[Xen-devel,RFC,for-4.13,02/10] xen/arm64: head: Check if an SError is pending when receiving a vSError

Message ID 20190926183808.11630-3-julien.grall@arm.com
State Superseded
Headers show
Series
  • xen/arm: XSA-201 and XSA-263 fixes
Related show

Commit Message

Julien Grall Sept. 26, 2019, 6:38 p.m.
At the moment, when we receive an SError exception from the guest, we
don't check if there are any other pending. For hardening the code, we
should ensure any pending SError are accounted to the guest before
executing any code with SError unmasked.

The recently introduced macro 'guest_vector' could used to generate the
two vectors and therefore take advantage of any change required in the
future.

Signed-off-by: Julien Grall <julien.grall@arm.com>
---
 xen/arch/arm/arm64/entry.S | 12 ++----------
 1 file changed, 2 insertions(+), 10 deletions(-)

Comments

Volodymyr Babchuk Sept. 27, 2019, 11:35 a.m. | #1
Julien Grall writes:

> At the moment, when we receive an SError exception from the guest, we
> don't check if there are any other pending. For hardening the code, we
> should ensure any pending SError are accounted to the guest before
> executing any code with SError unmasked.
>
> The recently introduced macro 'guest_vector' could used to generate the
> two vectors and therefore take advantage of any change required in the
> future.
>
> Signed-off-by: Julien Grall <julien.grall@arm.com>
Reviewed-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>
Stefano Stabellini Oct. 1, 2019, 7:58 p.m. | #2
On Fri, 27 Sep 2019, Volodymyr Babchuk wrote:
> Julien Grall writes:
> 
> > At the moment, when we receive an SError exception from the guest, we
> > don't check if there are any other pending. For hardening the code, we
> > should ensure any pending SError are accounted to the guest before
> > executing any code with SError unmasked.
> >
> > The recently introduced macro 'guest_vector' could used to generate the
> > two vectors and therefore take advantage of any change required in the
> > future.
> >
> > Signed-off-by: Julien Grall <julien.grall@arm.com>
> Reviewed-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>

Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>

Patch

diff --git a/xen/arch/arm/arm64/entry.S b/xen/arch/arm/arm64/entry.S
index 8665d2844a..40d9f3ec8c 100644
--- a/xen/arch/arm/arm64/entry.S
+++ b/xen/arch/arm/arm64/entry.S
@@ -324,11 +324,7 @@  guest_fiq_invalid:
         invalid BAD_FIQ
 
 guest_error:
-        entry   hyp=0, compat=0
-        msr     daifclr, #6
-        mov     x0, sp
-        bl      do_trap_guest_serror
-        exit    hyp=0, compat=0
+        guest_vector compat=0, iflags=6, trap=guest_serror
 
 guest_sync_compat:
         guest_vector compat=1, iflags=6, trap=guest_sync
@@ -341,11 +337,7 @@  guest_fiq_invalid_compat:
         invalid BAD_FIQ
 
 guest_error_compat:
-        entry   hyp=0, compat=1
-        msr     daifclr, #6
-        mov     x0, sp
-        bl      do_trap_guest_serror
-        exit    hyp=0, compat=1
+        guest_vector compat=1, iflags=6, trap=guest_serror
 
 ENTRY(return_to_new_vcpu32)
         exit    hyp=0, compat=1