From: Thomas Gleixner <tglx@linutronix.de>
To: Nikolay Borisov <nik.borisov@suse.com>, x86@kernel.org
Cc: linux-kernel@vger.kernel.org, mhocko@suse.com, jslaby@suse.cz
Subject: Re: [PATCH v3 5/5] x86/entry: Make IA32 syscalls' availability depend on ia32_enabled()
Date: Mon, 19 Jun 2023 10:40:46 +0200 [thread overview]
Message-ID: <87a5wvrgj5.ffs@tglx> (raw)
In-Reply-To: <cf24db95-9c91-5d30-fe83-3a1e2cbf0cc1@suse.com>
On Mon, Jun 19 2023 at 09:28, Nikolay Borisov wrote:
> On 19.06.23 г. 0:17 ч., Thomas Gleixner wrote:
>> On Fri, Jun 16 2023 at 15:57, Nikolay Borisov wrote:
>>> Another major aspect of supporting running of 32bit processes is the
>>> ability to access 32bit syscalls. Such syscalls are invoked either by
>>> using the legacy int 0x80 call gate interface or via the newer sysenter
>>> instruction.
>>>
>>> Ensure that if ia32 emulation is disabled (either at compile time or
>>> runtime) then those 2 syscall mechanisms are also disabled.
>>
>> AFAICT there are _three_ mechanisms for 32bit syscalls, no?
>
> int 0x80 and sysenter make it 2? Which one is the 3rd one - the "native
> 64bit syscall" used in for X32 ABI ? This patch specifically deals with
> the first 2?
int 80, sysenter, syscall = 3
They obviously depend on the vendor preference when the CPU has enabled
long mode:
AMD Intel
compat_int 80 y y
compat_sysenter #UD y
compat_syscall y #UD
On Intel SYSENTER is trivial to disable by setting MSR_IA32_SYSENTER_CS
to 0 which makes sysenter raise #GP.
The nasty one is SYSCALL on AMD. If MSR_EFER.SCE=1 then MSR_CSTAR must
contain a valid kernel text address because otherwise compat SYSCALL
faults with CPL0 and user GSBASE. That's the whole reason for the stub
function which just sets EAX to -ENOSYS and returns via SYSRET.
And your patch deals with all _three_:
compat=ON compat=OFF
compat_int 80: Set system interrupt gate ---
compat_sysenter: Set up SYSENTER MSRs for Invalidate SYSENTER
entry_SYSENTER_compat() MSRs
compat_syscall: Set MSR_CSTAR to Set MSR_CSTAR to
entry_SYSCALL_compat() stub function
(AMD only) (AMD only)
No?
Changelogs have to be precise. Otherwise they are useless and in the
worst case actively misleading.
Thanks,
tglx
prev parent reply other threads:[~2023-06-19 8:43 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-16 12:57 [PATCH v3 0/5] Make IA32_EMULATION boot time overridable Nikolay Borisov
2023-06-16 12:57 ` [PATCH v3 1/5] x86: Make IA32_EMULATION boot time configurable Nikolay Borisov
2023-06-19 21:43 ` Randy Dunlap
2023-06-21 18:27 ` Borislav Petkov
2023-06-21 19:02 ` Nikolay Borisov
2023-06-16 12:57 ` [PATCH v3 2/5] x86/entry: Rename ignore_sysret Nikolay Borisov
2023-06-18 20:51 ` Thomas Gleixner
2023-06-19 13:30 ` Nikolay Borisov
2023-06-16 12:57 ` [PATCH v3 3/5] x86/entry: Compile entry_SYSCALL32_ignore unconditionally Nikolay Borisov
2023-06-18 21:11 ` Thomas Gleixner
2023-06-16 12:57 ` [PATCH v3 4/5] x86/elf: Make loading of 32bit processes depend on ia32_enabled() Nikolay Borisov
2023-06-16 12:57 ` [PATCH v3 5/5] x86/entry: Make IA32 syscalls' availability " Nikolay Borisov
2023-06-18 21:17 ` Thomas Gleixner
2023-06-19 6:28 ` Nikolay Borisov
2023-06-19 8:40 ` Thomas Gleixner [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87a5wvrgj5.ffs@tglx \
--to=tglx@linutronix.de \
--cc=jslaby@suse.cz \
--cc=linux-kernel@vger.kernel.org \
--cc=mhocko@suse.com \
--cc=nik.borisov@suse.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox