|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH v3 4/9] Clear AC bit in RFLAGS to protect Xen itself by SMAP
Clear AC bit in RFLAGS at the beginning of exception, interrupt, hypercall,
so Xen itself can be protected by SMAP mechanism.
Signed-off-by: Feng Wu <feng.wu@xxxxxxxxx>
---
xen/arch/x86/x86_64/compat/entry.S | 1 +
xen/arch/x86/x86_64/entry.S | 8 ++++++++
xen/arch/x86/x86_64/traps.c | 4 ++--
3 files changed, 11 insertions(+), 2 deletions(-)
diff --git a/xen/arch/x86/x86_64/compat/entry.S
b/xen/arch/x86/x86_64/compat/entry.S
index 32b3bcc..ac594c9 100644
--- a/xen/arch/x86/x86_64/compat/entry.S
+++ b/xen/arch/x86/x86_64/compat/entry.S
@@ -13,6 +13,7 @@
#include <irq_vectors.h>
ENTRY(compat_hypercall)
+ ASM_CLAC
pushq $0
SAVE_VOLATILE type=TRAP_syscall compat=1
diff --git a/xen/arch/x86/x86_64/entry.S b/xen/arch/x86/x86_64/entry.S
index 1c81852..5f46803 100644
--- a/xen/arch/x86/x86_64/entry.S
+++ b/xen/arch/x86/x86_64/entry.S
@@ -273,6 +273,7 @@ ENTRY(sysenter_entry)
pushq $0
pushfq
GLOBAL(sysenter_eflags_saved)
+ ASM_CLAC
pushq $3 /* ring 3 null cs */
pushq $0 /* null rip */
pushq $0
@@ -309,6 +310,7 @@ UNLIKELY_END(sysenter_gpf)
jmp .Lbounce_exception
ENTRY(int80_direct_trap)
+ ASM_CLAC
pushq $0
SAVE_VOLATILE 0x80
@@ -466,6 +468,7 @@ ENTRY(dom_crash_sync_extable)
jmp asm_domain_crash_synchronous /* Does not return */
ENTRY(common_interrupt)
+ ASM_CLAC
SAVE_ALL
movq %rsp,%rdi
callq do_IRQ
@@ -485,6 +488,7 @@ ENTRY(page_fault)
movl $TRAP_page_fault,4(%rsp)
/* No special register assumptions. */
GLOBAL(handle_exception)
+ ASM_CLAC
SAVE_ALL
handle_exception_saved:
testb $X86_EFLAGS_IF>>8,UREGS_eflags+1(%rsp)
@@ -613,6 +617,7 @@ ENTRY(spurious_interrupt_bug)
jmp handle_exception
ENTRY(double_fault)
+ ASM_CLAC
movl $TRAP_double_fault,4(%rsp)
SAVE_ALL
movq %rsp,%rdi
@@ -628,6 +633,7 @@ ENTRY(early_page_fault)
.popsection
ENTRY(nmi)
+ ASM_CLAC
pushq $0
movl $TRAP_nmi,4(%rsp)
handle_ist_exception:
@@ -665,6 +671,7 @@ handle_ist_exception:
jmp compat_restore_all_guest
ENTRY(nmi_crash)
+ ASM_CLAC
pushq $0
movl $TRAP_nmi,4(%rsp)
SAVE_ALL
@@ -673,6 +680,7 @@ ENTRY(nmi_crash)
ud2
ENTRY(machine_check)
+ ASM_CLAC
pushq $0
movl $TRAP_machine_check,4(%rsp)
jmp handle_ist_exception
diff --git a/xen/arch/x86/x86_64/traps.c b/xen/arch/x86/x86_64/traps.c
index 90072c1..466b2f2 100644
--- a/xen/arch/x86/x86_64/traps.c
+++ b/xen/arch/x86/x86_64/traps.c
@@ -437,8 +437,8 @@ void __devinit subarch_percpu_traps_init(void)
/* Common SYSCALL parameters. */
wrmsr(MSR_STAR, 0, (FLAT_RING3_CS32<<16) | __HYPERVISOR_CS);
wrmsr(MSR_SYSCALL_MASK,
- X86_EFLAGS_VM|X86_EFLAGS_RF|X86_EFLAGS_NT|
- X86_EFLAGS_DF|X86_EFLAGS_IF|X86_EFLAGS_TF,
+ X86_EFLAGS_VM|X86_EFLAGS_RF|X86_EFLAGS_NT|X86_EFLAGS_DF|
+ X86_EFLAGS_IF|X86_EFLAGS_TF|X86_EFLAGS_AC,
0U);
}
--
1.8.3.1
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |