From nobody Sat May 23 21:11:40 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=none dis=none) header.from=vates.tech ARC-Seal: i=1; a=rsa-sha256; t=1779453273; cv=none; d=zohomail.com; s=zohoarc; b=MnWS+ej/jlRcphawVkKVWZXChlbnK60+NHwkqUxynoQ+P8V7hb9BRQT2/bevDoPNe32gkziBaNN8uDCE6WrGIl0C047IpCMyPgswj52Tx2I2dwLQ9BCR8rvpdYEex9th1ez/UoD60Eg5EFQrFojFjGElBvSX+jcozj4EQSjYNqo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1779453273; h=Content-Type:Cc:Cc:Date:Date:From:From:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=btuo1BkXt6I5InUgJFSYjZbZv6EuMecyqn5NavlpXiA=; b=J6FPjlEJDuiAb7zqcXpXkNDYtRkpJJOuN1IhRLMU39+/87baxhYGGxVb+ulfWUq2qK4Ekn8B1nx7+cchuethy67ElCj6V3FgdCZRPHLHeQq1DVkF9erwGkT68GsZ/gNHQx7ZYjtH6b3xP7Hoj8eMghoEBGiw1C326V5QIkxZwAE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1779453273092974.5263127373255; Fri, 22 May 2026 05:34:33 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.1316743.1586088 (Exim 4.92) (envelope-from ) id 1wQP4f-0007kh-Jl; Fri, 22 May 2026 12:33:57 +0000 Received: by outflank-mailman (output) from mailman id 1316743.1586088; Fri, 22 May 2026 12:33:57 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1wQP4f-0007ka-H1; Fri, 22 May 2026 12:33:57 +0000 Received: by outflank-mailman (input) for mailman id 1316743; Fri, 22 May 2026 12:33:56 +0000 Received: from mx.expurgate.net ([195.190.135.10]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1wQP4e-0007kU-4L for xen-devel@lists.xenproject.org; Fri, 22 May 2026 12:33:56 +0000 Received: from mx.expurgate.net (helo=localhost) by mx.expurgate.net with esmtp id 1wQP4d-00Eggc-GK for xen-devel@lists.xenproject.org; Fri, 22 May 2026 14:33:55 +0200 Received: from [10.42.69.5] (helo=localhost) by localhost with ESMTP (eXpurgate MTA 0.9.1) (envelope-from ) id 6a104d2b-e002-0a2a0a5209dd-0a2a4505c798-30 for ; Fri, 22 May 2026 14:33:55 +0200 Received: from [185.255.28.34] (helo=prod-mta-13.swg-srv.net) by tlsNG-c201ff.mxtls.expurgate.net with ESMTPS (eXpurgate 4.56.1) (envelope-from ) id 6a104d33-aaa8-0a2a45050019-b9ff1c2285a1-3 for ; Fri, 22 May 2026 14:33:55 +0200 Received: from mail2.vates.fr ([37.26.189.201] mail2.vates.fr) (Authenticated sender: 8631fc262581453bbf619ec5b2062170/smtp/7773de5a-2839-4720-82ee-e06722ae1d3e) by prod-mta-13.swg-srv.net (ZoneMTA - prod-mta-13) with ESMTPSA id 19e4fad80e4000f373.003 for (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384); Fri, 22 May 2026 12:33:51 +0000 Received: from localhost.localdomain (88-175-170-134.subs.proxad.net [88.175.170.134]) (Authenticated sender: teddy.astie@vates.tech) by mail2.vates.fr (Postfix) with ESMTPSA id A50EA86A08; Fri, 22 May 2026 14:33:50 +0200 (CEST) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" Authentication-Results: eu.smtp.expurgate.cloud; dkim=pass header.s=selector1 header.d=vates.tech header.i="@vates.tech" header.h="From:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Feedback-ID" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=vates.tech; q=dns/txt; s=selector1; bh=btuo1BkXt6I5InUgJFSYjZbZv6EuMecyqn5NavlpXiA=; h=from:subject:date:message-id:to:cc:mime-version:content-type:feedback-id; b=KKNYOu2UmOALUk9YtOI0fMpzIZ1VOnn0G0pZEKDWDLPv6X28RME8vrTVqVERJz750+V9kOSXC