File 5b2b7172-x86-EFI-fix-FPU-state-handling-around-... of Package xen.10697

Overview Repositories Revisions Requests Users Attributes Meta

File 5b2b7172-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch of Package xen.10697

# Commit 437211cb696515ee5bd5dae0ab72866c9f382a33
# Date 2018-06-21 11:35:46 +0200
# Author Jan Beulich <jbeulich@suse.com>
# Committer Jan Beulich <jbeulich@suse.com>
x86/EFI: fix FPU state handling around runtime calls

There are two issues.  First, the nonlazy xstates were never restored
after returning from the runtime call.

Secondly, with the fully_eager_fpu mitigation for XSA-267 / LazyFPU, the
unilateral stts() is no longer correct, and hits an assertion later when
a lazy state restore tries to occur for a fully eager vcpu.

Fix both of these issues by calling vcpu_restore_fpu_eager().  As EFI
runtime services can be used in the idle context, the idle assertion
needs to move until after the fully_eager_fpu check.

Introduce a "curr" local variable and replace other uses of "current"
at the same time.

Reported-by: Andrew Cooper <andrew.cooper3@citrix.com>
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Tested-by: Juergen Gross <jgross@suse.com>

--- a/xen/arch/x86/efi/runtime.c
+++ b/xen/arch/x86/efi/runtime.c
@@ -111,14 +111,16 @@ struct efi_rs_state efi_rs_enter(void)
 
 void efi_rs_leave(struct efi_rs_state *state)
 {
+    struct vcpu *curr = current;
+
     if ( !state->cr3 )
         return;
     switch_cr3_cr4(state->cr3, read_cr4());
-    if ( is_pv_vcpu(current) && !is_idle_vcpu(current) )
+    if ( is_pv_vcpu(curr) && !is_idle_vcpu(curr) )
     {
         struct desc_ptr gdt_desc = {
             .limit = LAST_RESERVED_GDT_BYTE,
-            .base  = GDT_VIRT_START(current)
+            .base  = GDT_VIRT_START(curr)
         };
 
         asm volatile ( "lgdt %0" : : "m" (gdt_desc) );
@@ -126,7 +128,7 @@ void efi_rs_leave(struct efi_rs_state *s
     irq_exit();
     efi_rs_on_cpu = NR_CPUS;
     spin_unlock(&efi_rs_lock);
-    stts();
+    vcpu_restore_fpu_eager(curr);
 }
 
 bool_t efi_rs_using_pgtables(void)
--- a/xen/arch/x86/i387.c
+++ b/xen/arch/x86/i387.c
@@ -214,10 +214,10 @@ static inline void fpu_fsave(struct vcpu
 /* Restore FPU state whenever VCPU is schduled in. */
 void vcpu_restore_fpu_eager(struct vcpu *v)
 {
-    ASSERT(!is_idle_vcpu(v));
-    
     if ( v->arch.fully_eager_fpu )
     {
+        ASSERT(!is_idle_vcpu(v));
+
         /* Avoid recursion */
         clts();
 
@@ -236,6 +236,8 @@ void vcpu_restore_fpu_eager(struct vcpu
     /* save the nonlazy extended state which is not tracked by CR0.TS bit */
     else if ( v->arch.nonlazy_xstate_used )
     {
+        ASSERT(!is_idle_vcpu(v));
+
         /* Avoid recursion */
         clts();        
         fpu_xrstor(v, XSTATE_NONLAZY);

Places

File 5b2b7172-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch of Package xen.10697

Places