From patchwork Tue Feb 9 17:43:50 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 8264521 Return-Path: X-Original-To: patchwork-qemu-devel@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork2.web.kernel.org (Postfix) with ESMTP id 83323BEEE5 for ; Tue, 9 Feb 2016 17:52:43 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id B910D201B4 for ; Tue, 9 Feb 2016 17:52:42 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id E36B320160 for ; Tue, 9 Feb 2016 17:52:41 +0000 (UTC) Received: from localhost ([::1]:58926 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aTCSv-0003bd-AY for patchwork-qemu-devel@patchwork.kernel.org; Tue, 09 Feb 2016 12:52:41 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:33866) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aTCLl-00084q-Ey for qemu-devel@nongnu.org; Tue, 09 Feb 2016 12:45:18 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1aTCLj-0000to-40 for qemu-devel@nongnu.org; Tue, 09 Feb 2016 12:45:17 -0500 Received: from mail-pf0-x244.google.com ([2607:f8b0:400e:c00::244]:33881) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aTCLi-0000th-PK for qemu-devel@nongnu.org; Tue, 09 Feb 2016 12:45:15 -0500 Received: by mail-pf0-x244.google.com with SMTP id 71so5231221pfv.1 for ; Tue, 09 Feb 2016 09:45:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references; bh=IlrqTN2nHYNxQI21luPKo0zePIhXqEKP+lyF/KovU7I=; b=c72XYTgQ5VbD4/65JQE/6XAzQ7XMhFKvLGkNQQKyQdPuArIIn1+OScBsIESrakglBk 4SkM/nS5Uv/j/xuKH7aw94JPyJCfwcKse7RClXZSeAMeqmmTwm8O2Z0DobaxRgoWOBgm g5kcIZZdvyr8zWV0BAwS9r03XeF6w8Z/CLEpnR04lb2YKriNFQrUoHTpuKJ6H+lBQvh9 Yuq55pz7nq+SWJjyuq5z+9o61HYQBWAc46qgG0CJ9ApnqPZHg4e2Z3oXRv1K55Wua1TV nwhtyHUDarHBpHm93VJOyIvbSbD945FGe+N2Mape/gaHau0em4Jwy5GF3RQgJF8F9yi/ 6ArQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references; bh=IlrqTN2nHYNxQI21luPKo0zePIhXqEKP+lyF/KovU7I=; b=XB2qTyiGBLhj0zkkjNBASCmdSsh4cqgSB+33eiXTxm2/utxIW+dfs/vDpmx8XW/cav 9nRxEPILse2qXCxmqhssHRTlcBYfmKLm4f176YLh8ScY7yaU9S2iYrqXaR6vZBnk2mWR X9dUJLA61mhhRbLOt4xMjXmvV1rZNEkyC9N1o0RLwYzOO5GUQt3i9I1lXpaUJzzL1VjY vrtGhSiJmLHo9+uAwfqRMWc5l3XYl2WsfO+s2PwEu/fj/gkLu9hVvmuKxKxBgri+QISb b58Rgg9Uh3pfHslKkOwQ06KD0nUWq/Z/trJ5VSEwHcDxXP1vV3fbbpiEr8F20zfRK1ir OAGg== X-Gm-Message-State: AG10YOTI55kxn97YK6z5+5AbSQjYuVybkwnCfJRMtdsY6i93jvAZergKsMLBlntKauU6+Q== X-Received: by 10.98.9.219 with SMTP id 88mr47487168pfj.0.1455039914146; Tue, 09 Feb 2016 09:45:14 -0800 (PST) Received: from bigtime.com (alanje.lnk.telstra.net. [120.151.179.201]) by smtp.gmail.com with ESMTPSA id pu3sm52144740pac.9.2016.02.09.09.45.11 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 09 Feb 2016 09:45:13 -0800 (PST) From: Richard Henderson To: qemu-devel@nongnu.org Date: Wed, 10 Feb 2016 04:43:50 +1100 Message-Id: <1455039832-9133-15-git-send-email-rth@twiddle.net> X-Mailer: git-send-email 2.5.0 In-Reply-To: <1455039832-9133-1-git-send-email-rth@twiddle.net> References: <1455039832-9133-1-git-send-email-rth@twiddle.net> X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 2607:f8b0:400e:c00::244 Cc: pbonzini@redhat.com Subject: [Qemu-devel] [PATCH 14/16] target-i386: Clear bndregs during legacy near jumps X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org X-Spam-Status: No, score=-6.