From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1754545AbcEBQhS (ORCPT <rfc822;w@1wt.eu>);
	Mon, 2 May 2016 12:37:18 -0400
Received: from mx1.redhat.com ([209.132.183.28]:42939 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1754108AbcEBQhF (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Mon, 2 May 2016 12:37:05 -0400
Date: Mon, 2 May 2016 17:35:08 +0200
From: Oleg Nesterov <oleg@redhat.com>
To: Andy Lutomirski <luto@amacapital.net>
Cc: X86 ML <x86@kernel.org>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        Roland McGrath <roland@hack.frob.com>,
        Andi Kleen <andi@firstfloor.org>, Borislav Petkov <bp@alien8.de>,
        Brian Gerst <brgerst@gmail.com>
Subject: Re: ptrace vs FSGSBASE
Message-ID: <20160502153508.GA7874@redhat.com>
References: <CALCETrV+tU487QLcp=z5a0M2L7W2fkPUFYLrJBXCn8dUhrXCAw@mail.gmail.com> <20160502142746.GA7142@redhat.com> <CALCETrWK_FjgyekSbJ5Cbk=fjBWkQogBWjGGDyXBskb-r-+BBg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CALCETrWK_FjgyekSbJ5Cbk=fjBWkQogBWjGGDyXBskb-r-+BBg@mail.gmail.com>
User-Agent: Mutt/1.5.18 (2008-05-17)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 05/02, Andy Lutomirski wrote:
>
> On Mon, May 2, 2016 at 7:27 AM, Oleg Nesterov <oleg@redhat.com> wrote:
> >>
> >> 1. I read fs_base using ptrace.  I think I should get the actual
> >> fs_base without any nonsense.
> >
> > Which fs_base? The member of user_regs_struct? But this structure/layout
> > is just the ABI, so to me it seems correct that getreg() tries to look
> > at ->fs and/or ->fsindex.
>
> Yeah, the member of user_regs_struct.

Still can't understand this... user_regs_struct is just the set of offsets
we use to "name" the registers for getreg/putreg. We simply do not have
"the actual fs_base" we could use in getreg(), we need to calculate it.

> > I can't understand what does "atomically" mean in this context.
>
> I mean "change fs and fs_base to these two values in a single syscall
> so that the kernel can do something intelligent."
>
> Let me give some background:
> [... snip ...]

Thanks Andy. I need to re-read your explanation, but it seems I am starting
to understand. And yes, I didn't bother to look at putreg() when I wrote
my reply.

> If you write, say, 0x2b to
> fs and 12345 to fs_base using the ptrace API, you'd end up with FS ==
> 0x2b and FSBASE == 0,

Hmm. I can be easily wrong again but afaics in this case do_arch_prctl()
will change fs/fs_base first and set

	fsindex = FS_TLS_SEL
	fs = 0

and then... and then I simply can't understand what set_segment_reg(fs)
will/should do in this case. Nor I can understand the "thread.fs != value"
check before do_arch_prctl(ARCH_SET_FS). Confused.

Oleg.