| Message ID | 20190926183808.11630-3-julien.grall@arm.com (mailing list archive) |
|---|---|
| State | Superseded |
| Headers | show |
| Series | xen/arm: XSA-201 and XSA-263 fixes | expand |
Julien Grall writes: > At the moment, when we receive an SError exception from the guest, we > don't check if there are any other pending. For hardening the code, we > should ensure any pending SError are accounted to the guest before > executing any code with SError unmasked. > > The recently introduced macro 'guest_vector' could used to generate the > two vectors and therefore take advantage of any change required in the > future. > > Signed-off-by: Julien Grall <julien.grall@arm.com> Reviewed-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>
On Fri, 27 Sep 2019, Volodymyr Babchuk wrote: > Julien Grall writes: > > > At the moment, when we receive an SError exception from the guest, we > > don't check if there are any other pending. For hardening the code, we > > should ensure any pending SError are accounted to the guest before > > executing any code with SError unmasked. > > > > The recently introduced macro 'guest_vector' could used to generate the > > two vectors and therefore take advantage of any change required in the > > future. > > > > Signed-off-by: Julien Grall <julien.grall@arm.com> > Reviewed-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com> Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
diff --git a/xen/arch/arm/arm64/entry.S b/xen/arch/arm/arm64/entry.S index 8665d2844a..40d9f3ec8c 100644 --- a/xen/arch/arm/arm64/entry.S +++ b/xen/arch/arm/arm64/entry.S @@ -324,11 +324,7 @@ guest_fiq_invalid: invalid BAD_FIQ guest_error: - entry hyp=0, compat=0 - msr daifclr, #6 - mov x0, sp - bl do_trap_guest_serror - exit hyp=0, compat=0 + guest_vector compat=0, iflags=6, trap=guest_serror guest_sync_compat: guest_vector compat=1, iflags=6, trap=guest_sync @@ -341,11 +337,7 @@ guest_fiq_invalid_compat: invalid BAD_FIQ guest_error_compat: - entry hyp=0, compat=1 - msr daifclr, #6 - mov x0, sp - bl do_trap_guest_serror - exit hyp=0, compat=1 + guest_vector compat=1, iflags=6, trap=guest_serror ENTRY(return_to_new_vcpu32) exit hyp=0, compat=1
At the moment, when we receive an SError exception from the guest, we don't check if there are any other pending. For hardening the code, we should ensure any pending SError are accounted to the guest before executing any code with SError unmasked. The recently introduced macro 'guest_vector' could used to generate the two vectors and therefore take advantage of any change required in the future. Signed-off-by: Julien Grall <julien.grall@arm.com> --- xen/arch/arm/arm64/entry.S | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-)