From: Borislav Petkov <bp@alien8.de>
To: Andy Lutomirski <luto@amacapital.net>
Cc: x86@kernel.org, linux-kernel@vger.kernel.org,
"Frédéric Weisbecker" <fweisbec@gmail.com>,
"Oleg Nesterov" <oleg@redhat.com>,
"kvm list" <kvm@vger.kernel.org>
Subject: Re: [PATCH 2/3] x86_64,entry: Use sysret to return to userspace when possible
Date: Fri, 9 Jan 2015 11:40:35 +0100 [thread overview]
Message-ID: <20150109104035.GA13637@pd.tnic> (raw)
In-Reply-To: <49394403b8b12486a6b9c9c70b72bd9f5dce7364.1415403984.git.luto@amacapital.net>
On Fri, Nov 07, 2014 at 03:58:18PM -0800, Andy Lutomirski wrote:
> + /*
> + * Try to use SYSRET instead of IRET if we're returning to
> + * a completely clean 64-bit userspace context.
> + */
> + movq (RCX-R11)(%rsp), %rcx
> + cmpq %rcx,(RIP-R11)(%rsp) /* RCX == RIP */
> + jne opportunistic_sysret_failed
> +
> + /*
> + * On Intel CPUs, sysret with non-canonical RCX/RIP will #GP
> + * in kernel space. This essentially lets the user take over
> + * the kernel, since userspace controls RSP. It's not worth
> + * testing for canonicalness exactly -- this check detects any
> + * of the 17 high bits set, which is true for non-canonical
> + * or kernel addresses. (This will pessimize vsyscall=native.
> + * Big deal.)
> + */
> + shr $47, %rcx
> + jnz opportunistic_sysret_failed
> +
> + cmpq $__USER_CS,(CS-R11)(%rsp) /* CS must match SYSRET */
> + jne opportunistic_sysret_failed
> +
> + movq (R11-R11)(%rsp), %r11
> + cmpq %r11,(EFLAGS-R11)(%rsp) /* R11 == RFLAGS */
> + jne opportunistic_sysret_failed
> +
> + testq $X86_EFLAGS_RF,%r11 /* sysret can't restore RF */
> + jnz opportunistic_sysret_failed
> +
> + /* nothing to check for RSP */
> +
> + cmpq $__USER_DS,(SS-R11)(%rsp) /* SS must match SYSRET */
> + jne opportunistic_sysret_failed
Btw, Denys' R11->ARGOFFSET fix makes sense here too - using ARGOFFSET
instead of R11 would make this here clearer.
--
Regards/Gruss,
Boris.
Sent from a fat crate under my desk. Formatting is fine.
--
next prev parent reply other threads:[~2015-01-09 10:40 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-11-07 23:58 [PATCH 0/3] x86_64,entry: Rearrange the syscall exit optimizations Andy Lutomirski
2014-11-07 23:58 ` [PATCH 1/3] x86_64,entry: Fix RCX for traced syscalls Andy Lutomirski
2015-01-05 12:59 ` Borislav Petkov
2015-01-05 20:31 ` Andy Lutomirski
2015-01-06 15:34 ` Borislav Petkov
2015-01-06 18:43 ` Andy Lutomirski
2015-01-06 19:00 ` Borislav Petkov
2015-01-07 15:55 ` Borislav Petkov
2014-11-07 23:58 ` [PATCH 2/3] x86_64,entry: Use sysret to return to userspace when possible Andy Lutomirski
2015-01-08 12:29 ` Borislav Petkov
2015-01-08 13:57 ` Borislav Petkov
2015-01-10 21:05 ` Andy Lutomirski
2015-01-09 10:40 ` Borislav Petkov [this message]
2014-11-07 23:58 ` [PATCH 3/3] x86_64,entry: Remove the syscall exit audit and schedule optimizations Andy Lutomirski
2015-01-09 15:53 ` Borislav Petkov
2015-01-09 16:08 ` Andy Lutomirski
2014-12-04 1:42 ` [PATCH 0/3] x86_64,entry: Rearrange the syscall exit optimizations Andy Lutomirski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150109104035.GA13637@pd.tnic \
--to=bp@alien8.de \
--cc=fweisbec@gmail.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=oleg@redhat.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.