[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[xen master] x86/kexec: Invalidate the IDT earlier in kexec_reloc()

commit c3974cbf207716d87c66ee01b5f69b11fa461edb
Author:     Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
AuthorDate: Mon Mar 16 14:26:09 2026 +0000
Commit:     Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
CommitDate: Tue Jun 23 19:15:51 2026 +0100

    x86/kexec: Invalidate the IDT earlier in kexec_reloc()
    
    After switching stack, it is not safe to run any exception handlers, because
    attempts to access the cpu_info block are out-of-bounds and will generate 
wild
    accesses.
    
    Invalidating the IDT in the common path means there's no need to do so again
    in the 32bit path, so drop compat_mode_idt entirely.
    
    Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
    Release-Acked-by: Oleksii Kurochko <oleksii.kurochko@xxxxxxxxx>
---
 xen/arch/x86/x86_64/kexec_reloc.S | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/xen/arch/x86/x86_64/kexec_reloc.S 
b/xen/arch/x86/x86_64/kexec_reloc.S
index d0951ea1e1..7a6dd2cbe7 100644
--- a/xen/arch/x86/x86_64/kexec_reloc.S
+++ b/xen/arch/x86/x86_64/kexec_reloc.S
@@ -44,6 +44,16 @@ FUNC(kexec_reloc, PAGE_SIZE)
 
         movq    %rcx, %rbp
 
+        /*
+         * Invalidate the IDT.  After switching off Xen's stacks, the
+         * exception handlers are unsafe to use, because there's no way to
+         * perform arithmetic on the stack pointer to find the cpu_info block.
+         */
+        push    $0
+        pushw   $0
+        lidt    (%rsp)
+        add     $10, %rsp
+
         /*
          * Move to the identity mapped stack.
          *
@@ -94,8 +104,6 @@ FUNC(kexec_reloc, PAGE_SIZE)
         jmp     *%rbp
 
 .L_call_32_bit:
-        /* Setup IDT. */
-        lidt    compat_mode_idt(%rip)
 
         /* Load compat GDT. */
         leaq    compat_mode_gdt(%rip), %rax
@@ -202,11 +210,6 @@ DATA_LOCAL(compat_mode_gdt, 8)
 .Lcompat_mode_gdt_end:
 END(compat_mode_gdt)
 
-DATA_LOCAL(compat_mode_idt)
-        .word 0                      /* limit */
-        .long 0                      /* base */
-END(compat_mode_idt)
-
         /*
          * 16 words of stack are more than enough.
          */
--
generated by git-patchbot for /home/xen/git/xen.git#master

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.