From nobody Mon Feb 9 19:25:35 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=fail(p=none dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1574374644; cv=none; d=zoho.com; s=zohoarc; b=S8JlZejsLpPtJFzHMGF5A4UF9imS15DYDWkRFNBceD29EGwt2/M75v3wPR9t/UomlDLqpIvbSYISpNWqx3QtHpS8wtmJMylMUvoVKZUC+0SUnFVr+qelBKDVT+U8rVYjq7uJ8LNxzr3MKRIOH7WCpeUAcZdbM3WSzV1nw1rUB0c= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1574374644; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=j03Uo5fq+Zxl48ZrxeW5drP2gm050dBHNqoc5FlA2Po=; b=XjqSk4pUJKr/8QcBEeMlzbkqVllnJoY6oJSGciqwR+ux/fheO3AlIDgimF5vl6hDCHvMmOk2uQgrtZGxmpgt5+yNt2CvHsO+XDee1nIj+NQbPWED8OCY8jWw+tfcRRGkwawAPm2gafgOHrj9cQYNPJ1Tepuonu94xmgJYy+Fi5g= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=fail; spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1574374644240192.03531211499183; Thu, 21 Nov 2019 14:17:24 -0800 (PST) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iXukB-00077t-HF; Thu, 21 Nov 2019 22:16:07 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iXukA-00077n-8A for xen-devel@lists.xenproject.org; Thu, 21 Nov 2019 22:16:06 +0000 Received: from esa6.hc3370-68.iphmx.com (unknown [216.71.155.175]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id 7f78379a-0cac-11ea-9631-bc764e2007e4; Thu, 21 Nov 2019 22:16:00 +0000 (UTC) X-Inumbo-ID: 7f78379a-0cac-11ea-9631-bc764e2007e4 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1574374560; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=ldMBmOldI2iKTh4VR9QYTnyXSQf/G+qOY76q/OFm+M4=; b=Ce6ntlZlO3REFN1D3G9RrtJI7cMKxvj+RSQTDZtxOFK9Zp6JILFB5Q9j 1MuuqoAYSxpdQsLP3WgV0yRis7nKzrs18IkM5b5Gh4//OhCNE3p5g5XwQ rDHigmuhTsol+pf1c8rhKqriyouHMQRamxOe7VGnn7ceedF8z9KJ9sOeO c=; Authentication-Results: esa6.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=andrew.cooper3@citrix.com; spf=Pass smtp.mailfrom=Andrew.Cooper3@citrix.com; spf=None smtp.helo=postmaster@mail.citrix.com Received-SPF: none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Received-SPF: None (esa6.hc3370-68.iphmx.com: no sender authenticity information available from domain of andrew.cooper3@citrix.com) identity=pra; client-ip=162.221.158.21; receiver=esa6.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="andrew.cooper3@citrix.com"; x-conformance=sidf_compatible Received-SPF: Pass (esa6.hc3370-68.iphmx.com: domain of Andrew.Cooper3@citrix.com designates 162.221.158.21 as permitted sender) identity=mailfrom; client-ip=162.221.158.21; receiver=esa6.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="Andrew.Cooper3@citrix.com"; x-conformance=sidf_compatible; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ip4:168.245.78.127 ~all" Received-SPF: None (esa6.hc3370-68.iphmx.com: no sender authenticity information available from domain of postmaster@mail.citrix.com) identity=helo; client-ip=162.221.158.21; receiver=esa6.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="postmaster@mail.citrix.com"; x-conformance=sidf_compatible IronPort-SDR: 2rhv19R0F1MUQGnxAlU1cbSUgM14deDEZJUe1VZwVkR/Utin9rpeWNdQsETvuUDv908jBguRcC em5d2oHR1roUoS3hkoeaAlDp6yEyBXx1yW3XZ9K3BSJfM0g4mmxzpb3+VhJ5T5dWztgV3SiNIg DVMug+BZhgU8+RZn+IGr+fbjG76wiYPcAoad71MH/y+3qkrjf5SFLSvQV28iPnSUllOb8wyOgM JGOkyA3SyIyDkNokVlusYcJspDqM8yj/83alobN9GFV3NJ4Cn510XVo3PGfsVzU+REztzsuicz Tr0= X-SBRS: 2.7 X-MesageID: 9097596 X-Ironport-Server: esa6.