dgit.raspbian.org Git - xen.git/commit

author	Andrew Cooper <andrew.cooper3@citrix.com>
	Mon, 7 Mar 2022 20:19:18 +0000 (20:19 +0000)
committer	Andrew Cooper <andrew.cooper3@citrix.com>
	Thu, 10 Mar 2022 18:47:55 +0000 (18:47 +0000)
commit	7f5b2448bd724f5f24426b2595a9bdceb1e5a346
tree	7f0778db0e38fe3955564737583353402f27b23d	tree \| snapshot
parent	5142dc5c25e317c208e3dc16d16b664b9f05dab5	commit \| diff

x86/kexec: Fix kexec-reboot with CET active

The kexec_reloc() asm has an indirect jump to relocate onto the identity
trampoline.  While we clear CET in machine_crash_shutdown(), we fail to clear
CET for the non-crash path.  This in turn highlights that the same is true of
resetting the CPUID masking/faulting.

Move both pieces of logic from machine_crash_shutdown() to machine_kexec(),
the latter being common for all kexec transitions.  Adjust the condition for
CET being considered active to check in CR4, which is simpler and more robust.

Fixes: 311434bfc9d1 ("x86/setup: Rework MSR_S_CET handling for CET-IBT")
Fixes: b60ab42db2f0 ("x86/shstk: Activate Supervisor Shadow Stacks")
Fixes: 5ab9564c6fa1 ("x86/cpu: Context switch cpuid masks and faulting state in context_switch()")
Reported-by: David Vrabel <dvrabel@amazon.co.uk>
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: David Vrabel <dvrabel@amazon.co.uk>

xen/arch/x86/crash.c		diff \| blob \| history
xen/arch/x86/machine_kexec.c		diff \| blob \| history