From nobody Tue Feb 10 00:22:46 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1644844652; cv=none; d=zohomail.com; s=zohoarc; b=YXiblDPRKCb1qa75uLmkxOG2eotwPmnvJW0u3XqKgvE40JgWXEZrEU88qouZ+HxDLUNvcc/tD264VtO4LmLLHGDfj2+oRqdt6YMT8QYlzaRtSpkI+h/B4og+Hes4zbTLFW6agoDW7IevFOz8aXZEilWVMnss4KKi0rdSOujFnCQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1644844652; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=o+ySRMcxtk2BhdiKfBNhtc6V41lTqq8LtD5ug244C3I=; b=Stuzz9injgDVckI7U/kpPrWy0+378Elwil9SUXdx6wLC9iOOFVCHofmEC2MTqiklIrki3FXwgTSIKUZZmBH6vuQZj4/DyduMSyakqprhKGMyGaHBt8qpdDasmlEhRC3Nt8DAYg5gNrNkUqFfixkSbpFhhZsgrfKkgzFXpZ8Dj/8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1644844652262904.0619210074842; Mon, 14 Feb 2022 05:17:32 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.271986.466780 (Exim 4.92) (envelope-from ) id 1nJbE6-0007Tw-Gp; Mon, 14 Feb 2022 13:17:10 +0000 Received: by outflank-mailman (output) from mailman id 271986.466780; Mon, 14 Feb 2022 13:17:10 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1nJbE6-0007Rq-8S; Mon, 14 Feb 2022 13:17:10 +0000 Received: by outflank-mailman (input) for mailman id 271986; Mon, 14 Feb 2022 13:17:08 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1nJb4a-0008IH-4W for xen-devel@lists.xenproject.org; Mon, 14 Feb 2022 13:07:20 +0000 Received: from esa1.hc3370-68.iphmx.com (esa1.hc3370-68.iphmx.com [216.71.145.142]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id 095611f6-8d97-11ec-8eb8-a37418f5ba1a; Mon, 14 Feb 2022 14:07:18 +0100 (CET) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 095611f6-8d97-11ec-8eb8-a37418f5ba1a DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1644844038; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=aoU1tlx3/7aKi+MsHLxvtpIMc2l5mgsFiREtPDfU0UA=; b=NknLRxWQTo0jT/I6xWYXDTnmbQ8+DINujBwbqTaJE8V75uoeeUoA4gJP Gaxe2t6ZDcoaGhlkGbhjMq9uEgr4Wb2s4oiUOzWjulfsA8e023O8nREts yGyk0zT1ERKa7rupWbsQdDVZTbumERexSZRP3IEpiGtEpkwJo1rl/pe7H o=; Authentication-Results: esa1.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: yZ/WHagyhkmgZH6D/G6afvcrch+YSiqNBZREZVVz8msHnzsKLXfI+mDHdHRoVFlkGAZ1qjZFZx zQiokczxcLCoeLkhlx3zXBgvgQD4yow7vdsgzhrPAT3up8x0y0g7qOX2vcXKzKhhMDzXY6Ga6H h7U7OQqWIx1cVA7q/g2JwgSYMFxeXUudRzkNUH4rAita1abD//RYph06KlptLlM9f0cN2o+4Vf Rwb1MD3ZYNGiSuvo+QIEjA9AEp0LM7Iqx/VGSZ7xt2ZZfkbpA4aywwKAw3Fu5yLEXObOcNE3Cv f7IlpOmPvSKjGyAIJvnKCiMD X-SBRS: 5.1 X-MesageID: 64554404 X-Ironport-Server: esa1.