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.69,227,1571716800"; d="scan'208";a="9097596" From: Andrew Cooper To: Xen-devel Date: Thu, 21 Nov 2019 22:15:50 +0000 Message-ID: <20191121221551.1175-2-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20191121221551.1175-1-andrew.cooper3@citrix.com> References: <20191121221551.1175-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Subject: [Xen-devel] [PATCH 1/2] x86/vtx: Fix fault semantics for early task switch failures X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Juergen Gross , Kevin Tian , Jan Beulich , Wei Liu , Andrew Cooper , Jun Nakajima , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) The VT-x task switch handler adds inst_len to rip before calling hvm_task_switch(). This causes early faults to be delivered to the guest w= ith trap semantics, and break restartibility. Instead, pass the instruction length into hvm_task_switch() and write it in= to the outgoing tss only, leaving rip in its original location. For now, pass 0 on the SVM side. This highlights a separate preexisting bug which will be addressed in the following patch. While adjusting call sites, drop the unnecessary uint16_t cast. Signed-off-by: Andrew Cooper Acked-by: Jan Beulich Reviewed-by: Kevin Tian Reviewed-by: Roger Pau Monn=C3=A9 --- CC: Jan Beulich CC: Wei Liu CC: Roger Pau Monn=C3=A9 CC: Jun Nakajima CC: Kevin Tian CC: Juergen Gross --- xen/arch/x86/hvm/hvm.c | 4 ++-- xen/arch/x86/hvm/svm/svm.c | 2 +- xen/arch/x86/hvm/vmx/vmx.c | 4 ++-- xen/include/asm-x86/hvm/hvm.h | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c index 818e705fd1..7f556171bd 100644 --- a/xen/arch/x86/hvm/hvm.c +++ b/xen/arch/x86/hvm/hvm.c @@ -2913,7 +2913,7 @@ void hvm_prepare_vm86_tss(struct vcpu *v, uint32_t ba= se, uint32_t limit) =20 void hvm_task_switch( uint16_t tss_sel, enum hvm_task_switch_reason taskswitch_reason, - int32_t errcode) + int32_t errcode, unsigned int insn_len) { struct vcpu *v =3D current; struct cpu_user_regs *regs =3D guest_cpu_user_regs(); @@ -2987,7 +2987,7 @@ void hvm_task_switch( if ( taskswitch_reason =3D=3D TSW_iret ) eflags &=3D ~X86_EFLAGS_NT; =20 - tss.eip =3D regs->eip; + tss.eip =3D regs->eip + insn_len; tss.eflags =3D eflags; tss.eax =3D regs->eax; tss.ecx =3D regs->ecx; diff --git a/xen/arch/x86/hvm/svm/svm.c b/xen/arch/x86/hvm/svm/svm.c index 4eb6b0e4c7..049b800e20 100644 --- a/xen/arch/x86/hvm/svm/svm.c +++ b/xen/arch/x86/hvm/svm/svm.c @@ -2794,7 +2794,7 @@ void svm_vmexit_handler(struct cpu_user_regs *regs) */ vmcb->eventinj.bytes =3D 0; =20 - hvm_task_switch((uint16_t)vmcb->exitinfo1, reason, errcode); + hvm_task_switch(vmcb->exitinfo1, reason, errcode, 0); break; } =20 diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c index 6a5eeb5c13..6d048852c3 100644 --- a/xen/arch/x86/hvm/vmx/vmx.c +++ b/xen/arch/x86/hvm/vmx/vmx.c @@ -3956,8 +3956,8 @@ void vmx_vmexit_handler(struct cpu_user_regs *regs) __vmread(IDT_VECTORING_ERROR_CODE, &ecode); else ecode =3D -1; - regs->rip +=3D inst_len; - hvm_task_switch((uint16_t)exit_qualification, reasons[source], eco= de); + + hvm_task_switch(exit_qualification, reasons[source], ecode, inst_l= en); break; } case EXIT_REASON_CPUID: diff --git a/xen/include/asm-x86/hvm/hvm.h b/xen/include/asm-x86/hvm/hvm.h index f86af09898..4cce59bb31 100644 --- a/xen/include/asm-x86/hvm/hvm.h +++ b/xen/include/asm-x86/hvm/hvm.h @@ -297,7 +297,7 @@ void hvm_set_rdtsc_exiting(struct domain *d, bool_t ena= ble); enum hvm_task_switch_reason { TSW_jmp, TSW_iret, TSW_call_or_int }; void hvm_task_switch( uint16_t tss_sel, enum hvm_task_switch_reason taskswitch_reason, - int32_t errcode); + int32_t errcode, unsigned int insn_len); =20 enum hvm_access_type { hvm_access_insn_fetch, --=20 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel