Xen project Mailing List

[PATCH 59/65] x86/traps: Rework write_stub_trampoline() to not hardcode the jmp

To: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>

From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Date: Fri, 26 Nov 2021 12:34:40 +0000

Authentication-results: esa4.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none

Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Jan Beulich <JBeulich@xxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>

Delivery-date: Fri, 26 Nov 2021 13:07:25 +0000

Ironport-data: A9a23:GBM0VKLfPwP3pyKFFE+RHJIlxSXFcZb7ZxGr2PjKsXjdYENS0jEFm jZKUTzSPvyLamD8L9F/bozg8B8D6p/cz4NhHARlqX01Q3x08seUXt7xwmUcns+xwm8vaGo9s q3yv/GZdJhcokcxIn5BC5C5xZVG/fjgqoHUVaiUZUideSc+EH140Es5xbZj6mJVqYPR7z2l6 IuaT/L3YDdJ6xYsWo7Dw/vewP/HlK2aVAIw5jTSV9gS1LPtvyB94KYkDbOwNxPFrrx8RYZWc QphIIaRpQs19z91Yj+sfy2SnkciGtY+NiDW4pZatjTLbrGvaUXe345iXMfwZ3u7hB3Ygfpvk 8d29qWLchhyZqvTvck0SglhRnQW0a1uoNcrIFC6uM2XiUbHb2Ht07NlC0Re0Y8wo7gtRzsUr LpBdW5LPkvra+GemdpXTsFFgMg5IdatF4QYonx6lhnSDOo8QICFSKLPjTNd9Glo2JETR6aCD yYfQWA0ZSbEOwxgAFNUNdFuhuT3gmjmazIN/Tp5ooJoujOOnWSdyoPFL979atGMA8JPkS6wh EjL4mD4CREyL8GExHyO9XfErv/Cm2b3VZwfEJW89+V2mxuDy2oLEhoUWFCn5/6jhSaDt8l3c hJOvHB09O5rqRLtHoKVswCETGCs7wA2RYFCKK4D0zqSkfLS/CO0L3EUd2sUADA5j/MeSTsv3 16PutrmAz1zrbGYIU6gGqeoQSCaYnZMczJbDcMQZU5cuoS4/tlv5v7aZo87SPbdszHjJd3nL 9lmRgAajq5bs8ME3r7TEbvv02P1/cihouLYC2zqsoOZAuFRONHNi2+AswGzARN8wGCxFQLpU J8swZX20Qz2JcvR/BFhuc1UdF1T296LMSfHnXlkFIQ7+jKm9haLJN4Lv2EgeRg4bphYIlcFh XM/XysKv/e/21PwMMdKj3+ZUZx2ncAM6/y5PhwrUja+SscoL1LWlM2fTUWRw3rsgCARfVIXY v+mnTKXJS9CU8xPlWPuL89EiOND7n1ulAv7GMGgpzz6gOX2WZJgYepcWLd4Rrtit/3sTcS82 4s3CvZmPD0DCrCjOXeOrtZIRb3IRFBiba3LRwVsXrbrCmJb9KsJUpc9GJstJN5ombp7jODN8 i3vU0NU0gOn13bGNR+LejZob7a2BcRzqncyPCoNO1e02id8PdbzvflHL5ZnL6M68OFDzOJvS 6VXccu3HfkSGC/M/C4QbMehodU6Jgirnw+HIwGsfCM7I8x7XwXM99K9Jlnv+SACAzCZr8w7p 7H8hArXTYBaH1ZpDdrMaeLpxFS05CBPlOV3VkrOA99SZESzr9Q6d32v1qc6epheJw/Cyz2W0 xetLS0Z/eSd8ZUo9NTphLyfq9v7GeVJAUcHTXLQ6qy7NHeG8zP7k5NASuuBYRvUSHjwpPe5f exQwvzxbK8HkVJNv9YuGrpn1/tjtd7mprscxQV4BnTbKV+sD+o4cHWB2MBOsIxLx6NY5lTqC h7epIECNOXbIt7hHX4QOBEhP7aK2vwjkzXP6eg4fRfh7yht8bvbCUhfMnFgUsCGwGeZ5G/9/ dochQ==

