From: Borislav Petkov <bp@alien8.de>
To: Andy Lutomirski <luto@amacapital.net>
Cc: "Brian Gerst" <brgerst@gmail.com>,
"Steven Rostedt" <rostedt@goodmis.org>,
"Oleg Nesterov" <oleg@redhat.com>,
"Ingo Molnar" <mingo@kernel.org>,
"H. Peter Anvin" <hpa@zytor.com>,
"Linus Torvalds" <torvalds@linux-foundation.org>,
"Andy Lutomirski" <luto@kernel.org>,
"Will Drewry" <wad@chromium.org>,
"Frédéric Weisbecker" <fweisbec@gmail.com>,
"Alexei Starovoitov" <ast@plumgrid.com>,
"Linux Kernel Mailing List" <linux-kernel@vger.kernel.org>,
"Denys Vlasenko" <dvlasenk@redhat.com>,
"Kees Cook" <keescook@chromium.org>,
"Thomas Gleixner" <tglx@linutronix.de>,
"linux-tip-commits@vger.kernel.org"
<linux-tip-commits@vger.kernel.org>
Subject: Re: [tip:x86/vdso] x86/vdso32/syscall.S: Do not load __USER32_DS to %ss
Date: Thu, 23 Apr 2015 11:47:07 +0200 [thread overview]
Message-ID: <20150423094707.GA28327@pd.tnic> (raw)
In-Reply-To: <CALCETrVH6STDwEuLY3gFaNevtjvtOZ7Ox3e10ZhtmitCJnJUKQ@mail.gmail.com>
On Thu, Apr 23, 2015 at 01:49:50AM -0700, Andy Lutomirski wrote:
> I'm pretty sure that this is at least a little bit wrong. It makes no
> sense for me for syscall to set SS.DPL=0 and for sysret to leave
> SS.DPL=0. It had better at least change DPL to 3. (Except... don't
> they mean RPL? Why is the DPL cached at all? But RPL is clearly
> changed, since it's part of the selector.)
I think this should explain it a bit:
"• STAR—The STAR register has the following fields (unless otherwise
noted, all bits are read/write):
- SYSRET CS and SS Selectors—Bits 63:48. This field is used to specify
both the CS and SS selectors loaded into CS and SS during SYSRET. If
SYSRET is returning to 32-bit mode (either legacy or compatibility),
this field is copied directly into the CS selector field. If SYSRET is
returning to 64-bit mode, the CS selector is set to this field + 16.
SS.Sel is set to this field + 8, regardless of the target mode. Because
SYSRET always returns to CPL 3, the RPL bits 49:48 should be initialized
to 11b.
- SYSCALL CS and SS Selectors—Bits 47:32. This field is used to
specify both the CS and SS selectors loaded into CS and SS during
SYSCALL. This field is copied directly into CS.Sel. SS.Sel is set to
this field + 8. Because SYSCALL always switches to CPL 0, the RPL bits
33:32 should be initialized to 00b."
So I'm reading "SYSRET always returns to CPL3" and "SYSCALL always
switches to CPL 0" as those are being enforced. And this is also
mentioned in the SYSCALL/SYSRET documentation:
"SYSCALL sets the CPL to 0, regardless of the values of bits 33:32 of
the STAR register."
and
"SYSRET sets the CPL to 3, regardless of the values of bits 49:48 of the
star register."
BUT(!)
"It is also assumed (but not checked) that the RPL of the SYSCALL and
SYSRET target selectors are set to 0 and 3, respectively."
>
> > Not changing base or limit is no big deal, but not changing attributes
> > could be the problem. It might be leaving the "64-bit stack"
> > attribute set, for whatever that means.
>
> Hmm. I don't know if I believe that explanation. For one thing, the
> APM says "Executing SYSRET in non-64-bit mode or with a 16- or 32-bit
> operand size returns to 32-bit mode with a 32-bit stack pointer."
>
> We can revert this patch or fix it, but I'd like to at least try to
> understand what's wrong first. Borislav, any ideas?
Right, so according to the documentation, SYSRET does load SS from
MSR_STAR[63:48] and forces the RPL bits [49:48] to 3.
So if we really do have a bad %ss, then something is changing it in
MSR_STAR.
But that sounds really far-fetched and implausible so it must be
something else.
