[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 1/3] x86: record SSP at non-guest entry points

  • To: Jan Beulich <jbeulich@xxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • Date: Wed, 8 Apr 2026 17:58:38 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=/YD1H3AF3dvMsrFdCPpttKDlO7I0Femin0BjKcMJ4GE=; b=OBSjm4c7au+O8q4XVl1jsq9XNyS672fIYuBKPm0sBTi4eJa9Pjw7YHMcNI6mkgCg/yxT+JkCoT8nhLuoRMiEFlxGTs1qR2j13e7CuX6LPdwyEaamCpa9Mrxowkj3c5HU/akS46L/ArtNIPieA7V0cGNmomVamRmEkc54NMzsJXqqZsCi3gtabwuS6RJ1qocJK2PN/Ksuj4d2XGoYMQJtVRTPsGw4pM6CmOzVR0EgR2w3qVYC1QjtF6nm9uB+zNDJHe0zkiNJSTJPgYyx7DaMFlLRPOMKOKpsHphjO+C62NzcSfVKO4e5wn/jRMwknIb9HoHV/Y0FMLehbSPtkhstCg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=P7mXmrPNAXJ8EiFlIJx7sgJU+0DgA+k8f2QEMO5MO6fKh3Jk8n+zIqSrz2MdYHxhx5bqofZGWtkBa/D8Me3dgiEqg0j3hsY2e2BQh2aMN/8faE5/NpNzCX4DRD5l8WDhY980fY0JxILjUWzAstebdd043LFvx3H7JKylVbHub9vrcLiHsjD4mwrkkFzo0Muw7xnjl2ndpXRKlIvqAxKoPg43oGmrtlmZ4zMQnvVZBqPtOPIq7JS3x5C/qB8suX8hF3kj04jahMpRgipWQsR4X/R6XZavZuUxx7ETp/iOifj/1mszs1u1vdchIsS/VsdDcenwFg+WK17SM7ss2e/r/w==
  • Authentication-results: eu.smtp.expurgate.cloud; dkim=pass header.s=selector1 header.d=citrix.com header.i="@citrix.com" header.h="From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck"
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
  • Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Teddy Astie <teddy.astie@xxxxxxxxxx>
  • Delivery-date: Wed, 08 Apr 2026 16:58:56 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 08/04/2026 1:22 pm, Jan Beulich wrote:
> We will want to use that value for call trace generation, and likely
> also to eliminate the somewhat fragile shadow stack searching done in
> fixup_exception_return(). For those purposes, guest-only entry points do
> not need to record that value.
>
> To keep the saving code simple, record our own SSP that corresponds to
> an exception frame, pointing to the top of the shadow stack counterpart
> of what the CPU has saved on the regular stack. Consuming code can then
> work its way from there.
>
> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
> ---
> For PUSH_AND_CLEAR_GPRS and POP_GPRS, putting the new field right next to
> the error code isn't entirely nice; putting it ahead of %r15 would entail
> other changes, though. An option may be to not make SSP handling part of
> the macros in the first place. Thoughts?

I have a firm dislike for SAVE/RESTORE_ALL, both for their substantial
complexity/inefficiency, and mixing of unrelated tasks.

I have several series trying to purge them.  I suppose I really ought to
try and finish this off properly.

While classing SSP as a "register" is probably fine, the ssp= parameter
(and particular it's asymmetric nature) is on the wrong side of the
"complex" argument IMO.

> For POP_GPRS, does it really matter that it doesn't alter EFLAGS? 

Yes.  The SYSCALL fix for one (reviewed, but waiting on final testing
before I commit).

Then the VT-x code when swapped to use POP_GPRS.


To take a step back, you say that putting it ahead of %r15 would entail
other changes.  What changes?

The resulting asm would be far cleaner.  It would be an rdssp;push on
one side, and a pop into any register on the other side.  Furthermore,
given that the ssp= doesn't exclude storing it for some user frames,
just store it for all.  It's one push/pop into a hot cacheline, and
makes a substantial reduction in complexity.

~Andrew

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.