From nobody Mon Apr 29 08:34:45 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1635463679; cv=none; d=zohomail.com; s=zohoarc; b=JT5szs1MPdHxmx1RSqi6U0L4WX4FPZYpdd4Xa5xTMA5OiOcQ+8PY4BbSY9LS+XVxqiypOWBhB9T+Ivg+qgTPtEhfzZE7zFeRpBoqWr7F28qUjPIUEqJJYagOzvHSKbO8tK87Yt9SwPF0SbaAoeHlpbZtVMt/zDUXwpr1PYML3+M= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1635463679; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:To; bh=2eZqh3QrawBor40IPmIlV/19/iqqARSXJxSjAh0u/W4=; b=FLDr24+BwAyNOY28LrllQJLO4ljusqZEXLlhWIO0RKI2NSihABuwsIze/IhTBjtnnQaE0MjfuJFA0d3o3ixrunaaNzi2Xq7v3AwW68eAOe1vdpIuKi+gABDucgBQb4qfOTNh3/oypSDg0LS3OU+8/Z6uQ6W8IzqRkRbcRQGWaUk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1635463679622656.5585110657831; Thu, 28 Oct 2021 16:27:59 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.218345.378727 (Exim 4.92) (envelope-from ) id 1mgEnf-00043S-6u; Thu, 28 Oct 2021 23:27:11 +0000 Received: by outflank-mailman (output) from mailman id 218345.378727; Thu, 28 Oct 2021 23:27:11 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1mgEnf-00043L-2h; Thu, 28 Oct 2021 23:27:11 +0000 Received: by outflank-mailman (input) for mailman id 218345; Thu, 28 Oct 2021 23:27:09 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1mgEnd-00043F-Ea for xen-devel@lists.xenproject.org; Thu, 28 Oct 2021 23:27:09 +0000 Received: from esa1.hc3370-68.iphmx.com (unknown [216.71.145.142]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id 6670aa09-9939-4d19-9872-2c97554643db; Thu, 28 Oct 2021 23:27:08 +0000 (UTC) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 6670aa09-9939-4d19-9872-2c97554643db DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1635463627; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=QlWcwayW5CxhvXGoPasCNax8f8rHN7qc15u+X7fUJio=; b=OwzL+rPdXmay+MqXHWJ3WwIUuqjKpEddJpa+P4SDFypX7VdLEOMmU4+B pmM1G7SxOhH0QrFOQfFcue1IVx+N9HdwfCrnoZO/o31HrsTbcIv5xD/pt ndWgBLTBt/VhmXpgVnAK7xnP/kH3UFA3MritidXajwXOxV26TRwMIPOwa o=; Authentication-Results: esa1.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: Finsqbu55MIkTc0MulkVXNihMwDdrxruU2ptGip3ug7VUhWBEm0cJsnxlHoRQK/P/7EGevjUEY 01n3FB21VX5BsHSx6JjJ+dSpxJIt7yLuh5DWVh7sXo5LgasSxCDDxTUSszXdBLBf39t/lnBT8k OOYCLRj2Q9gkiy4vQHm7lmaftuFadOG/MBciGnMeH4spEzHMEVYhpLLHGai1qYZW2HmjuUdc6V VGzP7rKtnNVD+kV4GyNAET/cXHOWfm/Z45ygxifac/Cdh2TzH5Mze0Fmvt0zk10j5vsbx9Up6T QD4650j2nPhiQae0JeodVE07 X-SBRS: 5.1 X-MesageID: 57000582 X-Ironport-Server: esa1.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.83 X-Policy: $RELAYED IronPort-Data: A9a23:sMYEC6JozSlDze2iFE+RNZIlxSXFcZb7ZxGr2PjKsXjdYENShWcOm jEfWWmAPffYZTT2eNFwYIji9E4EuZaHx9VrGwNlqX01Q3x08seUXt7xwmUcns+xwm8vaGo9s q3yv/GZdJhcokcxIn5BC5C5xZVG/fjgqoHUVaiUZUideSc+EH140Eo5y7Zi6mJVqYPR7z2l6 IuaT/L3YDdJ6xYsWo7Dw/vewP/HlK2aVAIw5jTSV9gS1LPtvyB94KYkDbOwNxPFrrx8RYZWc QphIIaRpQs19z91Yj+sfy2SnkciGtY+NiDW4pZatjTLbrGvaUXe345iXMfwZ3u7hB3Ug8Fo6 McXj6WpEwV3FaPppvYabB1HRnQW0a1uoNcrIFC6uM2XiUbHb2Ht07NlC0Re0Y8wo7gtRzsUr LpBdW5LPkvra+GemdpXTsFFgMg5IdatF4QYonx6lhnSDOo8QICFSKLPjTNd9Gpv3pgWQKaED yYfQSNJPDWHQFpJBlI4MZAQkdm2nXDvdjIN/Tp5ooJoujOOnWSdyoPFL979atGMA8JPkS6wp 33E13T0BAkAM96SwibD9Wij7sffkCW+VI8MGbmQ8v9xnEbV1mEVEAcRV1awvb++kEHWc/B1J lEQ+yEuhbMv70HtRd74NyBUu1bd4ERaAYAJVbRntkfdkcI4/jp1GEBZUi9YSM58jvYvHz50/ VGsocHuOjhw5ej9pW2myp+Yqja7OC4wJGAEZDMZQQZt3+QPsL3fnTqUEY49SP/dYsndXGiqm WjT/XdWa6A71JZTj82GEUb7byVAT3QjZjU+4RnLRSqb5wd9aZ/Ni2eAuAWDs6gowGp0SDC8U Jk4dyq2sL9m4XKlznXlrAAx8FeBvavt3Nr02gcHInXZ327xk0NPhKgJiN2EGG9nM9wfZRjia 