From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752621AbdJTSLq (ORCPT <rfc822;w@1wt.eu>);
        Fri, 20 Oct 2017 14:11:46 -0400
Received: from mga09.intel.com ([134.134.136.24]:33348 "EHLO mga09.intel.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1752214AbdJTSLo (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 20 Oct 2017 14:11:44 -0400
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.43,408,1503385200"; 
   d="scan'208";a="912008159"
Date: Fri, 20 Oct 2017 11:10:51 -0700
From: Ricardo Neri <ricardo.neri-calderon@linux.intel.com>
To: Borislav Petkov <bp@suse.de>
Cc: Ingo Molnar <mingo@redhat.com>, Thomas Gleixner <tglx@linutronix.de>,
        "H. Peter Anvin" <hpa@zytor.com>, Andy Lutomirski <luto@kernel.org>,
        Peter Zijlstra <peterz@infradead.org>,
        Andrew Morton <akpm@linux-foundation.org>,
        Brian Gerst <brgerst@gmail.com>, Chris Metcalf <cmetcalf@mellanox.com>,
        Dave Hansen <dave.hansen@linux.intel.com>,
        Paolo Bonzini <pbonzini@redhat.com>,
        Masami Hiramatsu <mhiramat@kernel.org>, Huang Rui <ray.huang@amd.com>,
        Jiri Slaby <jslaby@suse.cz>, Jonathan Corbet <corbet@lwn.net>,
        "Michael S. Tsirkin" <mst@redhat.com>,
        Paul Gortmaker <paul.gortmaker@windriver.com>,
        Vlastimil Babka <vbabka@suse.cz>, Chen Yucong <slaoub@gmail.com>,
        "Ravi V. Shankar" <ravi.v.shankar@intel.com>,
        Shuah Khan <shuah@kernel.org>, linux-kernel@vger.kernel.org,
        x86@kernel.org, ricardo.neri@intel.com,
        Adam Buchbinder <adam.buchbinder@gmail.com>,
        Colin Ian King <colin.king@canonical.com>,
        Lorenzo Stoakes <lstoakes@gmail.com>,
        Qiaowei Ren <qiaowei.ren@intel.com>,
        Arnaldo Carvalho de Melo <acme@redhat.com>,
        Adrian Hunter <adrian.hunter@intel.com>,
        Kees Cook <keescook@chromium.org>,
        Thomas Garnier <thgarnie@google.com>,
        Dmitry Vyukov <dvyukov@google.com>
Subject: Re: [PATCH v9 18/29] x86/insn-eval: Incorporate segment base in
 linear address computation
Message-ID: <20171020181051.GD12298@voyager>
References: <1507089272-32733-1-git-send-email-ricardo.neri-calderon@linux.intel.com>
 <1507089272-32733-19-git-send-email-ricardo.neri-calderon@linux.intel.com>
 <20171020160833.mzzo5sqbczgp3uqo@pd.tnic>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20171020160833.mzzo5sqbczgp3uqo@pd.tnic>
User-Agent: Mutt/1.5.24 (2015-08-30)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, Oct 20, 2017 at 06:08:41PM +0200, Borislav Petkov wrote:
> On Tue, Oct 03, 2017 at 08:54:21PM -0700, Ricardo Neri wrote:
> > insn_get_addr_ref() returns the effective address as defined by the
> > section 3.7.5.1 Vol 1 of the Intel 64 and IA-32 Architectures Software
> > Developer's Manual. In order to compute the linear address, we must add
> > to the effective address the segment base address as set in the segment
> > descriptor. The segment descriptor to use depends on the register used as
> > operand and segment override prefixes, if any.
> > 
> > In most cases, the segment base address will be 0 if the USER_DS/USER32_DS
> > segment is used or if segmentation is not used. However, the base address
> > is not necessarily zero if a user programs defines its own segments. This
> > is possible by using a local descriptor table.
> > 
> > Since the effective address is a signed quantity, the unsigned segment
> > base address is saved in a separate variable and added to the final,
> > unsigned, effective address.
> > 
> > Cc: Dave Hansen <dave.hansen@linux.intel.com>
> > Cc: Adam Buchbinder <adam.buchbinder@gmail.com>
> > Cc: Colin Ian King <colin.king@canonical.com>
> > Cc: Lorenzo Stoakes <lstoakes@gmail.com>
> > Cc: Qiaowei Ren <qiaowei.ren@intel.com>
> > Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
> > Cc: Masami Hiramatsu <mhiramat@kernel.org>
> > Cc: Adrian Hunter <adrian.hunter@intel.com>
> > Cc: Kees Cook <keescook@chromium.org>
> > Cc: Thomas Garnier <thgarnie@google.com>
> > Cc: Peter Zijlstra <peterz@infradead.org>
> > Cc: Borislav Petkov <bp@suse.de>
> > Cc: Dmitry Vyukov <dvyukov@google.com>
> > Cc: Ravi V. Shankar <ravi.v.shankar@intel.com>
> > Cc: x86@kernel.org
> > Signed-off-by: Ricardo Neri <ricardo.neri-calderon@linux.intel.com>
> > ---
> >  arch/x86/lib/insn-eval.c | 30 +++++++++++++++++++++++++++---
> >  1 file changed, 27 insertions(+), 3 deletions(-)
> > 
> > diff --git a/arch/x86/lib/insn-eval.c b/arch/x86/lib/insn-eval.c
> > index dd84819..b3aa891 100644
> > --- a/arch/x86/lib/insn-eval.c
> > +++ b/arch/x86/lib/insn-eval.c
> > @@ -719,8 +719,8 @@ int insn_get_modrm_rm_off(struct insn *insn, struct pt_regs *regs)
> >   */
> >  void __user *insn_get_addr_ref(struct insn *insn, struct pt_regs *regs)
> >  {
> > -	int addr_offset, base_offset, indx_offset;
> > -	unsigned long linear_addr = -1L;
> > +	int addr_offset, base_offset, indx_offset, seg_reg_indx;
> > +	unsigned long linear_addr = -1L, seg_base_addr;
> >  	long eff_addr, base, indx;
> >  	insn_byte_t sib;
> >  
> > @@ -734,6 +734,14 @@ void __user *insn_get_addr_ref(struct insn *insn, struct pt_regs *regs)
> >  			goto out;
> >  
> >  		eff_addr = regs_get_register(regs, addr_offset);
> > +
> > +		seg_reg_indx = resolve_seg_reg(insn, regs, addr_offset);
> > +		if (seg_reg_indx < 0)
> > +			goto out;
> > +
> > +		seg_base_addr = insn_get_seg_base(regs, seg_reg_indx);
> > +		if (seg_base_addr == -1L)
> > +			goto out;
> 
> Instead of replicating the same calls three times, add a
> get_seg_base_addr() helper and call it where needed.

I will add this function.

Thanks and BR,
Ricardo
> --