Commit a00394f8 authored by Jeremy Fitzhardinge's avatar Jeremy Fitzhardinge Committed by Ingo Molnar

x86, 64-bit: swapgs pvop with a user-stack can never be called

It's never safe to call a swapgs pvop when the user stack is current -
it must be inline replaced.  Rather than making a call, the
SWAPGS_UNSAFE_STACK pvop always just puts "swapgs" as a placeholder,
which must either be replaced inline or trap'n'emulated (somehow).
Signed-off-by: default avatarJeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com>
Cc: xen-devel <xen-devel@lists.xensource.com>
Cc: Stephen Tweedie <sct@redhat.com>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Cc: Mark McLoughlin <markmc@redhat.com>
Signed-off-by: default avatarIngo Molnar <mingo@elte.hu>
parent 66804154
...@@ -111,6 +111,7 @@ static inline unsigned long __raw_local_irq_save(void) ...@@ -111,6 +111,7 @@ static inline unsigned long __raw_local_irq_save(void)
#define DISABLE_INTERRUPTS(x) cli #define DISABLE_INTERRUPTS(x) cli
#ifdef CONFIG_X86_64 #ifdef CONFIG_X86_64
#define SWAPGS_UNSAFE_STACK swapgs
#define INTERRUPT_RETURN iretq #define INTERRUPT_RETURN iretq
#define USERGS_SYSRET64 \ #define USERGS_SYSRET64 \
swapgs; \ swapgs; \
...@@ -185,7 +186,6 @@ static inline void trace_hardirqs_fixup(void) ...@@ -185,7 +186,6 @@ static inline void trace_hardirqs_fixup(void)
* Either way, this is a good way to document that we don't * Either way, this is a good way to document that we don't
* have a reliable stack. x86_64 only. * have a reliable stack. x86_64 only.
*/ */
#define SWAPGS_UNSAFE_STACK swapgs
#define ARCH_TRACE_IRQS_ON call trace_hardirqs_on_thunk #define ARCH_TRACE_IRQS_ON call trace_hardirqs_on_thunk
#define ARCH_TRACE_IRQS_OFF call trace_hardirqs_off_thunk #define ARCH_TRACE_IRQS_OFF call trace_hardirqs_off_thunk
#define ARCH_LOCKDEP_SYS_EXIT call lockdep_sys_exit_thunk #define ARCH_LOCKDEP_SYS_EXIT call lockdep_sys_exit_thunk
......
...@@ -1522,6 +1522,16 @@ static inline unsigned long __raw_local_irq_save(void) ...@@ -1522,6 +1522,16 @@ static inline unsigned long __raw_local_irq_save(void)
#else /* !CONFIG_X86_32 */ #else /* !CONFIG_X86_32 */
/*
* If swapgs is used while the userspace stack is still current,
* there's no way to call a pvop. The PV replacement *must* be
* inlined, or the swapgs instruction must be trapped and emulated.
*/
#define SWAPGS_UNSAFE_STACK \
PARA_SITE(PARA_PATCH(pv_cpu_ops, PV_CPU_swapgs), CLBR_NONE, \
swapgs)
#define SWAPGS \ #define SWAPGS \
PARA_SITE(PARA_PATCH(pv_cpu_ops, PV_CPU_swapgs), CLBR_NONE, \ PARA_SITE(PARA_PATCH(pv_cpu_ops, PV_CPU_swapgs), CLBR_NONE, \
PV_SAVE_REGS; \ PV_SAVE_REGS; \
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment