kvm: mark readAndResetDR6 and callees nosplit

nixprime · gvisor-bot · commit db4fdd73da69 · 2025-07-25T13:20:34.000-07:00
Stack expansion, GC preemption, etc. can cause an exit to host ring 3,
resulting in #GP when the sentry touches the debug register.

PiperOrigin-RevId: 787217537
diff --git a/pkg/sentry/platform/kvm/bluepill_amd64.s b/pkg/sentry/platform/kvm/bluepill_amd64.s
@@ -102,12 +102,12 @@ TEXT ·rdgsbase(SB), $0-8
 	MOVQ AX, ret+0(FP)
 	RET
 
-TEXT ·rdDR6(SB), $0-8
+TEXT ·rdDR6(SB),NOSPLIT,$0-8
 	MOVQ DR6, AX
 	MOVQ AX, ret+0(FP)
 	RET
 
-TEXT ·wrDR6(SB), $0-8
+TEXT ·wrDR6(SB),NOSPLIT,$0-8
 	MOVQ val+0(FP), AX
 	MOVQ AX, DR6
 	RET
diff --git a/pkg/sentry/platform/kvm/machine_amd64.go b/pkg/sentry/platform/kvm/machine_amd64.go
@@ -345,6 +345,7 @@ const (
 	_DR_STEP  = 0x4000 // single-step
 )
 
+//go:nosplit
 func readAndResetDR6() uint64 {
 	dr6 := rdDR6()
 	wrDR6(_DR6_RESERVED)

Original file line number	Diff line number	Diff line change
`@@ -345,6 +345,7 @@ const (`
`345`	`345`	`_DR_STEP = 0x4000 // single-step`
`346`	`346`	`)`
`347`	`347`
	`348`	`+//go:nosplit`
`348`	`349`	`func readAndResetDR6() uint64 {`
`349`	`350`	`dr6 := rdDR6()`
`350`	`351`	`wrDR6(_DR6_RESERVED)`