[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[xen staging] x86/kexec: Disable FRED earlier in kexec_reloc()

To: xen-changelog@xxxxxxxxxxxxxxxxxxxx
From: patchbot@xxxxxxx
Date: Tue, 23 Jun 2026 21:44:32 +0000
Delivery-date: Tue, 23 Jun 2026 21:44:33 +0000
List-id: "Change log for Mercurial \(receive only\)" <xen-changelog.lists.xenproject.org>

commit 4665d1796736cd999a3a8d291d4fbb4da637f440
Author:     Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
AuthorDate: Tue Mar 17 19:33:09 2026 +0000
Commit:     Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
CommitDate: Tue Jun 23 19:15:51 2026 +0100

    x86/kexec: Disable FRED earlier in kexec_reloc()
    
    With FRED just as with IDT, it's unsafe to run the exception handlers after
    switching stack.
    
    To remove this unsafe window, %cr4 needs clearing earlier.  In turn, we may
    need to switch to PCID 0 earlier too in order to be able to clear CR4.PCIDE.
    
    Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
    Release-Acked-by: Oleksii Kurochko <oleksii.kurochko@xxxxxxxxx>
    ---
    CC: Jan Beulich <JBeulich@xxxxxxxx>
    CC: Roger Pau MonnÃ© <roger.pau@xxxxxxxxxx>
---
 xen/arch/x86/x86_64/kexec_reloc.S | 22 +++++++++++++++-------
 1 file changed, 15 insertions(+), 7 deletions(-)

diff --git a/xen/arch/x86/x86_64/kexec_reloc.S 
b/xen/arch/x86/x86_64/kexec_reloc.S
index 7a6dd2cbe7..81da81a827 100644
--- a/xen/arch/x86/x86_64/kexec_reloc.S
+++ b/xen/arch/x86/x86_64/kexec_reloc.S
@@ -54,6 +54,21 @@ FUNC(kexec_reloc, PAGE_SIZE)
         lidt    (%rsp)
         add     $10, %rsp
 
+        /* Move to PCID 0 if necessary, as a prerequisite to clearing 
CR4.PCIDE */
+        mov     %cr3, %rax
+        test    $0xfff, %eax
+        jz      1f
+        and     $~0xfff, %rax
+        mov     %rax, %cr3
+1:
+
+        /*
+         * Set CR4 to PAE only.  This may disable FRED, which must happen
+         * before switching off Xen's stack.
+         */
+        mov     $X86_CR4_PAE, %eax
+        mov     %rax, %cr4
+
         /*
          * Move to the identity mapped stack.
          *
@@ -86,13 +101,6 @@ FUNC(kexec_reloc, PAGE_SIZE)
         orl     $(X86_CR0_PG | X86_CR0_PE), %eax
         movq    %rax, %cr0
 
-        /*
-         * Set cr4 to a known state:
-         *  - physical address extension enabled
-         */
-        movl    $X86_CR4_PAE, %eax
-        movq    %rax, %cr4
-
         movq    %rdx, %rdi
         call    relocate_pages
 
--
generated by git-patchbot for /home/xen/git/xen.git#staging

Prev by Date: [xen staging] x86/kexec: Invalidate the IDT earlier in kexec_reloc()
Next by Date: [xen staging] x86/kexec: Check for a good per-cpu area before accessing IDTs
Previous by thread: [xen staging] x86/kexec: Invalidate the IDT earlier in kexec_reloc()
Next by thread: [xen staging] x86/kexec: Check for a good per-cpu area before accessing IDTs
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.