When discussing the shrunk down version of the commit in question it
was said (in reply to my conditional choosing of the width):
"However, the 32bit case isn't actually interesting here. A
guest can't execute a SYSCALL instruction on/across the 4G->0 boundary
because the M2P is mapped NX up to the 4G boundary, so we can never
reach this point with %eip < 2.
Therefore, the 64bit-only form is the appropriate one to use, which
solves any question of cleverness, or potential decode stalls it
causes."
Fixes: ca6fcf4321b3 ("x86/pv: Inject #UD for missing SYSCALL callbacks")
Signed-off-by: Jan Beulich <JBeulich@suse.com>
--- a/xen/arch/x86/x86_64/entry.S
+++ b/xen/arch/x86/x86_64/entry.S
@@ -42,7 +42,7 @@ ENTRY(switch_to_kernel)
UNLIKELY_START(z, syscall_no_callback) /* TB_eip == 0 => #UD */
mov VCPU_trap_ctxt(%rbx), %rdi
movl $X86_EXC_UD, UREGS_entry_vector(%rsp)
- subl $2, UREGS_rip(%rsp)
+ subq $2, UREGS_rip(%rsp)
mov X86_EXC_UD * TRAPINFO_sizeof + TRAPINFO_eip(%rdi), %rax
testb $4, X86_EXC_UD * TRAPINFO_sizeof + TRAPINFO_flags(%rdi)
setnz %cl
On 26/01/2021 16:31, Jan Beulich wrote:
> When discussing the shrunk down version of the commit in question it
> was said (in reply to my conditional choosing of the width):
>
> "However, the 32bit case isn't actually interesting here. A
> guest can't execute a SYSCALL instruction on/across the 4G->0 boundary
> because the M2P is mapped NX up to the 4G boundary, so we can never
> reach this point with %eip < 2.
>
> Therefore, the 64bit-only form is the appropriate one to use, which
> solves any question of cleverness, or potential decode stalls it
> causes."
>
> Fixes: ca6fcf4321b3 ("x86/pv: Inject #UD for missing SYSCALL callbacks")
> Signed-off-by: Jan Beulich <JBeulich@suse.com>
Crap. I folded the fix into my wrong tree. Sorry.
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
~Andrew
© 2016 - 2024 Red Hat, Inc.