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_HI, T_DKIM_INVALID, UNPARSEABLE_RELAY autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Signed-off-by: Richard Henderson --- target-i386/helper.h | 1 + target-i386/mpx_helper.c | 8 ++++++++ target-i386/translate.c | 20 ++++++++++++++++++++ 3 files changed, 29 insertions(+) diff --git a/target-i386/helper.h b/target-i386/helper.h index 709b195..60a615f 100644 --- a/target-i386/helper.h +++ b/target-i386/helper.h @@ -21,6 +21,7 @@ DEF_HELPER_FLAGS_3(bndldx32, TCG_CALL_NO_WG, i64, env, tl, tl) DEF_HELPER_FLAGS_3(bndldx64, TCG_CALL_NO_WG, i64, env, tl, tl) DEF_HELPER_FLAGS_5(bndstx32, TCG_CALL_NO_WG, void, env, tl, tl, i64, i64) DEF_HELPER_FLAGS_5(bndstx64, TCG_CALL_NO_WG, void, env, tl, tl, i64, i64) +DEF_HELPER_1(bnd_jmp, void, env) DEF_HELPER_2(aam, void, env, int) DEF_HELPER_2(aad, void, env, int) diff --git a/target-i386/mpx_helper.c b/target-i386/mpx_helper.c index 53d9834..1bf717a 100644 --- a/target-i386/mpx_helper.c +++ b/target-i386/mpx_helper.c @@ -156,3 +156,11 @@ void helper_bndstx32(CPUX86State *env, target_ulong base, target_ulong ptr, cpu_stl_data_ra(env, bte + 4, ub, ra); cpu_stl_data_ra(env, bte + 8, ptr, ra); } + +void helper_bnd_jmp(CPUX86State *env) +{ + if (!(env->hflags2 & HF2_MPX_PR_MASK)) { + memset(env->bnd_regs, 0, sizeof(env->bnd_regs)); + env->hflags &= ~HF_MPX_IU_MASK; + } +} diff --git a/target-i386/translate.c b/target-i386/translate.c index 0dda4a8..59470f7 100644 --- a/target-i386/translate.c +++ b/target-i386/translate.c @@ -2406,6 +2406,19 @@ static void gen_reset_hflag(DisasContext *s, uint32_t mask) } } +/* Clear BND registers during legacy branches. */ +static void gen_bnd_jmp(DisasContext *s) +{ + /* Do nothing if BND prefix present, MPX is disabled, or if the + BNDREGs are known to be in INIT state already. The helper + itself will check BNDPRESERVE at runtime. */ + if ((s->prefix & PREFIX_REPNZ) == 0 + && (s->flags & HF_MPX_EN_MASK) == 0 + && (s->flags & HF_MPX_IU_MASK) == 0) { + gen_helper_bnd_jmp(cpu_env); + } +} + /* generate a generic end of block. Trace exception is also generated if needed */ static void gen_eob(DisasContext *s) @@ -4794,6 +4807,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s, tcg_gen_movi_tl(cpu_T1, next_eip); gen_push_v(s, cpu_T1); gen_op_jmp_v(cpu_T0); + gen_bnd_jmp(s); gen_eob(s); break; case 3: /* lcall Ev */ @@ -4819,6 +4833,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s, tcg_gen_ext16u_tl(cpu_T0, cpu_T0); } gen_op_jmp_v(cpu_T0); + gen_bnd_jmp(s); gen_eob(s); break; case 5: /* ljmp Ev */ @@ -6200,6 +6215,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s, gen_stack_update(s, val + (1 << ot)); /* Note that gen_pop_T0 uses a zero-extending load. */ gen_op_jmp_v(cpu_T0); + gen_bnd_jmp(s); gen_eob(s); break; case 0xc3: /* ret */ @@ -6207,6 +6223,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s, gen_pop_update(s, ot); /* Note that gen_pop_T0 uses a zero-extending load. */ gen_op_jmp_v(cpu_T0); + gen_bnd_jmp(s); gen_eob(s); break; case 0xca: /* lret im */ @@ -6273,6 +6290,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s, } tcg_gen_movi_tl(cpu_T0, next_eip); gen_push_v(s, cpu_T0); + gen_bnd_jmp(s); gen_jmp(s, tval); } break; @@ -6302,6 +6320,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s, } else if (!CODE64(s)) { tval &= 0xffffffff; } + gen_bnd_jmp(s); gen_jmp(s, tval); break; case 0xea: /* ljmp im */ @@ -6341,6 +6360,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s, if (dflag == MO_16) { tval &= 0xffff; } + gen_bnd_jmp(s); gen_jcc(s, b, tval, next_eip); break;