JMObwEZf6XLeHwomhxIpfGc0esy9YuTdMv6BhaM7DY033htIt334sSvQ3SCz/Wz6g7wcv0VgZMd sWHVrLG1JmVeauTUsgR2eb1sejcWAyTXl2ARxFP54rmpmngNrVlVU8fRQmpBbCzD3nNPTzK3QCV kVy4uoFtSLxFLZa+EiFvaBz8R8B5wY9pPPThy/6mkRkT3Ds5UWHbyq47D4UHc06F3ZWqoznr6Ju jujRhdXRSTmf8wRwiS6wW6UbYhu9N8IfF04PqUic94Cg== X-Zone-Loop: 3e4b4098239a8b005422ecdacfa1053111b7e158d1da x-campaign-type: default x-transaction-id: 5bbbe97f-a0ac-4f8c-a102-ca207c4937a3 x-swg-uid: 01-8c8fc81e-2762-4640-91f9-a50d47453f05 X-Mailer: Sweego Message-ID: <1779453231.8631fc262581453bbf619ec5b2062170.19e4fad80e4000f373@vates.tech> x-swg-bid: 1779453231.8631fc262581453bbf619ec5b2062170.19e4fad80e4000f373 Feedback-ID: default:8631fc262581453bbf619ec5b2062170:Sweego x-campaign-id: default x-client-id: 8631fc262581453bbf619ec5b2062170 X-Originating-IP: [37.26.189.201] From: Teddy Astie To: xen-devel@lists.xenproject.org Cc: Teddy Astie , Jan Beulich , Andrew Cooper , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= Subject: [PATCH v2] pv32: Fix bogus cr2 on fault in emulation gate Date: Fri, 22 May 2026 14:33:16 +0200 MIME-Version: 1.0 X-BM-Disclaimer: Yes Content-Type: multipart/alternative; boundary="-=Part.1242.f2a4f52407856473.19e4fad7ebe.3900a54c92a60a3f=-" X-Bm-Milter-Handled: 4ffbd6c1-ee69-4e1b-aabd-f977039bd3e2 X-Bm-Transport-Timestamp: 1779453230785 X-purgate-ID: tlsNG-c201ff/1779453235-DA374443-6CD7DCD0/0/0 X-purgate-type: clean X-purgate-size: 2150 X-ZohoMail-DKIM: pass (identity @vates.tech) X-ZM-MESSAGEID: 1779453275462154100 ---=Part.1242.f2a4f52407856473.19e4fad7ebe.3900a54c92a60a3f=- Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" __{put,get}_guest returns -EFAULT on access faults which causes the injected cr2 to be off by 14 bytes (as EFAULT is 14) which is incorrect. Fix the computation by relying on copy_{from,to}_guest_pv which reports the number of remaining bytes instead of a negative errno, such that we can compute the offset properly. Fixes: 70ad570b2799 ("x86/64: paravirt 32-on-64 call gate support") Signed-off-by: Teddy Astie Reviewed-by: Jan Beulich --- v2: * Don't add variable in push() macro * Use uint32_t type for temporary value. xen/arch/x86/pv/emul-gate-op.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/xen/arch/x86/pv/emul-gate-op.c b/xen/arch/x86/pv/emul-gate-op.c index c2c699fbff..9c229c46c4 100644 --- a/xen/arch/x86/pv/emul-gate-op.c +++ b/xen/arch/x86/pv/emul-gate-op.c @@ -286,12 +286,14 @@ void pv_emulate_gate_op(struct cpu_user_regs *regs) if ( !jump ) { unsigned int ss, esp, *stkp; + uint32_t value; int rc; #define push(item) do \ { \ + value =3D item; \ --stkp; \ esp -=3D 4; \ - rc =3D __put_guest(item, stkp); \ + rc =3D copy_to_guest_pv(stkp, &value, sizeof(value)); \ if ( rc ) \ { \ pv_inject_page_fault(PFEC_write_access, \ @@ -359,7 +361,7 @@ void pv_emulate_gate_op(struct cpu_user_regs *regs) unsigned int parm; =20 --ustkp; - rc =3D __get_guest(parm, ustkp); + rc =3D copy_from_guest_pv(&parm, ustkp, sizeof(parm)); if ( rc ) { pv_inject_page_fault(0, (unsigned long)(ustkp + 1)= - rc); --=20 2.52.0 --=20 | Vates=20 XCP-ng & Xen Orchestra - Vates solutions web: https://vates.tech ---=Part.1242.f2a4f52407856473.19e4fad7ebe.3900a54c92a60a3f=---