[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH 58/65] x86/alternatives: Clear CR4.CET when clearing CR0.WP
- To: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
- From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
- Date: Fri, 26 Nov 2021 12:34:39 +0000
- Authentication-results: esa1.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none
- Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Jan Beulich <JBeulich@xxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>
- Delivery-date: Fri, 26 Nov 2021 13:07:03 +0000
- Ironport-data: A9a23:rmyK5KN7ynEs+UjvrR1okMFynXyQoLVcMsEvi/4bfWQNrUp0gmMDn TQdDT2Aaa7YazeneIgjPIW0oBsD7cTTmtQyTAto+SlhQUwRpJueD7x1DKtR0wB+jCHnZBg6h ynLQoCYdKjYdpJYz/uUGuCJQUNUjMlkfZKhTr6bUsxNbVU8En540Eg9w7RRbrNA2rBVPSvc4 bsenOWHULOV82Yc3rU8sv/rRLtH5ZweiRtA1rAMTakjUGz2zhH5OKk3N6CpR0YUd6EPdgKMq 0Qv+5nilo/R109F5tpICd8XeGVSKlLZFVDmZna7x8FOK/WNz8A/+v9TCRYSVatYow+7hN1uz I5Hj6y9Qi4MNPPmnOojdxYNRkmSPYUekFPGCX22sMjVxEzaaXr8hf5pCSnaP6VBpLwxWzsXs 6VFdnZdNXhvhMrvqF6/YsBqit4uM4/AO4QHt2s75TrYEewnUdbIRKCiCdpwgWZo2JwWRqe2i 8wxMChTdhjbaUJ0FQlQOL8flcKUl0j6bGgNwL6SjfVuuDWCpOBr65DyNPLFd9rMQt9a9m66j G/b+2XyAjkBKceSjzGC9xqEluLJ2C/2Ro8WPLm57eJxxk2ewHQJDx8bXkf9puO24nNSQPoGd RZSoHB36/Fvqgr7FbERQiFUvla+jAURRN4LGdcK5Qqk76CKyQKXOEwLG2sphMMdiOc6Qjkj1 1msltzvBCByvLD9dU9x5ot4vhvpZ3FLcDZqiTssCFJcvoK9+N1bYgfnF447SMaIYsvJ9SYcK txghAw3nP0tgMECzM1XFniX0mv39vAlouPYjzg7v15JDCslO+ZJhKTysDA3CMqsyq7CFTFtW 1BexqCjABgmV83lqcB0aLxl8EuVz/iEKibAplVkAoMs8T+gk1b6I9sPsG8jexY1bJpfEdMMX KM1kVgKjHO0FCH3BZKbnqrrU5h6pUQePYiNug/ogipmPcEqKV7vENBGbk+MxWH9+HXAYolkU ap3hf2EVC5AYYw+lWLeb75EjdcDm3BvrUuOFMuT50n2jtKjiIu9FO5t3K2mNbtisstpYWz9r r5iCid940kFDbClPHCIqdV7wJJjBSFTOK0aYvd/LoarSjeK0kl7YxMI6b9+KYFjgYpPkeLEo iO0VkNCkQKtjnzbMwSaLHtkbeq3D5p4qHs6Ow0qPEqphCd/Mdr+sv9HestlZ6Qj+cxi0eVwE 6sPdfKfD6kdUT/A4TkcM8Xw9dQwaBSxiAuSFCO5ezxjLYV4TgnE94a8LAvi/SUDFAStss46r +Hy3w/XW8NbFQ9jENzXeLSkyFbo5SoRn+d7Xk3pJNhPeRqzrNg2enKp1vJuepMCMxTOwDeex j26OxZAqLmfuZIx/fnImbuA89WjHdxhExcIBGLc97u3a3XXpzLx3Y9aXe+UVjnBT2eoqr66b OBYwvygYv0KmFFG79h1H7pxlP9s4tLuo/lRzxh+HWWNZFOuU+syLn6D1MhJl6tM2r4G5lfmB hPRooFXaeeTJcfoMF8NPw50PO2M2MYdliTW8flocl7x4zV6/ebfXEhfV/VWZPex8Feh3FsZ/ Noc
- Ironport-hdrordr: A9a23:8tL796A9HyFJHj7lHemU55DYdb4zR+YMi2TC1yhKJyC9Ffbo7v xG/c5rsyMc5wxwZJhNo7y90ey7MBbhHP1OkO4s1NWZLWrbUQKTRekIh+bfKn/baknDH4ZmpN 9dmsNFaeEYY2IUsS+D2njbL+od
- Ironport-sdr: 1c/C4dHXEf3cDxntLF1CvYAOF9ZtVrjHWTbw0UM8D///AVi5TL6nGQlUl4auXKmXn22nKIhprj TQNVx33bb5ZnM/4/Y+iuhfevxBJgHGl973nBg4eiEGcENeM5f9Vvjb367bAAtsBCE13Dg75Wzi RhBPRwzt6tYLv4HGUxQ+2RoOOLaSdB8gllcrsGlNgoCfYGiTyayhAFho+thnyPypXz2W5dnyuY m3bYeJLkpP6YfNvePLiXG9YyEtwR4j5xDu+0jJL9q7RLoflqrFRCEunv9Exo1vWdSA64Ph0m30 owsXgGIF+Fk8Xv14+K070UQd
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
This allows us to have CET active much earlier in boot.
Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
---
CC: Jan Beulich <JBeulich@xxxxxxxx>
CC: Roger Pau Monné <roger.pau@xxxxxxxxxx>
CC: Wei Liu <wl@xxxxxxx>
Still TODO: Implement alternatives in a way which doesn't depend on clearing
CR0.WP
---
xen/arch/x86/alternative.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/xen/arch/x86/alternative.c b/xen/arch/x86/alternative.c
index 436047abe021..ec24692e9595 100644
--- a/xen/arch/x86/alternative.c
+++ b/xen/arch/x86/alternative.c
@@ -333,9 +333,13 @@ static int __init cf_check nmi_apply_alternatives(
*/
if ( !(alt_done & alt_todo) )
{
- unsigned long cr0;
+ unsigned long cr0, cr4;
cr0 = read_cr0();
+ cr4 = read_cr4();
+
+ if ( cr4 & X86_CR4_CET )
+ write_cr4(cr4 & ~X86_CR4_CET);
/* Disable WP to allow patching read-only pages. */
write_cr0(cr0 & ~X86_CR0_WP);
@@ -345,6 +349,9 @@ static int __init cf_check nmi_apply_alternatives(
write_cr0(cr0);
+ if ( cr4 & X86_CR4_CET )
+ write_cr4(cr4);
+
alt_done |= alt_todo;
}
--
2.11.0
|
