By default, compilers for the x86-64 ABI can use a 128-byte zone below the stack pointer as temporary memory. Anything that interrupts the current context is supposed to respect that area, i.e. increment rsp before using the stack.
As we are using no separate stacks for interrupts (including NMIs) generated in the hypervisor as well as the inmates, we risk infrequent corruptions like reported in https://www.mail-archive.com/[email protected]/msg02195.html And we cannot adjust the stack pointer even right at the beginning of the interrupt entry point because the processor already saved the basic context for us. The best fix is to disable the red zone, just like Linux does as well. A quick scan of the code generated right now by gcc 4.8.5 for jailhouse-intel.bin only revealed on usage of the red zone by vmcs_clear, a function used during cell create and destruction. However, mileage can vary in other configurations. Signed-off-by: Jan Kiszka <[email protected]> --- hypervisor/arch/x86/Makefile | 1 + inmates/lib/x86/Makefile.lib | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/hypervisor/arch/x86/Makefile b/hypervisor/arch/x86/Makefile index 43343f4..6fce43c 100644 --- a/hypervisor/arch/x86/Makefile +++ b/hypervisor/arch/x86/Makefile @@ -13,6 +13,7 @@ # KBUILD_CFLAGS += -mcmodel=kernel -mno-sse -mno-mmx -mno-sse2 -mno-3dnow +KBUILD_CFLAGS += -mno-red-zone KBUILD_CFLAGS += $(call cc-option,-mno-avx,) KBUILD_CPPFLAGS += -m64 diff --git a/inmates/lib/x86/Makefile.lib b/inmates/lib/x86/Makefile.lib index f54259d..54bddae 100644 --- a/inmates/lib/x86/Makefile.lib +++ b/inmates/lib/x86/Makefile.lib @@ -10,7 +10,7 @@ # the COPYING file in the top-level directory. # -KBUILD_CFLAGS += -m64 +KBUILD_CFLAGS += -m64 -mno-red-zone GCOV_PROFILE := n define DECLARE_TARGETS = -- 2.10.2 -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
