entering C. */ > -#ifdef CONFIG_XEN_SHSTK > testl $cpufeat_mask(X86_FEATURE_XEN_SHSTK), \ > CPUINFO_FEATURE_OFFSET(X86_FEATURE_XEN_SHSTK) + > boot_cpu_data(%rip) > je .L_ap_shstk_done > @@ -55,7 +54,6 @@ ENTRY(__high_start) > mov $XEN_MINIMAL_CR4 | X86_CR4_CET, %ecx > mov %rcx, %cr4 > setssbsy > -#endif > > .L_ap_shstk_done: > call start_secondary > --- a/xen/arch/x86/setup.c > +++ b/xen/arch/x86/setup.c > @@ -668,7 +668,7 @@ static void __init noreturn reinit_bsp_s > stack_base[0] = stack; > memguard_guard_stack(stack); > > - if ( IS_ENABLED(CONFIG_XEN_SHSTK) && cpu_has_xen_shstk ) > + if ( cpu_has_xen_shstk ) > { > wrmsrl(MSR_PL0_SSP, > (unsigned long)stack + (PRIMARY_SHSTK_SLOT + 1) * PAGE_SIZE - > 8); > --- a/xen/arch/x86/x86_64/compat/entry.S > +++ b/xen/arch/x86/x86_64/compat/entry.S > @@ -198,9 +198,7 @@ ENTRY(cr4_pv32_restore) > > /* See lstar_enter for entry register state. */ > ENTRY(cstar_enter) > -#ifdef CONFIG_XEN_SHSTK > ALTERNATIVE "", "setssbsy", X86_FEATURE_XEN_SHSTK > -#endif > /* sti could live here when we don't switch page tables below. */ > CR4_PV32_RESTORE > movq 8(%rsp),%rax /* Restore %rax. */ > --- a/xen/arch/x86/x86_64/entry.S > +++ b/xen/arch/x86/x86_64/entry.S > @@ -237,9 +237,7 @@ iret_exit_to_guest: > * %ss must be saved into the space left by the trampoline. > */ > ENTRY(lstar_enter) > -#ifdef CONFIG_XEN_SHSTK > ALTERNATIVE "", "setssbsy", X86_FEATURE_XEN_SHSTK Should the setssbsy be quoted, or it doesn't matter? I'm asking because the same construction used by CLAC/STAC doesn't quote the instruction. Roger.

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.