Re: [PATCH] arm64: Make sure SMC calls don't have side effects

Wed, 16 Sep 2020 01:40:47 -0700 

On 9/16/20 10:28 AM, Jan Kiszka wrote:
> On 16.09.20 09:12, Oliver Schwartz wrote:
>> SMC calls may modify registers x0 to x3. To make sure the compiler
>> doesn't
>> assume input registers to be constant, also mark these registers as
>> output
>> when used as input.
>>
>> Signed-off-by: Oliver Schwartz <oliver.schwa...@gmx.de>
>> ---
>>   hypervisor/arch/arm64/include/asm/smc.h | 6 +++---
>>   1 file changed, 3 insertions(+), 3 deletions(-)
>>
>> diff --git a/hypervisor/arch/arm64/include/asm/smc.h
>> b/hypervisor/arch/arm64/include/asm/smc.h
>> index 1a5d5c8..e7b6723 100644
>> --- a/hypervisor/arch/arm64/include/asm/smc.h
>> +++ b/hypervisor/arch/arm64/include/asm/smc.h
>> @@ -28,7 +28,7 @@ static inline long smc_arg1(unsigned long id,
>> unsigned long par1)
>>       register unsigned long __par1 asm("r1") = par1;
>>         asm volatile ("smc #0\n\t"
>> -        : "=r" (__id)
>> +        : "=r" (__id), "=r"(__par1)
>>           : "r"(__id), "r"(__par1)
>>           : "memory", "x2", "x3");
>>   @@ -43,7 +43,7 @@ static inline long smc_arg2(unsigned long id,
>> unsigned long par1,
>>       register unsigned long __par2 asm("r2") = par2;
>>         asm volatile ("smc #0\n\t"
>> -        : "=r" (__id)
>> +        : "=r" (__id), "=r"(__par1), "=r"(__par2)
>>           : "r"(__id), "r"(__par1), "r"(__par2)
>>           : "memory", "x3");
>>   @@ -62,7 +62,7 @@ static inline long smc_arg5(unsigned long id,
>> unsigned long par1,
>>       register unsigned long __par5 asm("r5") = par5;
>>         asm volatile ("smc #0\n\t"
>> -        : "=r" (__id)
>> +        : "=r" (__id), "=r"(__par1), "=r"(__par2), "=r"(__par3)
>>           : "r"(__id), "r"(__par1), "r"(__par2), "r"(__par3),
>>             "r"(__par4), "r"(__par5)
>>           : "memory");
>>
> 
> Good catch! We likely have the same issue with our hypercall interface
> (jailhouse_hypercall.h).

Yep, thanks for taking care, my bad!

> 
> We should probably look carefully again at how Linux expresses these
> constraints: linux/include/linux/arm-smccc.h. That appears to me like we

Ack.

> need "+r" for input/output registers and "=&r" for those that are just
> input but might be clobbered on return.
... And we should probably first introduce the fix on next, and directly
squash changes to arm64-zero-exits.

  Ralf

> 
> Jan
> 

-- 
You received this message because you are subscribed to the Google Groups 
"Jailhouse" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jailhouse-dev+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jailhouse-dev/7563d5ba-1a08-8452-81c8-1969ddcca125%40oth-regensburg.de.

Reply via email to