1LJtAVa6fd7ZSXxMPMrPd/sW51yl8AM8OgJsNiOM7KihbAqLWe6ENxGPxbMjwgBbmB1ycnTx qt3ge7zVC1HWMyLPRK9RvsH0K9D+8zN7Ti7eHwP9Dz+ieD2TCfMEd8taQLSBshkvPLsiFiEq L53aprVoyizpcWjO0E7B6ZIdgtURZX6bLirw/FqmhmreVs4ST54Ua+BndvMueVNxsxoqwsBx VnlMmcw9bY1rSevxdyiZi8xZbXxc4x4qH5nbyUgMUzxgyooYJq17bdZfJwyJOF1+OtmxP9yb v8EZ8TfXagfFmWZo2wQPcvnsYhvVBW3ngbSbSCrVycyIsx7TAvT9966Iga2rHsSDjC6vNcVq qG70l+JWoIKQglvVZ6EaP+mw16rk2IaneZ+AxnBLtVJIR2++4l2MS3hyPQwJphUexnEwzKb0 SeQAAsZ+raR89NkroGRiPnd/YmzEuZ4Ek5LJEXh7O67ZXvA426u4Y5cS+LULzrTY3z5pfe5b uJPwvCibPBexARWs5BxGqpAxL4l44e9vKdTywlpESmZb1mvDb88cHCK0dMW6/9Iz75d/wC3R liO6p9RPrDQYJHpF1sYJQwEaOWf1K5LxmmOvKpteEiqtjVq+LenUFlJO0jegSNQG7J5LYc5z Lpzo8UR8QG+1kInP9vuYvq4LIhQwqjsi5kai6w= IronPort-HdrOrdr: A9a23:/aOxAK97VcxScLwVWLZuk+DUI+orL9Y04lQ7vn2YSXRuHPBw8P re+8jztCWE7Ar5N0tBpTntAsW9qBDnhPtICOsqTNSftWDd0QPCRuxfBOPZslvd8kbFl9K1u5 0OT0EHMqyTMWRH X-IronPort-AV: E=Sophos;i="5.87,191,1631592000"; d="scan'208";a="57000582" From: Andrew Cooper To: Xen-devel CC: Andrew Cooper , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , Wei Liu , Ian Jackson Subject: [PATCH] x86/kexec: Fix crash on transition to a 32bit kernel on AMD hardware Date: Fri, 29 Oct 2021 00:26:58 +0100 Message-ID: <20211028232658.20637-1-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @citrix.com) X-ZM-MESSAGEID: 1635463681366100001 The `ljmp *mem` instruction is (famously?) not binary compatible between In= tel and AMD CPUS. The AMD-compatible version would require .long to be .quad in the second hunk. Switch to using lretq, which is compatible between Intel and AMD, as well as being less logic overall. Fixes: 5a82d5cf352d ("kexec: extend hypercall with improved load/unload ops= ") Signed-off-by: Andrew Cooper --- CC: Jan Beulich CC: Roger Pau Monn=C3=A9 CC: Wei Liu CC: Ian Jackson For 4.16. This is a bugfix for rare (so rare it has probably never been exercised) but plain-broken usecase. One argument against taking it says that this has been broken for 8 years already, so what's a few extra weeks. Another is that this patch is only compile tested because I don't have a suitable setup to repro, nor the time= to try organising one. On the other hand, I specifically used the point of binary incompatibility = to persuade Intel to drop Call Gates out of the architecture in the forthcoming FRED spec. The lretq pattern used here matches x86_32_switch() in xen/arch/x86/boot/head.S, and this codepath is executed on every MB2+EFI xen.gz boot, which from XenServer alone is a very wide set of testing. --- xen/arch/x86/x86_64/kexec_reloc.S | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/xen/arch/x86/x86_64/kexec_reloc.S b/xen/arch/x86/x86_64/kexec_= reloc.S index d488d127cfb9..a93f92b19248 100644 --- a/xen/arch/x86/x86_64/kexec_reloc.S +++ b/xen/arch/x86/x86_64/kexec_reloc.S @@ -86,12 +86,11 @@ call_32_bit: movq %rax, (compat_mode_gdt_desc + 2)(%rip) lgdt compat_mode_gdt_desc(%rip) =20 - /* Relocate compatibility mode entry point address. */ - leal compatibility_mode(%rip), %eax - movl %eax, compatibility_mode_far(%rip) - /* Enter compatibility mode. */ - ljmp *compatibility_mode_far(%rip) + lea compatibility_mode(%rip), %rax + push $0x10 + push %rax + lretq =20 relocate_pages: /* %rdi - indirection page maddr */ @@ -171,10 +170,6 @@ compatibility_mode: ud2 =20 .align 4 -compatibility_mode_far: - .long 0x00000000 /* set in call_32_bit above */ - .word 0x0010 - compat_mode_gdt_desc: .word .Lcompat_mode_gdt_end - compat_mode_gdt -1 .quad 0x0000000000000000 /* set in call_32_bit above */ --=20 2.11.0