From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Jan Beulich" <JBeulich@suse.com>
Subject: [PATCH 2/3] x86/EFI: be cautious about being handed
 control with CR4.PGE enabled
Date: Fri, 19 Aug 2016 01:51:35 -0600
Message-ID: <57B6D6A70200007800107461@prv-mh.provo.novell.com>
References: <57B6D3C3020000780010743E@prv-mh.provo.novell.com>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="=__PartA4924897.1__="
Return-path: <xen-devel-bounces@lists.xen.org>
Received: from mail6.bemta5.messagelabs.com ([195.245.231.135])
 by lists.xenproject.org with esmtp (Exim 4.84_2)
 (envelope-from <JBeulich@suse.com>) id 1baeaX-0005j9-EY
 for xen-devel@lists.xenproject.org; Fri, 19 Aug 2016 07:51:37 +0000
In-Reply-To: <57B6D3C3020000780010743E@prv-mh.provo.novell.com>
List-Unsubscribe: <https://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
 <mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <https://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
 <mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Errors-To: xen-devel-bounces@lists.xen.org
Sender: "Xen-devel" <xen-devel-bounces@lists.xen.org>
To: xen-devel <xen-devel@lists.xenproject.org>
Cc: Andrew Cooper <andrew.cooper3@citrix.com>
List-Id: xen-devel@lists.xenproject.org

This is a MIME message. If you are reading this text, you may want to 
consider changing to a mail reader or gateway that understands how to 
properly handle MIME multipart messages.

--=__PartA4924897.1__=
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

To effect proper TLB flushing in that case we should clear CR4.PGE
before loading the new page tables.

Signed-off-by: Jan Beulich <jbeulich@suse.com>

--- a/xen/arch/x86/efi/efi-boot.h
+++ b/xen/arch/x86/efi/efi-boot.h
@@ -228,7 +228,7 @@ static void __init efi_arch_pre_exit_boo
=20
 static void __init noreturn efi_arch_post_exit_boot(void)
 {
-    u64 efer;
+    u64 cr4 =3D XEN_MINIMAL_CR4 & ~X86_CR4_PGE, efer;
=20
     efi_arch_relocate_image(__XEN_VIRT_START - xen_phys_start);
     memcpy((void *)trampoline_phys, trampoline_start, cfg.size);
@@ -244,6 +244,10 @@ static void __init noreturn efi_arch_pos
               X86_CR0_AM | X86_CR0_PG);
     asm volatile ( "mov    %[cr4], %%cr4\n\t"
                    "mov    %[cr3], %%cr3\n\t"
+#if XEN_MINIMAL_CR4 & X86_CR4_PGE
+                   "or     $"__stringify(X86_CR4_PGE)", %[cr4]\n\t"
+                   "mov    %[cr4], %%cr4\n\t"
+#endif
                    "movabs $__start_xen, %[rip]\n\t"
                    "lgdt   gdt_descr(%%rip)\n\t"
                    "mov    stack_start(%%rip), %%rsp\n\t"
@@ -255,9 +259,9 @@ static void __init noreturn efi_arch_pos
                    "movl   %[cs], 8(%%rsp)\n\t"
                    "mov    %[rip], (%%rsp)\n\t"
                    "lretq  %[stkoff]-16"
-                   : [rip] "=3D&r" (efer/* any dead 64-bit variable */)
+                   : [rip] "=3D&r" (efer/* any dead 64-bit variable */),
+                     [cr4] "+&r" (cr4)
                    : [cr3] "r" (idle_pg_table),
-                     [cr4] "r" (mmu_cr4_features),
                      [cs] "ir" (__HYPERVISOR_CS),
                      [ds] "r" (__HYPERVISOR_DS),
                      [stkoff] "i" (STACK_SIZE - sizeof(struct cpu_info)),




--=__PartA4924897.1__=
Content-Type: text/plain; name="x86-EFI-CR4-PGE.patch"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment; filename="x86-EFI-CR4-PGE.patch"

x86/EFI: be cautious about being handed control with CR4.PGE enabled=0A=0AT=
o effect proper TLB flushing in that case we should clear CR4.PGE=0Abefore =
loading the new page tables.=0A=0ASigned-off-by: Jan Beulich <jbeulich@suse=
.com>=0A=0A--- a/xen/arch/x86/efi/efi-boot.h=0A+++ b/xen/arch/x86/efi/efi-b=
oot.h=0A@@ -228,7 +228,7 @@ static void __init efi_arch_pre_exit_boo=0A =
=0A static void __init noreturn efi_arch_post_exit_boot(void)=0A {=0A-    =
u64 efer;=0A+    u64 cr4 =3D XEN_MINIMAL_CR4 & ~X86_CR4_PGE, efer;=0A =0A  =
   efi_arch_relocate_image(__XEN_VIRT_START - xen_phys_start);=0A     =
memcpy((void *)trampoline_phys, trampoline_start, cfg.size);=0A@@ -244,6 =
+244,10 @@ static void __init noreturn efi_arch_pos=0A               =
X86_CR0_AM | X86_CR0_PG);=0A     asm volatile ( "mov    %[cr4], %%cr4\n\t"=
=0A                    "mov    %[cr3], %%cr3\n\t"=0A+#if XEN_MINIMAL_CR4 & =
X86_CR4_PGE=0A+                   "or     $"__stringify(X86_CR4_PGE)", =
%[cr4]\n\t"=0A+                   "mov    %[cr4], %%cr4\n\t"=0A+#endif=0A  =
                  "movabs $__start_xen, %[rip]\n\t"=0A                    =
"lgdt   gdt_descr(%%rip)\n\t"=0A                    "mov    stack_start(%%r=
ip), %%rsp\n\t"=0A@@ -255,9 +259,9 @@ static void __init noreturn =
efi_arch_pos=0A                    "movl   %[cs], 8(%%rsp)\n\t"=0A         =
           "mov    %[rip], (%%rsp)\n\t"=0A                    "lretq  =
%[stkoff]-16"=0A-                   : [rip] "=3D&r" (efer/* any dead =
64-bit variable */)=0A+                   : [rip] "=3D&r" (efer/* any dead =
64-bit variable */),=0A+                     [cr4] "+&r" (cr4)=0A          =
          : [cr3] "r" (idle_pg_table),=0A-                     [cr4] "r" =
(mmu_cr4_features),=0A                      [cs] "ir" (__HYPERVISOR_CS),=0A=
                      [ds] "r" (__HYPERVISOR_DS),=0A                      =
[stkoff] "i" (STACK_SIZE - sizeof(struct cpu_info)),=0A
--=__PartA4924897.1__=
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KWGVuLWRldmVs
IG1haWxpbmcgbGlzdApYZW4tZGV2ZWxAbGlzdHMueGVuLm9yZwpodHRwczovL2xpc3RzLnhlbi5v
cmcveGVuLWRldmVsCg==

--=__PartA4924897.1__=--