[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[xen stable-4.21] x86/kexec: Invalidate the IDT earlier in kexec_reloc()

commit 7f749b6948e373a3c7a952851b3f7cc9204adbe0
Author:     Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
AuthorDate: Tue Jun 30 14:54:38 2026 +0200
Commit:     Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Tue Jun 30 14:54:38 2026 +0200

    x86/kexec: Invalidate the IDT earlier in kexec_reloc()
    
    After switching stack, it is not safe to run any exception handlers, because
    attempts to access the cpu_info block are out-of-bounds and will generate 
wild
    accesses.
    
    Invalidating the IDT in the common path means there's no need to do so again
    in the 32bit path, so drop compat_mode_idt entirely.
    
    Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
    master commit: c3974cbf207716d87c66ee01b5f69b11fa461edb
    master date: 2026-06-23 19:15:51 +0100
---
 xen/arch/x86/x86_64/kexec_reloc.S | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/xen/arch/x86/x86_64/kexec_reloc.S 
b/xen/arch/x86/x86_64/kexec_reloc.S
index 50ba454abd..406f60bc64 100644
--- a/xen/arch/x86/x86_64/kexec_reloc.S
+++ b/xen/arch/x86/x86_64/kexec_reloc.S
@@ -36,6 +36,16 @@ FUNC(kexec_reloc, PAGE_SIZE)
 
         movq    %rcx, %rbp
 
+        /*
+         * Invalidate the IDT.  After switching off Xen's stacks, the
+         * exception handlers are unsafe to use, because there's no way to
+         * perform arithmetic on the stack pointer to find the cpu_info block.
+         */
+        push    $0
+        pushw   $0
+        lidt    (%rsp)
+        add     $10, %rsp
+
         /* Setup stack. */
         leaq    (.Lreloc_stack_base - kexec_reloc)(%rdi), %rsp
 
@@ -81,8 +91,6 @@ FUNC(kexec_reloc, PAGE_SIZE)
         ud2
 
 .L_call_32_bit:
-        /* Setup IDT. */
-        lidt    compat_mode_idt(%rip)
 
         /* Load compat GDT. */
         leaq    compat_mode_gdt(%rip), %rax
@@ -190,11 +198,6 @@ DATA_LOCAL(compat_mode_gdt, 8)
 .Lcompat_mode_gdt_end:
 END(compat_mode_gdt)
 
-DATA_LOCAL(compat_mode_idt)
-        .word 0                      /* limit */
-        .long 0                      /* base */
-END(compat_mode_idt)
-
         /*
          * 16 words of stack are more than enough.
          */
--
generated by git-patchbot for /home/xen/git/xen.git#stable-4.21

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.