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.83 X-Policy: $RELAYED IronPort-Data: A9a23:Au+0GqtXFkkzplbLcH5d5PcgbufnVG9ZMUV32f8akzHdYApBsoF/q tZmKW6PO62IZmr3Lo1+b9i2pElS75PVztdlHgY6ryBmFX8X+JbJXdiXEBz9bniYRiHhoOOLz Cm8hv3odp1coqr0/0/1WlTZQP0VOZigHtIQMsadUsxKbVIiGHdJZS5LwbZj2NYy2IThWmthh PupyyHhEA79s9JLGjp8B5Kr8HuDa9yr5Vv0FnRnDRx6lAe2e0s9VfrzFonoR5fMeaFGH/bSe gr25OrRElU1XfsaIojNfr7TKiXmS1NJVOSEoiI+t6OK2nCuqsGuu0qS2TV1hUp/0l20c95NJ Npl7rWaEgx4brT1lac/WTJzIRBdGZBWweqSSZS/mZT7I0zudnLtx7NlDV0sPJ1e8eFyaY1M3 aVGcnZXNEnF3r/ohuLgIgVvrp1LwM3DFYUToHx/ixreCu4rW8vrSKTW/95Imjw3g6iiGN6AO 5dENWY3MHwsZTUIF3QzDrVugt26qVfYaRZbhE+Nh4kOtj27IAtZj+G2bYu9lsaxbdpRtlaVo CTB5WuRKjMwOcGbyDGF2mmxneKJliT+MKoCGbv9+vN0jVm7wm0IFAZQRVa9ueO+iEO1R5RYM UN8x8Y1hfFsrgrxFIC7BkDm5i7f1vIBZzZOO7YTwlqGm/rN2gvaJGIvZQxwS/gbpPZjEFTGy WS1t9/uADVutpicRnSc6qqYoFuOBMQFEYMRTXRaFFVYurEPtKl210uSFYg7TMZZm/WoQWmY/ tyckMQpa1z/Z+Yv3r7zw13IiinESnPhHl9svVW/so5IA2pEiG+Zi26AtAKzARVodt/xory9U J8swZb20Qz2JcvR/BFhuc1UdF1T296LMSfHnXlkFIQ7+jKm9haLJN4MvG4udBo0ap9fI1cFh XM/XisLuvdu0IaCN/crM+pd9ex2pUQfKTgVfq+NNYcfCnSAXASG4DtvdSatM5PFyyARfVUEE c7DK66EVC9CYYw+lWbeb7pNgNcDm3FlrUuOFM+T8vhS+efHDJJjYexeawXmgyFQxP7snTg5B P4Ba5rUm00HCrWWj+u+2dd7EG3m5EMTXfjew/G7vMbafFQO9LgJB6CDzLU/VZZimqgJxO7E8 mvkAh1TyUblhG2BIgKPMygxZLTqVJd5jHQ6IS1zYgr4hyl9Od6ivPUFap86Xbg77+g/n/R6e OYIJpebCfNVRzWZpzlENcvhrJZvfQiAjB6VO3b3eyA2epNtHlSb+tLtcgb12jMJCy676Zk3r 7G6j1uJSpsfXQVySs3Rbav3nV+2uHEcnsN0XlfJfYYPKBm9rtAyJnWo3PEtIswKJRHS/Reg1 l6bUUUCuO3Ag44p692V16qKmJikTrllFU1AEmiFsbvvbXvG/nCuyJNrWfqTeWyPT3v9/aiva LkHz/z4N/Fbzl9Gv5AlTuRuxKM6odDuu6Vb3kJvG3CSNwanDbZpI3+n28hTt/ISmu8F6FXuA k/fqMNHPbipOd/+FA9DLQUoWe2PyPUIl2SA9v8yOkj7uHd68bfvvZ++5PVQZPix9IdIDb4= IronPort-HdrOrdr: A9a23:6a/Zlao2AYSbUfE5zhv9VCgaV5opeYIsimQD101hICG8cqSj+f xG/c5rrCMc5wxwZJhNo7y90ey7MBbhHP1OkO8s1NWZLWrbUQKTRekIh+bfKn/baknDH4ZmpM BdmsNFaeEYY2IUsS+D2njbL+od X-IronPort-AV: E=Sophos;i="5.88,367,1635220800"; d="scan'208";a="64554404" From: Andrew Cooper To: Xen-devel CC: Andrew Cooper , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , Wei Liu Subject: [PATCH v2 65/70] x86/emul: Update emulation stubs to be CET-IBT compatible Date: Mon, 14 Feb 2022 12:51:22 +0000 Message-ID: <20220214125127.17985-66-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20220214125127.17985-1-andrew.cooper3@citrix.com> References: <20220214125127.17985-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @citrix.com) X-ZM-MESSAGEID: 1644844654403100001 All indirect branches need to land on an endbr64 instruction. For stub_selftests(), use endbr64 unconditionally for simplicity. For iopo= rt and instruction emulation, add endbr64 conditionally. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- CC: Jan Beulich CC: Roger Pau Monn=C3=A9 CC: Wei Liu v2: * Use local endbr64 define rather than raw opcodes in stub_selftest() v1.1: * Update to use endbr helpers --- xen/arch/x86/extable.c | 12 +++++++----- xen/arch/x86/pv/emul-priv-op.c | 7 +++++++ xen/arch/x86/x86_emulate.c | 13 +++++++++++-- 3 files changed, 25 insertions(+), 7 deletions(-) diff --git a/xen/arch/x86/extable.c