From: Andrew Cooper <andrew.cooper3@citrix.com>
Date: Fri, 22 Apr 2016 18:36:15 +0000 (+0100)
Subject: Fix XSA-168 PoC on Gen1 AMD hardware
X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=7842d5edbcab5314cabad988cd6e3f742abbd171;p=people%2Froyger%2Fxen-test-framework.git

Fix XSA-168 PoC on Gen1 AMD hardware

We care simply that the vulnerability is fixed, rather than the architectural
correctness of the emulation of `invlpg`.  Correctness should be implemented
by a functional test.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
---

diff --git a/tests/xsa-168/main.c b/tests/xsa-168/main.c
index 29389bd..d473b4f 100644
--- a/tests/xsa-168/main.c
+++ b/tests/xsa-168/main.c
@@ -35,7 +35,17 @@ void test_main(void)
 {
     printk("XSA-168 PoC\n");
 
-    asm volatile ("invlpg (%0)" :: "q" (0x8000000000000000UL));
+    /**
+     * At the time of writing, Xen doesn't correctly handle `invlpg` while
+     * running in shadow mode on AMD Gen1 hardware lacking decode assistance.
+     * For this test, we simply care that Xen doesn't crash.
+     *
+     * @todo Write a different test which cares about the architecturally
+     * correct handling of `invlpg`.
+     */
+    asm volatile ("1: invlpg (%0); 2:"
+                  _ASM_EXTABLE(1b, 2b)
+                  :: "q" (0x8000000000000000UL));
 
     xtf_success(NULL);
 }