xenbits.xensource.com Git - xen.git/commit

author	Andrew Cooper <andrew.cooper3@citrix.com>
	Thu, 10 May 2012 10:04:32 +0000 (11:04 +0100)
committer	Andrew Cooper <andrew.cooper3@citrix.com>
	Thu, 10 May 2012 10:04:32 +0000 (11:04 +0100)
commit	d47e6a744e16d47d97033e36f07ddc108500aa8e
tree	a283c4efb8b4b0b1db6752d9a0320c9c5d7773c4	tree
parent	f0b5db91de01bff8346e0d9da929c0f3ff60874d	commit \| diff

x86_64: Fix off-by-one error setting up the Interrupt Stack Tables

The Interrupt Stack Table entries in a 64bit TSS are a 1 based data
structure as far as hardware is concerned. As a result, the code
setting up stacks in subarch_percpu_traps_init() fills in the wrong
IST entries.

The result is that the MCE handler executes on the stack set up for
NMIs; the NMI handler executes on a stack set up for Double Faults,
and Double Faults are executed with a stack pointer set to 0.

Once the #DF handler starts to execute, it will usually take a page
fault looking up the address at 0xfffffffffffffff8, which will cause a
triple fault. If a guest has mapped a page in that location, then it
will have some state overwritten, but as the #DF handler always calls
panic(), this is not a problem the guest will have time to care about.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Committed-by: Keir Fraser <keir@xen.org>

xen/arch/x86/x86_64/traps.c		diff \| blob \| blame \| history
xen/include/asm-x86/processor.h		diff \| blob \| blame \| history