On 04/05/2020 15:55, Jan Beulich wrote:
>> + /* Poision unused entries. */
>> + for ( i = IST_MAX;
>> + i < ARRAY_SIZE(this_cpu(tss_page).ist_ssp); ++i )
>> + ist_ssp[i] = 0x8600111111111111ul;
> IST_MAX == IST_DF, so you're overwriting one token here.
And failing to poison entry 0. This was a bad rearrangement when
tidying the series up.
Unfortunately, testing the #DF path isn't terribly easy.
>> --- a/xen/include/asm-x86/processor.h
>> +++ b/xen/include/asm-x86/processor.h
>> @@ -434,7 +434,8 @@ struct __packed tss64 {
>> uint16_t :16, bitmap;
>> };
>> struct tss_page {
>> - struct tss64 __aligned(PAGE_SIZE) tss;
>> + uint64_t __aligned(PAGE_SIZE) ist_ssp[8];
>> + struct tss64 tss;
>> };
> Just curious - any particular reason you put this ahead of the TSS?
Yes. Reduced chance of interacting with a buggy IO bitmap offset.
Furthermore, we could do away most of the IO emulation quirking, and the
#GP path overhead, if we actually constructed a real IO bitmap for
dom0. That would require using the 8k following the TSS.
~Andrew
