Hello Lai, On Sun, Jan 24, 2021 at 10:11:14PM +0800, Lai Jiangshan wrote: > > + > > + /* > > + * No need to switch back to the IST stack. The current stack is either > > + * identical to the stack in the IRET frame or the VC fall-back stack, > > + * so it is definitly mapped even with PTI enabled. > > + */ > > + jmp paranoid_exit > > + > > > > Hello > > I know we don't enable PTI on AMD, but the above comment doesn't align to the > next code. > > We assume PTI is enabled as the comments said "even with PTI enabled". > > When #VC happens after entry_SYSCALL_64 but before it switches to the > kernel CR3. vc_switch_off_ist() will switch the stack to the kernel stack > and paranoid_exit can't work when it switches to user CR3 on the kernel stack. > > The comment above lost information that the current stack is possible to be > the kernel stack which is mapped not user CR3. > > Maybe I missed something. You are right, the scenario above would cause problems for the current #VC entry code. With SEV-ES an #VC exception can't happen in the early syscall entry code, so I think its the best to update the comment reflecting this. In the future this might change and then the #VC entry code needs to take care of this case too. Thanks for pointing it out. Regards, Joerg
