From nobody Fri Apr 26 22:49:10 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain
 of lists.xenproject.org)
  smtp.mailfrom=xen-devel-bounces@lists.xenproject.org
ARC-Seal: i=1; a=rsa-sha256; t=1561664585; cv=none;
	d=zoho.com; s=zohoarc;
	b=Cvhl50Sg6JaExVtG8KP20hMjkEvOuE5FYGvBZOdHAu8p/TkDe4dAFtkG8YZS13rAsMefOR4v+gX25RB8QEEyr9OOxR6VNxZX36jlCEpqc89p3fE2tpUePCcs7h1dAOd5vHm/fmuEB7MF79lxLpGkmAQUD6DDW8fV+BzmqSHsKGE=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1561664585;
 h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:To:ARC-Authentication-Results;
	bh=4aVWkr2FflotyO4et/R5UywV6ruGTNb8xliGr3+JNNI=;
	b=NMwkc14M3gwrM/oWbeBJ/suHk3ce83lAlFh7ReCL5oM231ZcvXJdZh23P0Hsm7lSEIoPs4P2Ly3lzqpI2/hJOzxi0ODPWuLk1XQtedu/OuoVlFVtil+8xjMrSGC9z522yYxwhX4oluV2b1UGjJlHcTG1GeR8VyHvjz5urUTMKc4=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain
 of lists.xenproject.org)
  smtp.mailfrom=xen-devel-bounces@lists.xenproject.org
Return-Path: <xen-devel-bounces@lists.xenproject.org>
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
 by mx.zohomail.com
	with SMTPS id 1561664585399998.3163521383833;
 Thu, 27 Jun 2019 12:43:05 -0700 (PDT)
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.89)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1hgaHR-0000Cr-8n; Thu, 27 Jun 2019 19:42:01 +0000
Received: from us1-rack-dfw2.inumbo.com ([104.130.134.6])
 by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from
 <SRS0=OhEn=U2=citrix.com=igor.druzhinin@srs-us1.protection.inumbo.net>)
 id 1hgaHQ-0000Cm-7Z
 for xen-devel@lists.xenproject.org; Thu, 27 Jun 2019 19:42:00 +0000
Received: from esa5.hc3370-68.iphmx.com (unknown [216.71.155.168])
 by us1-rack-dfw2.inumbo.com (Halon) with ESMTPS
 id a0929926-9913-11e9-8980-bc764e045a96;
 Thu, 27 Jun 2019 19:41:59 +0000 (UTC)
X-Inumbo-ID: a0929926-9913-11e9-8980-bc764e045a96
Authentication-Results: esa5.hc3370-68.iphmx.com;
 dkim=none (message not signed) header.i=none;
 spf=None smtp.pra=igor.druzhinin@citrix.com;
 spf=Pass smtp.mailfrom=igor.druzhinin@citrix.com;
 spf=None smtp.helo=postmaster@mail.citrix.com
Received-SPF: none (zoho.com: 192.237.175.120 is neither permitted nor denied
 by domain of lists.xenproject.org) client-ip=192.237.175.120;
 envelope-from=xen-devel-bounces@lists.xenproject.org;
 helo=lists.xenproject.org;
Received-SPF: None (esa5.hc3370-68.iphmx.com: no sender
 authenticity information available from domain of
 igor.druzhinin@citrix.com) identity=pra;
 client-ip=162.221.158.21; receiver=esa5.hc3370-68.iphmx.com;
 envelope-from="igor.druzhinin@citrix.com";
 x-sender="igor.druzhinin@citrix.com";
 x-conformance=sidf_compatible
Received-SPF: Pass (esa5.hc3370-68.iphmx.com: domain of
 igor.druzhinin@citrix.com designates 162.221.158.21 as
 permitted sender) identity=mailfrom;
 client-ip=162.221.158.21; receiver=esa5.hc3370-68.iphmx.com;
 envelope-from="igor.druzhinin@citrix.com";
 x-sender="igor.druzhinin@citrix.com";
 x-conformance=sidf_compatible; x-record-type="v=spf1";
 x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133
 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4
 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88
 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ~all"
Received-SPF: None (esa5.hc3370-68.iphmx.com: no sender
 authenticity information available from domain of
 postmaster@mail.citrix.com) identity=helo;
 client-ip=162.221.158.21; receiver=esa5.hc3370-68.iphmx.com;
 envelope-from="igor.druzhinin@citrix.com";
 x-sender="postmaster@mail.citrix.com";
 x-conformance=sidf_compatible
IronPort-SDR: 
 swjml8zXoLNc4SnsFiM/xeeztZd7kswb7N7wSAUMUkbGJ0/S+IYnJoNrMrtsOcQV2MOSWgv3c2
 ZiBoVEQdctNOA161QgYY8Xd8sT1cZvvOkxyt3bHzy8Exutw89qD4Cs9DNjLowPEa1WHMq1bkRc
 vtUkmmgYdSR9S/xUSgU3ueWMwRYx6cQrG/RqQIySyyUxBWqFmcaukqbNEUD9QcsrAK8N+Fxn4h
 IkRmV/d9x9s+lY6IXYBQLXJnwb+yzuAZduSHbLVl+S+UQ9d8OWo/A2Avh7qFslsGepowe35C9s
 0Kw=
X-SBRS: 2.7
X-MesageID: 2342339
X-Ironport-Server: esa5.hc3370-68.iphmx.com
X-Remote-IP: 162.221.158.21
X-Policy: $RELAYED
X-IronPort-AV: E=Sophos;i="5.63,424,1557201600";
   d="scan'208";a="2342339"
From: Igor Druzhinin <igor.druzhinin@citrix.com>
To: <xen-devel@lists.xenproject.org>
Date: Thu, 27 Jun 2019 20:41:54 +0100
Message-ID: <1561664514-3666-1-git-send-email-igor.druzhinin@citrix.com>
X-Mailer: git-send-email 2.7.4
MIME-Version: 1.0
Subject: [Xen-devel] [PATCH] x86/cpuid: leak OSXSAVE only when XSAVE is not
 clear in policy
X-BeenThere: xen-devel@lists.xenproject.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: Xen developer discussion <xen-devel.lists.xenproject.org>
List-Unsubscribe: <https://lists.xenproject.org/mailman/options/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xenproject.org>
List-Help: <mailto:xen-devel-request@lists.xenproject.org?subject=help>
List-Subscribe: <https://lists.xenproject.org/mailman/listinfo/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=subscribe>
Cc: andrew.cooper3@citrix.com, Igor Druzhinin <igor.druzhinin@citrix.com>,
 wl@xen.org, jbeulich@suse.com, roger.pau@citrix.com
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Errors-To: xen-devel-bounces@lists.xenproject.org
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>