Ironport-hdrordr: A9a23:DATMja9wuWdEpyQ097Juk+DLI+orL9Y04lQ7vn2ZKCYlEfBw+P rFoB1273LJYVUqOE3I++rvBEDoexq1nqKdh7N8AV7IZmjbUQWTQ72LKeDZsljd8+qUzJ8+6Z td

Ironport-sdr: oQYG/ml5g7RQdhWOqKM8ehXsmYO6tNQXLbV0T35CpvWN8fP4ijOePptef0de3U+4Fvw7E6Afgf fGJNLtDuXjRhHEIiLhWHLXHquZyiYbxWupRdqcXA1PNRxLfFao420lWf90R7S/IDcrqtUM3eid 8c7JO4wYJy7LPHlNpjOfycW6PPCRspcv44CbZHZ/xam0uMCK2pemo2S0au7zgE8R3nyFLZntjU Zk9uNwcqpLNPxXQWwEGzO5nqhReeb0pvgiPIffjwbplAmVaBhHRNkzOe5UBOOVDJedORv00E3r lX3Qfv1Gy3wLpa7LfylUBek1

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

For CET-IBT, we will need to optionally insert an endbr64 instruction at the start of the stub. Don't hardcode the jmp displacement assuming that it starts at byte 24 of the stub. Also add extra comments describing what is going on. The mix of %rax and %rsp is far from trivial to follow. Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> --- CC: Jan Beulich <JBeulich@xxxxxxxx> CC: Roger Pau Monné <roger.pau@xxxxxxxxxx> CC: Wei Liu <wl@xxxxxxx> --- xen/arch/x86/x86_64/traps.c | 36 ++++++++++++++++++++++-------------- 1 file changed, 22 insertions(+), 14 deletions(-) diff --git a/xen/arch/x86/x86_64/traps.c b/xen/arch/x86/x86_64/traps.c index d661d7ffcaaf..6f3c65bedc7a 100644 --- a/xen/arch/x86/x86_64/traps.c +++ b/xen/arch/x86/x86_64/traps.c @@ -293,30 +293,38 @@ static unsigned int write_stub_trampoline( unsigned char *stub, unsigned long stub_va, unsigned long stack_bottom, unsigned long target_va) { + unsigned char *p = stub; + + /* Store guest %rax into %ss slot */ /* movabsq %rax, stack_bottom - 8 */ - stub[0] = 0x48; - stub[1] = 0xa3; - *(uint64_t *)&stub[2] = stack_bottom - 8; + *p++ = 0x48; + *p++ = 0xa3; + *(uint64_t *)p = stack_bottom - 8; + p += 8; + /* Store guest %rsp in %rax */ /* movq %rsp, %rax */ - stub[10] = 0x48; - stub[11] = 0x89; - stub[12] = 0xe0; + *p++ = 0x48; + *p++ = 0x89; + *p++ = 0xe0; + /* Switch to Xen stack */ /* movabsq $stack_bottom - 8, %rsp */ - stub[13] = 0x48; - stub[14] = 0xbc; - *(uint64_t *)&stub[15] = stack_bottom - 8; + *p++ = 0x48; + *p++ = 0xbc; + *(uint64_t *)p = stack_bottom - 8; + p += 8; + /* Store guest %rsp into %rsp slot */ /* pushq %rax */ - stub[23] = 0x50; + *p++ = 0x50; /* jmp target_va */ - stub[24] = 0xe9; - *(int32_t *)&stub[25] = target_va - (stub_va + 29); + *p++ = 0xe9; + *(int32_t *)p = target_va - (stub_va + (p - stub) + 4); + p += 4; - /* Round up to a multiple of 16 bytes. */ - return 32; + return p - stub; } DEFINE_PER_CPU(struct stubs, stubs); -- 2.11.0

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.