The kexec_reloc() asm has an indirect jump to relocate onto the identity
trampoline. While we clear CET in machine_crash_shutdown(), we fail to clear
CET for the non-crash path. This in turn highlights that the same is true of
resetting the CPUID masking/faulting.
Move both pieces of logic from machine_crash_shutdown() to machine_kexec(),
the latter being common for all kexec transitions. Adjust the condition for
CET being considered active to check in CR4, which is simpler and more robust.
Fixes: 311434bfc9d1 ("x86/setup: Rework MSR_S_CET handling for CET-IBT")
Fixes: b60ab42db2f0 ("x86/shstk: Activate Supervisor Shadow Stacks")
Fixes: 5ab9564c6fa1 ("x86/cpu: Context switch cpuid masks and faulting state in context_switch()")
Reported-by: David Vrabel <dvrabel@amazon.co.uk>
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: David Vrabel <dvrabel@amazon.co.uk>
(cherry picked from commit
7f5b2448bd724f5f24426b2595a9bdceb1e5a346)
nmi_shootdown_cpus();
- /* Reset CPUID masking and faulting to the host's default. */
- ctxt_switch_levelling(NULL);
-
- /* Disable CET. */
- if ( cpu_has_xen_shstk || cpu_has_xen_ibt )
- {
- wrmsrl(MSR_S_CET, 0);
- write_cr4(read_cr4() & ~X86_CR4_CET);
- }
-
info = kexec_crash_save_info();
info->xen_phys_start = xen_phys_start;
info->dom0_pfn_to_mfn_frame_list_list =
_update_gate_addr_lower(&idt_tables[i][TRAP_machine_check], &trap_nop);
}
+ /* Reset CPUID masking and faulting to the host's default. */
+ ctxt_switch_levelling(NULL);
+
+ /* Disable CET. */
+ if ( read_cr4() & X86_CR4_CET )
+ {
+ wrmsrl(MSR_S_CET, 0);
+ write_cr4(read_cr4() & ~X86_CR4_CET);
+ }
+
/* Explicitly enable NMIs on this CPU. Some crashdump kernels do
* not like running with NMIs disabled. */
enable_nmis();
projects / xen.git / commitdiff