/me scratches head...
--
Regards/Gruss,
Boris.
ECO tip #101: Trim your mails when you reply.
--
next prev parent reply other threads:[~2015-04-23 9:47 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-26 1:11 [GIT PULL] x86/vdso changes for 4.1 Andy Lutomirski
[not found] ` <efe1ec29eda830b1d0030882706f3dac99ce1f73.1427482063.git.luto@kernel.org>
2015-03-27 18:47 ` [GIT PULL 2/4] x86: vdso32/syscall.S: do not load __USER32_DS to %ss Andy Lutomirski
2015-03-27 18:48 ` [GIT PULL 1/4] x86,vdso: fix the x86 vdso2c tool includes Andy Lutomirski
2015-03-27 18:48 ` [GIT PULL 2/4] x86: vdso32/syscall.S: do not load __USER32_DS to %ss Andy Lutomirski
2015-03-31 12:38 ` [tip:x86/vdso] x86/vdso32/syscall.S: Do " tip-bot for Denys Vlasenko
2015-04-23 7:37 ` Brian Gerst
2015-04-23 8:49 ` Andy Lutomirski
2015-04-23 9:07 ` Andy Lutomirski
2015-04-23 9:23 ` Denys Vlasenko
2015-04-23 9:47 ` Borislav Petkov [this message]
2015-04-23 9:56 ` Denys Vlasenko
2015-04-23 10:18 ` Borislav Petkov
2015-04-23 10:26 ` Denys Vlasenko
2015-04-23 10:44 ` Borislav Petkov
2015-04-23 11:05 ` Denys Vlasenko
2015-04-23 15:48 ` Andy Lutomirski
2015-04-23 16:41 ` Denys Vlasenko
2015-04-23 16:50 ` Andy Lutomirski
2015-04-23 17:14 ` Borislav Petkov
2015-04-23 18:24 ` Andy Lutomirski
2015-04-23 18:36 ` Linus Torvalds
2015-04-23 18:52 ` Borislav Petkov
2015-04-23 19:20 ` Andy Lutomirski
2015-04-23 19:50 ` Denys Vlasenko
2015-04-23 9:20 ` Denys Vlasenko
2015-04-23 9:56 ` Borislav Petkov
2015-04-23 11:11 ` Brian Gerst
2015-04-23 11:28 ` Brian Gerst
2015-04-23 11:46 ` Denys Vlasenko
2015-04-23 12:01 ` Brian Gerst
2015-04-23 12:35 ` Denys Vlasenko
2015-04-23 11:12 ` Denys Vlasenko
2015-03-27 18:48 ` [GIT PULL 3/4] x86, vdso: teach 'make clean' remove generated vdso-image-*.c files Andy Lutomirski
2015-03-31 12:38 ` [tip:x86/vdso] x86/vdso: Teach 'make clean' to " tip-bot for Andrey Skvortsov
2015-03-27 18:48 ` [GIT PULL 4/4] x86, vdso: Remove x32 intermediates during 'make clean' Andy Lutomirski
2015-03-31 12:39 ` [tip:x86/vdso] x86/vdso: Remove x32 intermediates during ' make clean' tip-bot for Andy Lutomirski
2015-03-31 12:38 ` [tip:x86/vdso] x86/vdso: Fix the x86 vdso2c tool includes tip-bot for Tommi Kyntola
-- strict thread matches above, loose matches on Subject: below --
2015-02-16 14:15 [PATCH] x86,vdso: fix " Tommi Kyntola
2015-02-16 16:29 ` Andy Lutomirski
[not found] ` <CAO2cUkRstHcKzy+sMvaQoXHBjTX1yheN2EMQW-wCd0tDRCLNYQ@mail.gmail.com>
2015-02-16 20:40 ` Andy Lutomirski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150423094707.GA28327@pd.tnic \
--to=bp@alien8.de \
--cc=ast@plumgrid.com \
--cc=brgerst@gmail.com \
--cc=dvlasenk@redhat.com \
--cc=fweisbec@gmail.com \
--cc=hpa@zytor.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-tip-commits@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=luto@kernel.org \
--cc=mingo@kernel.org \
--cc=oleg@redhat.com \
--cc=rostedt@goodmis.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=wad@chromium.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox