On 27.05.2020 21:18, Andrew Cooper wrote: > See code for details > > Signed-off-by: Andrew Cooper <andrew.coop...@citrix.com> > --- > CC: Jan Beulich <jbeul...@suse.com> > CC: Wei Liu <w...@xen.org> > CC: Roger Pau Monné <roger....@citrix.com> > > Semi-RFC - I can't actually test this path. Currently attempting to arrange > for someone else to.
Nevertheless Reviewed-by: Jan Beulich <jbeul...@suse.com> with one question, just for my understanding: > @@ -48,6 +58,51 @@ ENTRY(s3_resume) > pushq %rax > lretq > 1: > +#ifdef CONFIG_XEN_SHSTK > + /* > + * Restoring SSP is a little complicated, because we are intercepting > + * an in-use shadow stack. Write a temporary token under the stack, > + * so SETSSBSY will successfully load a value useful for us, then > + * reset MSR_PL0_SSP to its usual value and pop the temporary token. > + */ > + mov saved_rsp(%rip), %rdi > + cmpq $1, %rdi > + je .L_shstk_done > + > + /* Set up MSR_S_CET. */ > + mov $MSR_S_CET, %ecx > + xor %edx, %edx > + mov $CET_SHSTK_EN | CET_WRSS_EN, %eax > + wrmsr > + > + /* Construct the temporary supervisor token under SSP. */ > + sub $8, %rdi > + > + /* Load it into MSR_PL0_SSP. */ > + mov $MSR_PL0_SSP, %ecx > + mov %rdi, %rdx > + shr $32, %rdx > + mov %edi, %eax > + wrmsr > + > + /* Enable CET. MSR_INTERRUPT_SSP_TABLE is set up later in > load_system_tables(). */ > + mov $XEN_MINIMAL_CR4 | X86_CR4_CET, %ebx > + mov %rbx, %cr4 Does this imply NMI or #MC are fatal between here and there? Jan
