Jan Beulich
2012-Jul-26 15:10 UTC
[PATCH] x86-64: drop updating of UREGS_rip when converting sysenter to #GP
This was set to zero immediately before the #GP injection code, since
SYSENTER doesn''t really have a return address.
Reported-by: Ian Campbell <Ian.Campbell@citrix.com>
Furthermore, UREGS_cs and UREGS_rip don''t need to be written a second
time, as the PUSHes above already can/do take care of putting in place
the intended values.
Signed-off-by: Jan Beulich <jbeulich@suse.com>
--- a/xen/arch/x86/x86_64/entry.S
+++ b/xen/arch/x86/x86_64/entry.S
@@ -275,15 +275,13 @@ ENTRY(sysenter_entry)
pushfq
.globl sysenter_eflags_saved
sysenter_eflags_saved:
- pushq $0
- pushq $0
+ pushq $3 /* ring 3 null cs */
+ pushq $0 /* null rip */
pushq $0
movl $TRAP_syscall,4(%rsp)
SAVE_ALL
GET_CURRENT(%rbx)
cmpb $0,VCPU_sysenter_disables_events(%rbx)
- movq $0,UREGS_rip(%rsp) /* null rip */
- movl $3,UREGS_cs(%rsp) /* ring 3 null cs */
movq VCPU_sysenter_addr(%rbx),%rax
setne %cl
leaq VCPU_trap_bounce(%rbx),%rdx
@@ -292,7 +290,6 @@ sysenter_eflags_saved:
UNLIKELY_START(z, sysenter_gpf)
movq VCPU_trap_ctxt(%rbx),%rsi
movl $TRAP_gp_fault,UREGS_entry_vector(%rsp)
- subq $2,UREGS_rip(%rsp)
movl %eax,TRAPBOUNCE_error_code(%rdx)
movq TRAP_gp_fault * TRAPINFO_sizeof + TRAPINFO_eip(%rsi),%rax
testb $4,TRAP_gp_fault * TRAPINFO_sizeof + TRAPINFO_flags(%rsi)
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
Ian Campbell
2012-Jul-26 15:30 UTC
Re: [PATCH] x86-64: drop updating of UREGS_rip when converting sysenter to #GP
On Thu, 2012-07-26 at 16:10 +0100, Jan Beulich wrote:> This was set to zero immediately before the #GP injection code, since > SYSENTER doesn''t really have a return address. > > Reported-by: Ian Campbell <Ian.Campbell@citrix.com> > > Furthermore, UREGS_cs and UREGS_rip don''t need to be written a second > time, as the PUSHes above already can/do take care of putting in place > the intended values. > > Signed-off-by: Jan Beulich <jbeulich@suse.com>I''d totally forgotten about this, but Acked-by: Ian Campbell <ian.campbell@citrix.com>> > --- a/xen/arch/x86/x86_64/entry.S > +++ b/xen/arch/x86/x86_64/entry.S > @@ -275,15 +275,13 @@ ENTRY(sysenter_entry) > pushfq > .globl sysenter_eflags_saved > sysenter_eflags_saved: > - pushq $0 > - pushq $0 > + pushq $3 /* ring 3 null cs */ > + pushq $0 /* null rip */ > pushq $0 > movl $TRAP_syscall,4(%rsp) > SAVE_ALL > GET_CURRENT(%rbx) > cmpb $0,VCPU_sysenter_disables_events(%rbx) > - movq $0,UREGS_rip(%rsp) /* null rip */ > - movl $3,UREGS_cs(%rsp) /* ring 3 null cs */ > movq VCPU_sysenter_addr(%rbx),%rax > setne %cl > leaq VCPU_trap_bounce(%rbx),%rdx > @@ -292,7 +290,6 @@ sysenter_eflags_saved: > UNLIKELY_START(z, sysenter_gpf) > movq VCPU_trap_ctxt(%rbx),%rsi > movl $TRAP_gp_fault,UREGS_entry_vector(%rsp) > - subq $2,UREGS_rip(%rsp) > movl %eax,TRAPBOUNCE_error_code(%rdx) > movq TRAP_gp_fault * TRAPINFO_sizeof + TRAPINFO_eip(%rsi),%rax > testb $4,TRAP_gp_fault * TRAPINFO_sizeof + TRAPINFO_flags(%rsi) > > >
Keir Fraser
2012-Jul-26 15:33 UTC
Re: [PATCH] x86-64: drop updating of UREGS_rip when converting sysenter to #GP
On 26/07/2012 16:10, "Jan Beulich" <JBeulich@suse.com> wrote:> This was set to zero immediately before the #GP injection code, since > SYSENTER doesn''t really have a return address. > > Reported-by: Ian Campbell <Ian.Campbell@citrix.com> > > Furthermore, UREGS_cs and UREGS_rip don''t need to be written a second > time, as the PUSHes above already can/do take care of putting in place > the intended values. > > Signed-off-by: Jan Beulich <jbeulich@suse.com>Acked-by: Keir Fraser <keir@xen.org>> --- a/xen/arch/x86/x86_64/entry.S > +++ b/xen/arch/x86/x86_64/entry.S > @@ -275,15 +275,13 @@ ENTRY(sysenter_entry) > pushfq > .globl sysenter_eflags_saved > sysenter_eflags_saved: > - pushq $0 > - pushq $0 > + pushq $3 /* ring 3 null cs */ > + pushq $0 /* null rip */ > pushq $0 > movl $TRAP_syscall,4(%rsp) > SAVE_ALL > GET_CURRENT(%rbx) > cmpb $0,VCPU_sysenter_disables_events(%rbx) > - movq $0,UREGS_rip(%rsp) /* null rip */ > - movl $3,UREGS_cs(%rsp) /* ring 3 null cs */ > movq VCPU_sysenter_addr(%rbx),%rax > setne %cl > leaq VCPU_trap_bounce(%rbx),%rdx > @@ -292,7 +290,6 @@ sysenter_eflags_saved: > UNLIKELY_START(z, sysenter_gpf) > movq VCPU_trap_ctxt(%rbx),%rsi > movl $TRAP_gp_fault,UREGS_entry_vector(%rsp) > - subq $2,UREGS_rip(%rsp) > movl %eax,TRAPBOUNCE_error_code(%rdx) > movq TRAP_gp_fault * TRAPINFO_sizeof + TRAPINFO_eip(%rsi),%rax > testb $4,TRAP_gp_fault * TRAPINFO_sizeof + TRAPINFO_flags(%rsi) > > > > _______________________________________________ > Xen-devel mailing list > Xen-devel@lists.xen.org > http://lists.xen.org/xen-devel