2023-10-23 09:10:10

by Hou Wenlong

Subject: [PATCH 0/2] x86/xen/pvh: Clean up stack canary setup in PVH entry

Clean up the stack canary setup in the PVH entry. For a 64-bit kernel,
use fixed_percpu_data to set up GSBASE. For a 32-bit kernel, set up the
%fs register explicitly.

Hou Wenlong (2):
x86/xen/pvh: Set up percpu for stack canary in 32-bit kernel entry
x86/xen/pvh: Use fixed_percpu_data to set up GS base

arch/x86/platform/pvh/head.S | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)


base-commit: 50dcc2e0d62e3c4a54f39673c4dc3dcde7c74d52
--
2.31.1

2023-10-23 09:10:30

by Hou Wenlong

Subject: [PATCH 2/2] x86/xen/pvh: Use fixed_percpu_data to set up GS base

startup_64() and startup_xen() both use "fixed_percpu_data" to set up GS
base. So for consitency, use it too in PVH entry and remove the
temporary variable "canary".

Signed-off-by: Hou Wenlong <[email protected]>
---
arch/x86/platform/pvh/head.S | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/arch/x86/platform/pvh/head.S b/arch/x86/platform/pvh/head.S
index cee4dadf5344..591ba165215f 100644
--- a/arch/x86/platform/pvh/head.S
+++ b/arch/x86/platform/pvh/head.S
@@ -96,7 +96,7 @@ SYM_CODE_START_LOCAL(pvh_start_xen)
1:
/* Set base address in stack canary descriptor. */
mov $MSR_GS_BASE,%ecx
- mov $_pa(canary), %eax
+ mov $_pa(INIT_PER_CPU_VAR(fixed_percpu_data)), %eax
xor %edx, %edx
wrmsr

@@ -160,8 +160,6 @@ SYM_DATA_START_LOCAL(gdt_start)
SYM_DATA_END_LABEL(gdt_start, SYM_L_LOCAL, gdt_end)

.balign 16
-SYM_DATA_LOCAL(canary, .fill 48, 1, 0)
-
SYM_DATA_START_LOCAL(early_stack)
.fill BOOT_STACK_SIZE, 1, 0
SYM_DATA_END_LABEL(early_stack, SYM_L_LOCAL, early_stack_end)
--
2.31.1

2023-10-23 09:11:09

by Hou Wenlong

Subject: [PATCH 1/2] x86/xen/pvh: Set up percpu for stack canary in 32-bit kernel entry

In a 32-bit SMP kernel, the stack canary is a percpu variable accessed
as %fs:__stack_chk_guard. However, the ABI for PVH entry does not
specify the %fs register state. It currently works because the initial
%fs register is 0x10 for QEMU, which is the same as $PVH_DS_SEL.
%However, for added safety, the percpu should be set up explicitly
%before calling xen_prepare_pvh(), which accesses the stack canary.

Signed-off-by: Hou Wenlong <[email protected]>
---
arch/x86/platform/pvh/head.S | 4 ++++
1 file changed, 4 insertions(+)

diff --git a/arch/x86/platform/pvh/head.S b/arch/x86/platform/pvh/head.S
index c4365a05ab83..cee4dadf5344 100644
--- a/arch/x86/platform/pvh/head.S
+++ b/arch/x86/platform/pvh/head.S
@@ -121,6 +121,10 @@ SYM_CODE_START_LOCAL(pvh_start_xen)

ljmp $PVH_CS_SEL, $1f
1:
+ /* Set percpu for stack canary. */
+ mov $PVH_DS_SEL,%eax
+ mov %eax, %fs
+
call xen_prepare_pvh
mov $_pa(pvh_bootparams), %esi

--
2.31.1

2023-10-23 12:03:11

by Andy Shevchenko

Subject: Re: [PATCH 1/2] x86/xen/pvh: Set up percpu for stack canary in 32-bit kernel entry

On Mon, Oct 23, 2023 at 12:10 PM Hou Wenlong
<[email protected]> wrote:
>
> In a 32-bit SMP kernel, the stack canary is a percpu variable accessed
> as %fs:__stack_chk_guard. However, the ABI for PVH entry does not
> specify the %fs register state. It currently works because the initial
> %fs register is 0x10 for QEMU, which is the same as $PVH_DS_SEL.

> %However, for added safety, the percpu should be set up explicitly
> %before calling xen_prepare_pvh(), which accesses the stack canary.

Stray leading % in two lines above.

--
With Best Regards,
Andy Shevchenko