On 04.03.2026 18:18, Andrew Cooper wrote:
> When FRED is active, hardware automatically swaps GS when changing privilege,
> and the SWAPGS instruction is disallowed.
>
> For native OSes using GS as the thread local pointer this is a massive
> improvement on the pre-FRED architecture, but under Xen it makes handling PV
> guests more complicated. Specifically, it means that GS_BASE and GS_SHADOW
> are the opposite way around in FRED mode, as opposed to IDT mode.
>
> This leads to the following changes:
>
> * In load_segments(), we already load both GSes. Account for FRED in the
> SWAP() condition and avoid the path with SWAGS.
>
> * In save_segments(), we need to read GS_SHADOW rather than GS_BASE.
>
> * In toggle_guest_mode(), we need to emulate SWAPGS.
>
> * In {read,write}_msr() which access the live registers, GS_SHADOW and
> GS_BASE need swapping.
>
> * In do_set_segment_base(), merge the SEGBASE_GS_{USER,KERNEL} cases and
> take FRED into account when choosing which base to update.
>
> SEGBASE_GS_USER_SEL was already an LKGS invocation (decades before FRED)
> so under FRED needs to be just a MOV %gs. Simply skip the SWAPGSes.
>
> Signed-off-by: Andrew Cooper <[email protected]>
> Reviewed-by: Jan Beulich <[email protected]>
> ---
> CC: Jan Beulich <[email protected]>
> CC: Roger Pau Monné <[email protected]>
>
> v4.1:
> * Extra comments
Thanks.
Jan
