From: Jan Beulich Date: Tue, 11 Sep 2018 09:06:41 +0000 (+0200) Subject: SVM: limit GIF=0 region X-Git-Tag: archive/raspbian/4.14.0+80-gd101b417b7-1+rpi1^2~63^2~3297 X-Git-Url: https://dgit.raspbian.org/%22http://www.example.com/cgi/%22/%22http:/www.example.com/cgi/%22?a=commitdiff_plain;h=66b245d9eaebfef710148d410ae97a2eaedc3170;p=xen.git SVM: limit GIF=0 region Use EFLAGS.IF for most ordinary purposes; there's in particular no need to unduly defer NMI/#MC. Clear GIF only immediately before VMRUN itself. This has the additional advantage that svm_stgi_label now indeed marks the only place where GIF gets set. Note regarding the main STI placement: Quite counterintuitively the host's EFLAGS.IF continues to have a meaning while the guest runs; see PM Vol 2 section "Physical (INTR) Interrupt Masking in EFLAGS". Hence we need to set the flag for the duration of time being in guest context. However, SPEC_CTRL_ENTRY_FROM_HVM wants to be carried out with EFLAGS.IF clear. Note regarding the main STGI placement: It could be moved further up, but at present SPEC_CTRL_EXIT_TO_HVM is not NMI/#MC-safe. Suggested-by: Andrew Cooper Signed-off-by: Jan Beulich Reviewed-by: Boris Ostrovsky --- diff --git a/xen/arch/x86/hvm/svm/entry.S b/xen/arch/x86/hvm/svm/entry.S index 7d73a69643..908cafb498 100644 --- a/xen/arch/x86/hvm/svm/entry.S +++ b/xen/arch/x86/hvm/svm/entry.S @@ -43,7 +43,7 @@ ENTRY(svm_asm_do_resume) lea irq_stat+IRQSTAT_softirq_pending(%rip),%rdx xor %ecx,%ecx shl $IRQSTAT_shift,%eax - CLGI + cli cmp %ecx,(%rdx,%rax,1) jne .Lsvm_process_softirqs @@ -57,7 +57,7 @@ UNLIKELY_START(ne, nsvm_hap) * Someone shot down our nested p2m table; go round again * and nsvm_vcpu_switch() will fix it for us. */ - STGI + sti jmp .Lsvm_do_resume __UNLIKELY_END(nsvm_hap) @@ -87,6 +87,8 @@ __UNLIKELY_END(nsvm_hap) pop %rsi pop %rdi + CLGI + sti VMRUN SAVE_ALL @@ -103,6 +105,6 @@ GLOBAL(svm_stgi_label) jmp .Lsvm_do_resume .Lsvm_process_softirqs: - STGI + sti call do_softirq jmp .Lsvm_do_resume