From ff1fd42f0de4f399f3b98903c99d6ec549039eb7 Mon Sep 17 00:00:00 2001 From: Andrew Cooper Date: Tue, 20 Oct 2020 14:53:30 +0200 Subject: [PATCH] x86/pv: Don't clobber NT on return-to-guest A 64bit IRET can restore NT - the faulting case is when NT is set in the live flags. This change had an unintended consequence of causing the NT flag to spontaneously disappear from guest context whenever a interrupt/exception occurred. In combination with a SYSENTER which sets both TF and NT, Xen's handling of the #DB exceptions clears NT before it is even recorded suitably in the guest kernel's view of what userspace was doing. Reported-by: Andy Lutomirski Fixes: 0e47f92b0 ("x86: force EFLAGS.IF on when exiting to PV guests") Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich master commit: 5bcac985498ed83d89666959175ca9c9ed561ae1 master date: 2020-09-24 21:02:35 +0100 --- xen/arch/x86/x86_64/compat/entry.S | 2 +- xen/arch/x86/x86_64/entry.S | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/xen/arch/x86/x86_64/compat/entry.S b/xen/arch/x86/x86_64/compat/entry.S index 33ac552cac..9059c2ef6e 100644 --- a/xen/arch/x86/x86_64/compat/entry.S +++ b/xen/arch/x86/x86_64/compat/entry.S @@ -119,7 +119,7 @@ compat_process_trap: /* %rbx: struct vcpu, interrupts disabled */ ENTRY(compat_restore_all_guest) ASSERT_INTERRUPTS_DISABLED - mov $~(X86_EFLAGS_IOPL|X86_EFLAGS_NT|X86_EFLAGS_VM),%r11d + mov $~(X86_EFLAGS_IOPL | X86_EFLAGS_VM), %r11d and UREGS_eflags(%rsp),%r11d .macro alt_cr4_pv32 diff --git a/xen/arch/x86/x86_64/entry.S b/xen/arch/x86/x86_64/entry.S index 5ec5522e33..7850546749 100644 --- a/xen/arch/x86/x86_64/entry.S +++ b/xen/arch/x86/x86_64/entry.S @@ -182,7 +182,7 @@ restore_all_guest: jz iret_exit_to_guest movq 24(%rsp),%r11 # RFLAGS - andq $~(X86_EFLAGS_IOPL|X86_EFLAGS_NT|X86_EFLAGS_VM),%r11 + andq $~(X86_EFLAGS_IOPL | X86_EFLAGS_VM), %r11 orq $X86_EFLAGS_IF,%r11 /* Don't use SYSRET path if the return address is not canonical. */ @@ -202,7 +202,7 @@ restore_all_guest: ALIGN /* No special register assumptions. */ iret_exit_to_guest: - andl $~(X86_EFLAGS_IOPL|X86_EFLAGS_NT|X86_EFLAGS_VM),24(%rsp) + andl $~(X86_EFLAGS_IOPL | X86_EFLAGS_VM), 24(%rsp) orl $X86_EFLAGS_IF,24(%rsp) addq $8,%rsp .Lft0: iretq -- 2.39.5