From: Andrew Cooper <andrew.cooper3@citrix.com>
Date: Mon, 1 Nov 2021 10:17:59 +0000 (+0000)
Subject: x86/alternatives: Clear CR4.CET when clearing CR0.WP
X-Git-Tag: archive/raspbian/4.16.1-1+rpi1^2~38^2~49
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=9c8a0179039e523cee6de194073c7e3731b952e9;p=xen.git

x86/alternatives: Clear CR4.CET when clearing CR0.WP

This allows us to have CET active much earlier in boot.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
(cherry picked from commit 48cdc15a424f9fadad7f9aed00e7dc8ef16a2196)
---

diff --git a/xen/arch/x86/alternative.c b/xen/arch/x86/alternative.c
index 1cb531c9df..f8023312f2 100644
--- a/xen/arch/x86/alternative.c
+++ b/xen/arch/x86/alternative.c
@@ -333,9 +333,13 @@ static int __init nmi_apply_alternatives(const struct cpu_user_regs *regs,
      */
     if ( !(alt_done & alt_todo) )
     {
-        unsigned long cr0;
+        unsigned long cr0, cr4;
 
         cr0 = read_cr0();
+        cr4 = read_cr4();
+
+        if ( cr4 & X86_CR4_CET )
+            write_cr4(cr4 & ~X86_CR4_CET);
 
         /* Disable WP to allow patching read-only pages. */
         write_cr0(cr0 & ~X86_CR0_WP);
@@ -345,6 +349,9 @@ static int __init nmi_apply_alternatives(const struct cpu_user_regs *regs,
 
         write_cr0(cr0);
 
+        if ( cr4 & X86_CR4_CET )
+            write_cr4(cr4);
+
         alt_done |= alt_todo;
     }