From: Jan Beulich <jbeulich@suse.com>
To: Alejandro Vallejo <alejandro.garciavallejo@amd.com>
Cc: "Andrew Cooper" <andrew.cooper3@citrix.com>,
"Roger Pau Monné" <roger.pau@citrix.com>,
"Jason Andryuk" <jason.andryuk@amd.com>,
xen-devel@lists.xenproject.org
Subject: Re: [PATCH v4 2/4] x86/hvm: Disable cross-vendor handling in #UD handler
Date: Wed, 11 Mar 2026 15:59:52 +0100 [thread overview]
Message-ID: <d76d6c2c-b81a-417b-9d4e-07f301e35dbc@suse.com> (raw)
In-Reply-To: <20260311142711.16754-3-alejandro.garciavallejo@amd.com>
On 11.03.2026 15:27, Alejandro Vallejo wrote:
> Remove cross-vendor support now that VMs can no longer have a different
> vendor than the host.
>
> While at it, refactor the function to exit early and skip initialising
> the emulation context when FEP is not enabled.
>
> No functional change intended.
>
> Signed-off-by: Alejandro Vallejo <alejandro.garciavallejo@amd.com>
> ---
> v4:
> * Reverted refactor of the `walk` variable assignment
"Revert" as in "move it even farther away from the original". As said, you
want re-indentation, so please do just that, nothing else that isn't
explicitly justified (like the moving of hvm_emulate_init_once() is). With
this put back in its original shape (can do while committing, I suppose):
Reviewed-by: Jan Beulich <jbeulich@suse.com>
> --- a/xen/arch/x86/hvm/hvm.c
> +++ b/xen/arch/x86/hvm/hvm.c
> @@ -3832,67 +3832,50 @@ int hvm_descriptor_access_intercept(uint64_t exit_info,
> return X86EMUL_OKAY;
> }
>
> -static bool cf_check is_cross_vendor(
> - const struct x86_emulate_state *state, const struct x86_emulate_ctxt *ctxt)
> -{
> - switch ( ctxt->opcode )
> - {
> - case X86EMUL_OPC(0x0f, 0x05): /* syscall */
> - case X86EMUL_OPC(0x0f, 0x34): /* sysenter */
> - case X86EMUL_OPC(0x0f, 0x35): /* sysexit */
> - return true;
> - }
> -
> - return false;
> -}
> -
> void hvm_ud_intercept(struct cpu_user_regs *regs)
> {
> struct vcpu *cur = current;
> - bool should_emulate =
> - cur->domain->arch.cpuid->x86_vendor != boot_cpu_data.x86_vendor;
> struct hvm_emulate_ctxt ctxt;
> + const struct segment_register *cs = &ctxt.seg_reg[x86_seg_cs];
> + uint32_t walk;
> + unsigned long addr;
> + char sig[5]; /* ud2; .ascii "xen" */
>
> - hvm_emulate_init_once(&ctxt, opt_hvm_fep ? NULL : is_cross_vendor, regs);
> -
> - if ( opt_hvm_fep )
> + if ( !opt_hvm_fep )
> {
> - const struct segment_register *cs = &ctxt.seg_reg[x86_seg_cs];
> - uint32_t walk = ((ctxt.seg_reg[x86_seg_ss].dpl == 3)
> - ? PFEC_user_mode : 0) | PFEC_insn_fetch;
> - unsigned long addr;
> - char sig[5]; /* ud2; .ascii "xen" */
> -
> - if ( hvm_virtual_to_linear_addr(x86_seg_cs, cs, regs->rip,
> - sizeof(sig), hvm_access_insn_fetch,
> - cs, &addr) &&
> - (hvm_copy_from_guest_linear(sig, addr, sizeof(sig),
> - walk, NULL) == HVMTRANS_okay) &&
> - (memcmp(sig, "\xf\xb" "xen", sizeof(sig)) == 0) )
> - {
> - regs->rip += sizeof(sig);
> - regs->eflags &= ~X86_EFLAGS_RF;
> -
> - /* Zero the upper 32 bits of %rip if not in 64bit mode. */
> - if ( !(hvm_long_mode_active(cur) && cs->l) )
> - regs->rip = (uint32_t)regs->rip;
> + ASSERT_UNREACHABLE();
> + goto reinject;
> + }
>
> - add_taint(TAINT_HVM_FEP);
> + hvm_emulate_init_once(&ctxt, NULL, regs);
>
> - should_emulate = true;
> - }
> - }
> + walk = ((ctxt.seg_reg[x86_seg_ss].dpl == 3)
> + ? PFEC_user_mode : 0) | PFEC_insn_fetch;
>
> - if ( !should_emulate )
> + if ( hvm_virtual_to_linear_addr(x86_seg_cs, cs, regs->rip,
> + sizeof(sig), hvm_access_insn_fetch,
> + cs, &addr) &&
> + (hvm_copy_from_guest_linear(sig, addr, sizeof(sig),
> + walk, NULL) == HVMTRANS_okay) &&
> + (memcmp(sig, "\xf\xb" "xen", sizeof(sig)) == 0) )
> {
> - hvm_inject_hw_exception(X86_EXC_UD, X86_EVENT_NO_EC);
> - return;
> + regs->rip += sizeof(sig);
> + regs->eflags &= ~X86_EFLAGS_RF;
> +
> + /* Zero the upper 32 bits of %rip if not in 64bit mode. */
> + if ( !(hvm_long_mode_active(cur) && cs->l) )
> + regs->rip = (uint32_t)regs->rip;
> +
> + add_taint(TAINT_HVM_FEP);
> }
> + else
> + goto reinject;
>
> switch ( hvm_emulate_one(&ctxt, VIO_no_completion) )
> {
> case X86EMUL_UNHANDLEABLE:
> case X86EMUL_UNIMPLEMENTED:
> + reinject:
I'm inclined to suggest to indent this the same as the case labels.
Jan
next prev parent reply other threads:[~2026-03-11 15:00 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-11 14:27 [PATCH v4 0/4] x86: Drop cross-vendor support Alejandro Vallejo
2026-03-11 14:27 ` [PATCH v4 1/4] x86: Reject CPU policies with vendors other than the host's Alejandro Vallejo
2026-03-11 14:52 ` Jan Beulich
2026-03-11 14:27 ` [PATCH v4 2/4] x86/hvm: Disable cross-vendor handling in #UD handler Alejandro Vallejo
2026-03-11 14:59 ` Jan Beulich [this message]
2026-03-11 18:01 ` Alejandro Vallejo
2026-03-12 6:57 ` Jan Beulich
2026-03-11 18:48 ` Andrew Cooper
2026-03-11 14:27 ` [PATCH v4 3/4] x86/hvm: Remove cross-vendor checks from MSR handlers Alejandro Vallejo
2026-03-11 14:27 ` [PATCH v4 4/4] x86/svm: Drop emulation of Intel's SYSENTER behaviour on AMD systems Alejandro Vallejo
2026-03-11 18:54 ` Andrew Cooper
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d76d6c2c-b81a-417b-9d4e-07f301e35dbc@suse.com \
--to=jbeulich@suse.com \
--cc=alejandro.garciavallejo@amd.com \
--cc=andrew.cooper3@citrix.com \
--cc=jason.andryuk@amd.com \
--cc=roger.pau@citrix.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.