This fixes booting of old non-PV-OPS kernels which historically
looked for OSXSAVE instead of XSAVE bit in CPUID to check whether
XSAVE feature is enabled. If such a guest appears to be started on
an XSAVE enabled CPU and the feature is explicitly cleared in
policy, leaked OSXSAVE bit from Xen will lead to guest crash early in
boot.

Signed-off-by: Igor Druzhinin <igor.druzhinin@citrix.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
---
 xen/arch/x86/cpuid.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/xen/arch/x86/cpuid.c b/xen/arch/x86/cpuid.c
index ac7026f..510a038 100644
--- a/xen/arch/x86/cpuid.c
+++ b/xen/arch/x86/cpuid.c
@@ -805,7 +805,8 @@ void guest_cpuid(const struct vcpu *v, uint32_t leaf,
              *
              * - Enlightened CPUID or CPUID faulting available:
              *    Xen can fully control what is seen here.  Guest kernels =
need
-             *    to see the leaked OSXSAVE via the enlightened path, but
+             *    to see the leaked OSXSAVE via the enlightened path
+             *    (unless XSAVE is explicitly clear in policy), but
              *    guest userspace and the native is given architectural
              *    behaviour.
              *
@@ -814,7 +815,8 @@ void guest_cpuid(const struct vcpu *v, uint32_t leaf,
              */
             /* OSXSAVE clear in policy.  Fast-forward CR4 back in. */
             if ( (v->arch.pv.ctrlreg[4] & X86_CR4_OSXSAVE) ||
-                 (regs->entry_vector =3D=3D TRAP_invalid_op &&
+                 (p->basic.xsave &&
+                  regs->entry_vector =3D=3D TRAP_invalid_op &&
                   guest_kernel_mode(v, regs) &&
                   (read_cr4() & X86_CR4_OSXSAVE)) )
                 res->c |=3D cpufeat_mask(X86_FEATURE_OSXSAVE);
--=20
2.7.4


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel