From: Jan Beulich <jbeulich@suse.com>
To: "xen-devel@lists.xenproject.org" <xen-devel@lists.xenproject.org>
Cc: "Andrew Cooper" <andrew.cooper3@citrix.com>,
"Roger Pau Monné" <roger.pau@citrix.com>
Subject: [PATCH v9 09/10] x86: use / "support" UDB
Date: Mon, 24 Nov 2025 16:01:38 +0100 [thread overview]
Message-ID: <78b7c8a0-16ae-49c3-8c7b-5b10f5b0d688@suse.com> (raw)
In-Reply-To: <926a2315-a2b7-4aad-87e6-d686c9da9e3a@suse.com>
With opcode D6h now firmly reserved as another #UD-raising one in 64-bit
mode, use that instead of the two-byte UD2 for bug frame marking.
While there also make the respective adjustment to the emulator.
Signed-off-by: Jan Beulich <jbeulich@suse.com>
---
Should we also switch {svm,vmx}_init_hypercall_page()?
Furthermore x86_64/kexec_reloc.S also has two uses. Question is whether
"tailcall" is being open-coded there, or whether that's deliberately not
using the macro we have.
One of the table entries in stub_selftest() uses UD1, yet not in quite
an appropriate way: The 0x90 following it (presumably meant to be a NOP)
really is a ModR/M byte, requiring a displacement to follow. Wouldn't we
better adjust that (e.g. using 0xcc instead)?
---
v9: New.
--- a/xen/arch/x86/include/asm/bug.h
+++ b/xen/arch/x86/include/asm/bug.h
@@ -21,7 +21,7 @@
#ifndef __ASSEMBLY__
-#define BUG_INSTR "ud2"
+#define BUG_INSTR ".byte 0xd6" /* UDB */
#define BUG_ASM_CONST "c"
#else /* !__ASSEMBLY__ */
@@ -37,7 +37,7 @@
.error "Invalid BUGFRAME index"
.endif
- .L\@ud: ud2a
+ .L\@ud: .byte 0xd6 /* UDB */
.pushsection .rodata.str1, "aMS", @progbits, 1
.L\@s1: .asciz "\file_str"
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -1256,7 +1256,7 @@ void asmlinkage do_trap(struct cpu_user_
void asmlinkage do_invalid_op(struct cpu_user_regs *regs)
{
- u8 bug_insn[2];
+ uint8_t bug_insn;
const void *eip = (const void *)regs->rip;
int id;
@@ -1268,8 +1268,8 @@ void asmlinkage do_invalid_op(struct cpu
}
if ( !is_active_kernel_text(regs->rip) ||
- copy_from_unsafe(bug_insn, eip, sizeof(bug_insn)) ||
- memcmp(bug_insn, "\xf\xb", sizeof(bug_insn)) )
+ copy_from_unsafe(&bug_insn, eip, sizeof(bug_insn)) ||
+ bug_insn != 0xd6 /* UDB */ )
goto die;
id = do_bug_frame(regs, regs->rip);
--- a/xen/arch/x86/x86_emulate/decode.c
+++ b/xen/arch/x86/x86_emulate/decode.c
@@ -651,7 +651,7 @@ decode_onebyte(struct x86_emulate_state
case 0xce: /* into */
case 0xd4: /* aam */
case 0xd5: /* aad */
- case 0xd6: /* salc */
+ /* 0xd6 (salc) omitted here, for #UD to be raised in 64-bit mode. */
s->not_64bit = true;
break;
--- a/xen/arch/x86/x86_emulate/x86_emulate.c
+++ b/xen/arch/x86/x86_emulate/x86_emulate.c
@@ -2470,9 +2470,17 @@ x86_emulate(
_regs.eflags |= even_parity(_regs.al) ? X86_EFLAGS_PF : 0;
break;
- case 0xd6: /* salc */
- _regs.al = (_regs.eflags & X86_EFLAGS_CF) ? 0xff : 0x00;
- break;
+ case 0xd6: /* salc / udb */
+ if ( !mode_64bit() )
+ {
+ _regs.al = (_regs.eflags & X86_EFLAGS_CF) ? 0xff : 0x00;
+ break;
+ }
+ fallthrough;
+ case X86EMUL_OPC(0x0f, 0x0b): /* ud2 */
+ case X86EMUL_OPC(0x0f, 0xb9): /* ud1 */
+ case X86EMUL_OPC(0x0f, 0xff): /* ud0 */
+ generate_exception(X86_EXC_UD);
case 0xd7: /* xlat */ {
unsigned long al;
@@ -3204,11 +3212,6 @@ x86_emulate(
goto done;
break;
- case X86EMUL_OPC(0x0f, 0x0b): /* ud2 */
- case X86EMUL_OPC(0x0f, 0xb9): /* ud1 */
- case X86EMUL_OPC(0x0f, 0xff): /* ud0 */
- generate_exception(X86_EXC_UD);
-
case X86EMUL_OPC(0x0f, 0x0d): /* GrpP (prefetch) */
case X86EMUL_OPC(0x0f, 0x18): /* Grp16 (prefetch/nop) */
case X86EMUL_OPC(0x0f, 0x19) ... X86EMUL_OPC(0x0f, 0x1f): /* nop */
next prev parent reply other threads:[~2025-11-24 15:01 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-24 14:56 [PATCH v9 10/10] x86emul: misc additions Jan Beulich
2025-11-24 14:57 ` [PATCH v9 01/10] x86emul: support LKGS Jan Beulich
2025-11-24 14:58 ` [PATCH v9 02/10] x86emul+VMX: support {RD,WR}MSRLIST Jan Beulich
2025-11-24 14:58 ` [PATCH v9 03/10] x86emul: support USER_MSR instructions Jan Beulich
2025-11-24 14:59 ` [PATCH v9 04/10] x86/cpu-policy: re-arrange no-VMX logic Jan Beulich
2026-04-07 21:58 ` Andrew Cooper
2026-04-08 6:09 ` Jan Beulich
2025-11-24 15:00 ` [PATCH v9 05/10] VMX: support USER-MSR Jan Beulich
2025-11-24 15:00 ` [PATCH v9 06/10] x86emul: support MSR_IMM instructions Jan Beulich
2025-11-24 15:00 ` [PATCH v9 07/10] VMX: support MSR-IMM Jan Beulich
2025-11-26 18:50 ` Andrew Cooper
2025-11-27 8:18 ` Jan Beulich
2025-11-24 15:01 ` [PATCH v9 08/10] x86emul: support non-SIMD MOVRS Jan Beulich
2025-11-24 15:01 ` Jan Beulich [this message]
2025-12-05 12:01 ` [PATCH v9 09/10] x86: use / "support" UDB Andrew Cooper
2025-12-05 12:40 ` Andrew Cooper
2025-12-05 13:13 ` Jan Beulich
2025-12-05 13:15 ` Andrew Cooper
2025-12-05 13:15 ` Jan Beulich
2025-12-05 13:35 ` Andrew Cooper
2025-12-05 13:09 ` Jan Beulich
2025-11-24 15:02 ` [PATCH v9 10/10] x86emul: support AVX512-BMM Jan Beulich
2025-12-05 12:33 ` Andrew Cooper
2025-12-05 12:47 ` Jan Beulich
2026-04-07 15:11 ` Andrew Cooper
2025-11-24 15:03 ` [PATCH v9 00/10] x86emul: misc additions Jan Beulich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=78b7c8a0-16ae-49c3-8c7b-5b10f5b0d688@suse.com \
--to=jbeulich@suse.com \
--cc=andrew.cooper3@citrix.com \
--cc=roger.pau@citrix.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.