[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v2 62/70] x86/alternatives: Clear CR4.CET when clearing CR0.WP
- To: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
- From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
- Date: Mon, 14 Feb 2022 12:51:19 +0000
- Authentication-results: esa1.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none
- Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
- Delivery-date: Mon, 14 Feb 2022 13:17:09 +0000
- Ironport-data: A9a23:FD0i26leoa/36sBGXLEXd0jo5gyZIURdPkR7XQ2eYbSJt1+Wr1Gzt xJJDWiOPPrfYjT8eYslboTi90sCscPWx4UySAtk+C0wFSMWpZLJC+rCIxarNUt+DCFioGGLT Sk6QoOdRCzhZiaE/n9BClVlxJVF/fngqoDUUYYoAQgsA180IMsdoUg7wbRh2Nc02YHR7z6l4 rseneWOYDdJ5BYsWo4kw/rrRMRH5amaVJsw5zTSVNgT1LPsvyB94KE3fMldG0DQUIhMdtNWc s6YpF2PEsE1yD92Yj+tuu6TnkTn2dc+NyDW4pZdc/DKbhSvOkXee0v0XRYRQR4/ttmHozx+4 PMVjJ2tZiwiB5Hv3+A3VwZHDQZ3B7ITrdcrIVDn2SCS50jPcn+qyPRyFkAme4Yf/46bA0kXq 6ZecmpUKEne2aTmm9pXScE17ignBODtMJkSpTdLyjbBAOx9aZvCX7/L9ZlT2zJYasVmQ6qDO pZCOGAHgBLoShllY3MFAYMFwfr4wXTBTid9q2+enP9ii4TU5FMoi+W8WDbPQfSaSMMQkkuGq 2bu+2XiHgpcJNGZ0SCC8H+nmqnIhyyTZW4JPOTmrLgw2gTVnzFNTk1NPbemnRWnomjmYtNCB GcfwxYN6qwY8FO0UP70ZQLt9RZooSUgc9ZXFuQ77iSExazV/xuVCwA4c9JRVDA1nJRoHGJ3j zdli/usXGUy6+PNFRpx45/J9WvaBMQDEYMVicbopyMh6sKrnow8hwmnoj1LQP/s1Y2d9d0dL lm3QMkCa1c70JRjO0aTpwmvb9eQSn/hFFBd2+kvdjj5hj6Vnab8D2BS1XDV7OxbMKGSRUSbs X4PlqC2tb5SUc7dxHHQGLxWRtlFAspp1xWG3zZS82QJrWzxqxZPg6gMiN2BGKuZGpldImK4C KMikQhQ+IVSLBOXgVxfOOqM5zAR5fG4T7zND6mMBvIXO8QZXFLXrUlGOB/Lt0iwwRdErE3KE crCGSpaJS1BUvoPIfvfb7p17ILHMQhgmTKNFcijlUzPPHj3TCf9dIrp+WCmNogRhJ5oai2Mr I432xKix0oNXevgTDPQ9IJPf1kGIWJiXcL9qtBNd/7FKQ1jQTlzB/jUyLInWopkg6UKybuYo iDjAhdVmAjlmHnKCQSWcXQ/Ornhaoly8CAgNis2MFf2h3V6OdSz7L0SfoccdKU88LAx1uZ9S vQIIp3SAvlGRjnd1S4aaJ3x8N5reBix3FrcNCu5ejkvOZVnQlWRqNPjewLu8ggIDza26pRi8 +HxiFuDTMNaFQp4DcvQZPa+9H+LvCAQyLBoQk/FAthPY0GwooJkHDP8060sKMYWJBSdmjbDj 1SKAQ0VrPXmqpMu9IWbnriNqoqkHrcsHkdeGGWHv7+6OTODozimyI5EFu2JYSrcRCX//6D7P bdZyPT1MfsmmldWstUjT+Y3nPxmv9a/9aVHyglEHWnQawX5A7xtFXCKwM1Tu/Af3bReowa3B hqC99Qy1W9l4y85/Ir9/DYYU9k=
- Ironport-hdrordr: A9a23:Dc6u8qGNS2/7soq6pLqE6seALOsnbusQ8zAXP0AYc3Jom62j5r mTdZsgtSMc5Ax8ZJhko6HkBEDiewK7yXcW2/hzAV7KZmCP0wHEEGgh1/qH/9SJIVyYygc378 ZdmsZFZ+EYdWIK7/rH3A==
- Ironport-sdr: ko5IQb6bZCnugSJnIDF7eW4dHGG87aQ4j7t+iJ8PKixd8YXLxGStcqqRJ079tgSQbu1uCvS29m cmwCzXTcqn0BIlQ6fKCJNjAMPzVETEUYaIz0SS81HaCvT4E55eCrhZKHn95eAi7XhSIwoPIcyh DR+UWluqr0Bt9E4r+sq+WycE6ZMYUH2SnySRKW/eFfhSuEkXYw4TKl4Qp404/DPJOE4lAtNp9O EmovnB4DBZeS9BJdNLQ7YBEZR13yCi70pRJkxb0ALd3gKfZHWryp89un8+9/frkbEXXE/aPFQQ mjvCPs7YHaq64ntxY1DwCasM
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
This allows us to have CET active much earlier in boot.
Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
---
xen/arch/x86/alternative.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/xen/arch/x86/alternative.c b/xen/arch/x86/alternative.c
index 436047abe021..ec24692e9595 100644
--- a/xen/arch/x86/alternative.c
+++ b/xen/arch/x86/alternative.c
@@ -333,9 +333,13 @@ static int __init cf_check nmi_apply_alternatives(
*/
if ( !(alt_done & alt_todo) )
{
- unsigned long cr0;
+ unsigned long cr0, cr4;
cr0 = read_cr0();
+ cr4 = read_cr4();
+
+ if ( cr4 & X86_CR4_CET )
+ write_cr4(cr4 & ~X86_CR4_CET);
/* Disable WP to allow patching read-only pages. */
write_cr0(cr0 & ~X86_CR0_WP);
@@ -345,6 +349,9 @@ static int __init cf_check nmi_apply_alternatives(
write_cr0(cr0);
+ if ( cr4 & X86_CR4_CET )
+ write_cr4(cr4);
+
alt_done |= alt_todo;
}
--
2.11.0
|
