On 28.02.2024 16:21, Andrew Cooper wrote:
> On 28/02/2024 1:52 pm, Jan Beulich wrote:
>> --- a/xen/arch/x86/traps.c
>> +++ b/xen/arch/x86/traps.c
>> @@ -837,24 +825,26 @@ static void fixup_exception_return(struc
>> {
>> if ( IS_ENABLED(CONFIG_XEN_SHSTK) )
>> {
>> - unsigned long ssp, *ptr, *base;
>> + unsigned long ssp = rdssp();
>>
>> - if ( (ssp = rdssp()) == SSP_NO_SHSTK )
>> - goto shstk_done;
>> + if ( ssp != SSP_NO_SHSTK )
>> + {
>> + unsigned long *ptr = _p(regs->entry_ssp);
>
> To double check, this works by the magic of:
>
> signed long entry_ssp:48;
>
> getting sign extended back into a canonical address?
That's the very reason for using an explicitly signed bitfield there,
yes.
Jan
