ia64/xen-unstable

changeset 9997:4de0ff0c1357

[IA64] Clear rse invalid partition before resuming to VTi guest

This patch intends to provide mechanism for clearing rse invalid
partition before rbs switch to guest. To avoid leaking hypervisor
bits to guest, it is a must to clear registers which are in
invalid partition before leaving hypervisor.

Singed-off-by: Zhang xiantao <xiantao.zhang@intel.com>
author awilliam@xenbuild.aw
date Fri May 12 08:10:01 2006 -0600 (2006-05-12)
parents 8802e603a0f1
children 07a75bf044b4
files xen/arch/ia64/vmx/vmx_entry.S
line diff
     1.1 --- a/xen/arch/ia64/vmx/vmx_entry.S	Thu May 11 13:16:04 2006 -0600
     1.2 +++ b/xen/arch/ia64/vmx/vmx_entry.S	Fri May 12 08:10:01 2006 -0600
     1.3 @@ -290,11 +290,60 @@ GLOBAL_ENTRY(ia64_leave_hypervisor)
     1.4      mov ar.ccv=r18
     1.5      ;;
     1.6  //rbs_switch
     1.7 -    // loadrs has already been shifted
     1.8 +    
     1.9 +    shr.u r18=r20,16
    1.10 +    ;;
    1.11 +    movl r19= THIS_CPU(ia64_phys_stacked_size_p8)
    1.12 +    ;;
    1.13 +    ld4 r19=[r19]
    1.14 +     
    1.15 +vmx_dont_preserve_current_frame:
    1.16 +/*
    1.17 +    * To prevent leaking bits between the hypervisor and guest domain,
    1.18 +    * we must clear the stacked registers in the "invalid" partition here.
    1.19 +    * 5 registers/cycle on McKinley).
    1.20 +    */
    1.21 +#   define pRecurse	p6
    1.22 +#   define pReturn	p7
    1.23 +#   define Nregs	14
    1.24 +    
    1.25 +    alloc loc0=ar.pfs,2,Nregs-2,2,0
    1.26 +    shr.u loc1=r18,9		// RNaTslots <= floor(dirtySize / (64*8))
    1.27 +    sub r19=r19,r18			// r19 = (physStackedSize + 8) - dirtySize
    1.28 +    ;;
    1.29 +    mov ar.rsc=r20			// load ar.rsc to be used for "loadrs"
    1.30 +    shladd in0=loc1,3,r19
    1.31 +    mov in1=0
    1.32 +    ;;
    1.33 +    TEXT_ALIGN(32)
    1.34 +vmx_rse_clear_invalid:
    1.35 +    alloc loc0=ar.pfs,2,Nregs-2,2,0
    1.36 +    cmp.lt pRecurse,p0=Nregs*8,in0	// if more than Nregs regs left to clear, (re)curse
    1.37 +    add out0=-Nregs*8,in0
    1.38 +    add out1=1,in1			// increment recursion count
    1.39 +    mov loc1=0
    1.40 +    mov loc2=0
    1.41 +    ;;
    1.42 +    mov loc3=0
    1.43 +    mov loc4=0
    1.44 +    mov loc5=0
    1.45 +    mov loc6=0
    1.46 +    mov loc7=0
    1.47 +(pRecurse) br.call.dptk.few b0=vmx_rse_clear_invalid
    1.48 +    ;;
    1.49 +    mov loc8=0
    1.50 +    mov loc9=0
    1.51 +    cmp.ne pReturn,p0=r0,in1	// if recursion count != 0, we need to do a br.ret
    1.52 +    mov loc10=0
    1.53 +    mov loc11=0
    1.54 +(pReturn) br.ret.dptk.many b0
    1.55 +
    1.56 +#	undef pRecurse
    1.57 +#	undef pReturn
    1.58 +
    1.59 +// loadrs has already been shifted
    1.60      alloc r16=ar.pfs,0,0,0,0    // drop current register frame
    1.61      ;;
    1.62 -    mov ar.rsc=r20
    1.63 -    ;;
    1.64      loadrs
    1.65      ;;
    1.66      mov ar.bspstore=r24