b/xen/arch/x86/extable.c index 4d1875585f9d..4913c4a6dd5d 100644 --- a/xen/arch/x86/extable.c +++ b/xen/arch/x86/extable.c @@ -129,20 +129,22 @@ search_exception_table(const struct cpu_user_regs *re= gs) static int __init cf_check stub_selftest(void) { static const struct { - uint8_t opc[4]; + uint8_t opc[8]; uint64_t rax; union stub_exception_token res; } tests[] __initconst =3D { - { .opc =3D { 0x0f, 0xb9, 0xc3, 0xc3 }, /* ud1 */ +#define endbr64 0xf3, 0x0f, 0x1e, 0xfa + { .opc =3D { endbr64, 0x0f, 0xb9, 0xc3, 0xc3 }, /* ud1 */ .res.fields.trapnr =3D TRAP_invalid_op }, - { .opc =3D { 0x90, 0x02, 0x00, 0xc3 }, /* nop; add (%rax),%al */ + { .opc =3D { endbr64, 0x90, 0x02, 0x00, 0xc3 }, /* nop; add (%rax)= ,%al */ .rax =3D 0x0123456789abcdef, .res.fields.trapnr =3D TRAP_gp_fault }, - { .opc =3D { 0x02, 0x04, 0x04, 0xc3 }, /* add (%rsp,%rax),%al */ + { .opc =3D { endbr64, 0x02, 0x04, 0x04, 0xc3 }, /* add (%rsp,%rax)= ,%al */ .rax =3D 0xfedcba9876543210, .res.fields.trapnr =3D TRAP_stack_error }, - { .opc =3D { 0xcc, 0xc3, 0xc3, 0xc3 }, /* int3 */ + { .opc =3D { endbr64, 0xcc, 0xc3, 0xc3, 0xc3 }, /* int3 */ .res.fields.trapnr =3D TRAP_int3 }, +#undef endbr64 }; unsigned long addr =3D this_cpu(stubs.addr) + STUB_BUF_SIZE / 2; unsigned int i; diff --git a/xen/arch/x86/pv/emul-priv-op.c b/xen/arch/x86/pv/emul-priv-op.c index c46c072f93db..22b10dec2a6e 100644 --- a/xen/arch/x86/pv/emul-priv-op.c +++ b/xen/arch/x86/pv/emul-priv-op.c @@ -26,6 +26,7 @@ =20 #include #include +#include #include #include #include @@ -111,6 +112,12 @@ static io_emul_stub_t *io_emul_stub_setup(struct priv_= op_ctxt *ctxt, u8 opcode, =20 p =3D ctxt->io_emul_stub; =20 + if ( cpu_has_xen_ibt ) + { + place_endbr64(p); + p +=3D 4; + } + APPEND_BUFF(prologue); APPEND_CALL(load_guest_gprs); =20 diff --git a/xen/arch/x86/x86_emulate.c b/xen/arch/x86/x86_emulate.c index 60191a94dc18..720740f29b84 100644 --- a/xen/arch/x86/x86_emulate.c +++ b/xen/arch/x86/x86_emulate.c @@ -17,6 +17,7 @@ #include #include /* cpu_has_amd_erratum() */ #include +#include =20 /* Avoid namespace pollution. */ #undef cmpxchg @@ -29,11 +30,19 @@ cpu_has_amd_erratum(¤t_cpu_data, AMD_ERRATUM_##nr) =20 #define get_stub(stb) ({ \ + void *ptr; \ BUILD_BUG_ON(STUB_BUF_SIZE / 2 < MAX_INST_LEN + 1); \ ASSERT(!(stb).ptr); \ (stb).addr =3D this_cpu(stubs.addr) + STUB_BUF_SIZE / 2; \ - memset(((stb).ptr =3D map_domain_page(_mfn(this_cpu(stubs.mfn)))) + \ - ((stb).addr & ~PAGE_MASK), 0xcc, STUB_BUF_SIZE / 2); \ + (stb).ptr =3D map_domain_page(_mfn(this_cpu(stubs.mfn))) + \ + ((stb).addr & ~PAGE_MASK); \ + ptr =3D memset((stb).ptr, 0xcc, STUB_BUF_SIZE / 2); \ + if ( cpu_has_xen_ibt ) \ + { \ + place_endbr64(ptr); \ + ptr +=3D 4; \ + } \ + ptr; \ }) #define put_stub(stb) ({ \ if ( (stb).ptr ) \ --=20 2.11.0