From: Zachary Amsden <zach@vmware.com>
To: Chris Wright <chrisw@sous-sol.org>
Cc: Gerd Hoffmann <kraxel@suse.de>,
Linus Torvalds <torvalds@osdl.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Virtualization Mailing List <virtualization@lists.osdl.org>,
Xen-devel <xen-devel@lists.xensource.com>,
Andrew Morton <akpm@osdl.org>, Dan Hecht <dhecht@vmware.com>,
Dan Arai <arai@vmware.com>, Anne Holler <anne@vmware.com>,
Pratap Subrahmanyam <pratap@vmware.com>,
Christopher Li <chrisl@vmware.com>,
Joshua LeVasseur <jtl@ira.uka.de>, Rik Van Riel <riel@redhat.com>,
Jyothy Reddy <jreddy@vmware.com>, Jack Lo <jlo@vmware.com>,
Kip Macy <kmacy@fsmware.com>, Jan Beulich <jbeulich@novell.com>,
Ky Srinivasan <ksrinivasan@novell.com>,
Wim Coekaerts <wim.coekaerts@oracle.com>,
Leendert van Doorn <leendert@watson.ibm.com>
Subject: Re: [RFC, PATCH 7/24] i386 Vmi memory hole
Date: Wed, 15 Mar 2006 01:18:32 -0800 [thread overview]
Message-ID: <4417DBE8.6070302@vmware.com> (raw)
In-Reply-To: <20060315090935.GS12807@sorel.sous-sol.org>
Chris Wright wrote:
> * Zachary Amsden (zach@vmware.com) wrote:
>
>> ENTRY(sysenter_entry)
>> movl TSS_sysenter_esp0(%esp),%esp
>> sysenter_past_esp:
>> STI
>> pushl $(__USER_DS)
>> pushl %ebp
>> pushfl
>> pushl $(__USER_CS)
>> pushl $SYSENTER_RETURN
>>
>> SYSENTER_RETURN is a link time constant that is defined based on the
>> location of the vsyscall page. If the vsyscall page can move, this can
>> not be a constant. The reason is, this "fake" exception frame is used
>> to return back to the EIP of the call site, and sysenter does not record
>> the EIP of the call site.
>>
>
> It's only real issue for something like execshield. For this it's easy
> to do the fixed math since it's still at fixed address.
>
> + DEFINE(VSYSCALL_BASE, (PAGE_OFFSET - 2*PAGE_SIZE));
>
Ok, I'm confused. What fixed math? The return EIP that is pushed here
is used when sysenter is active and you have to IRET back to userspace.
If that EIP is dynamically relocatable, you can't do fixed math unless
you patch the pushl site dynamically. Notable reasons for returning via
IRET on this fake exception frame were (until my recent submission) IOPL
changes, but I believe there were more. I will have to inspect the
source to determine if that is still the case.
Zach
next prev parent reply other threads:[~2006-03-15 9:19 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-03-13 18:04 [RFC, PATCH 7/24] i386 Vmi memory hole Zachary Amsden
2006-03-14 6:41 ` Chris Wright
2006-03-14 7:14 ` Zachary Amsden
2006-03-14 21:56 ` Chris Wright
2006-03-14 22:35 ` Zachary Amsden
2006-03-15 4:31 ` Chris Wright
2006-03-15 8:27 ` Gerd Hoffmann
2006-03-15 8:36 ` Zachary Amsden
2006-03-15 9:09 ` Chris Wright
2006-03-15 9:18 ` Zachary Amsden [this message]
2006-03-15 9:41 ` Chris Wright
2006-03-15 9:27 ` Gerd Hoffmann
2006-03-15 9:37 ` Zachary Amsden
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4417DBE8.6070302@vmware.com \
--to=zach@vmware.com \
--cc=akpm@osdl.org \
--cc=anne@vmware.com \
--cc=arai@vmware.com \
--cc=chrisl@vmware.com \
--cc=chrisw@sous-sol.org \
--cc=dhecht@vmware.com \
--cc=jbeulich@novell.com \
--cc=jlo@vmware.com \
--cc=jreddy@vmware.com \
--cc=jtl@ira.uka.de \
--cc=kmacy@fsmware.com \
--cc=kraxel@suse.de \
--cc=ksrinivasan@novell.com \
--cc=leendert@watson.ibm.com \
--cc=linux-kernel@vger.kernel.org \
--cc=pratap@vmware.com \
--cc=riel@redhat.com \
--cc=torvalds@osdl.org \
--cc=virtualization@lists.osdl.org \
--cc=wim.coekaerts@oracle.com \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox