On 29/05/2020 13:52, Jan Beulich wrote: > On 27.05.2020 21:18, Andrew Cooper wrote: >> See code for details >> >> Signed-off-by: Andrew Cooper <andrew.coop...@citrix.com> >> --- >> CC: Jan Beulich <jbeul...@suse.com> >> CC: Wei Liu <w...@xen.org> >> CC: Roger Pau Monné <roger....@citrix.com> >> >> Semi-RFC - I can't actually test this path. Currently attempting to arrange >> for someone else to. > Nevertheless > Reviewed-by: Jan Beulich <jbeul...@suse.com> > with one question, just for my understanding: > >> @@ -48,6 +58,51 @@ ENTRY(s3_resume) >> pushq %rax >> lretq >> 1: >> +#ifdef CONFIG_XEN_SHSTK >> + /* >> + * Restoring SSP is a little complicated, because we are >> intercepting >> + * an in-use shadow stack. Write a temporary token under the stack, >> + * so SETSSBSY will successfully load a value useful for us, then >> + * reset MSR_PL0_SSP to its usual value and pop the temporary token. >> + */ >> + mov saved_rsp(%rip), %rdi >> + cmpq $1, %rdi >> + je .L_shstk_done >> + >> + /* Set up MSR_S_CET. */ >> + mov $MSR_S_CET, %ecx >> + xor %edx, %edx >> + mov $CET_SHSTK_EN | CET_WRSS_EN, %eax >> + wrmsr >> + >> + /* Construct the temporary supervisor token under SSP. */ >> + sub $8, %rdi >> + >> + /* Load it into MSR_PL0_SSP. */ >> + mov $MSR_PL0_SSP, %ecx >> + mov %rdi, %rdx >> + shr $32, %rdx >> + mov %edi, %eax >> + wrmsr >> + >> + /* Enable CET. MSR_INTERRUPT_SSP_TABLE is set up later in >> load_system_tables(). */ >> + mov $XEN_MINIMAL_CR4 | X86_CR4_CET, %ebx >> + mov %rbx, %cr4 > Does this imply NMI or #MC are fatal between here and there?
Yes, but that is always the case during CPU bringup. Only a few instructions ago, we didn't have an IDT, and we don't have yet have an established %tr, so can't get the regular IST pointer either. ~Andrew
