Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 20 Feb 2017 09:28:50 -0800
From: Thomas Garnier <thgarnie@...gle.com>
To: Andy Lutomirski <luto@...capital.net>
Cc: Jim Mattson <jmattson@...gle.com>, Thomas Gleixner <tglx@...utronix.de>, 
	Ingo Molnar <mingo@...hat.com>, "H . Peter Anvin" <hpa@...or.com>, 
	Andrey Ryabinin <aryabinin@...tuozzo.com>, Alexander Potapenko <glider@...gle.com>, 
	Dmitry Vyukov <dvyukov@...gle.com>, Kees Cook <keescook@...omium.org>, 
	Andy Lutomirski <luto@...nel.org>, Borislav Petkov <bp@...e.de>, 
	Paul Gortmaker <paul.gortmaker@...driver.com>, "Rafael J . Wysocki" <rjw@...ysocki.net>, 
	Len Brown <len.brown@...el.com>, Pavel Machek <pavel@....cz>, Jiri Kosina <jikos@...nel.org>, 
	Matt Fleming <matt@...eblueprint.co.uk>, Ard Biesheuvel <ard.biesheuvel@...aro.org>, 
	Boris Ostrovsky <boris.ostrovsky@...cle.com>, Juergen Gross <jgross@...e.com>, 
	Rusty Russell <rusty@...tcorp.com.au>, Peter Zijlstra <peterz@...radead.org>, 
	Christian Borntraeger <borntraeger@...ibm.com>, "Luis R . Rodriguez" <mcgrof@...nel.org>, 
	He Chen <he.chen@...ux.intel.com>, Brian Gerst <brgerst@...il.com>, 
	Stanislaw Gruszka <sgruszka@...hat.com>, Arnd Bergmann <arnd@...db.de>, 
	Adam Buchbinder <adam.buchbinder@...il.com>, Dave Hansen <dave.hansen@...el.com>, 
	Vitaly Kuznetsov <vkuznets@...hat.com>, Josh Poimboeuf <jpoimboe@...hat.com>, 
	Tim Chen <tim.c.chen@...ux.intel.com>, Rik van Riel <riel@...hat.com>, 
	Andi Kleen <ak@...ux.intel.com>, Jiri Olsa <jolsa@...hat.com>, 
	Michael Ellerman <mpe@...erman.id.au>, Joerg Roedel <joro@...tes.org>, 
	Paolo Bonzini <pbonzini@...hat.com>, Radim Krčmář <rkrcmar@...hat.com>, 
	"the arch/x86 maintainers" <x86@...nel.org>, LKML <linux-kernel@...r.kernel.org>, 
	kasan-dev <kasan-dev@...glegroups.com>, Linux PM list <linux-pm@...r.kernel.org>, 
	"linux-efi@...r.kernel.org" <linux-efi@...r.kernel.org>, 
	"xen-devel@...ts.xenproject.org" <xen-devel@...ts.xenproject.org>, lguest@...ts.ozlabs.org, 
	kvm list <kvm@...r.kernel.org>, 
	Kernel Hardening <kernel-hardening@...ts.openwall.com>
Subject: Re: [PATCH v3 4/4] KVM: VMX: Simplify segment_base

On Mon, Feb 20, 2017 at 8:56 AM, Andy Lutomirski <luto@...capital.net> wrote:
> On Fri, Feb 17, 2017 at 2:01 PM, Thomas Garnier <thgarnie@...gle.com> wrote:
>> On Fri, Feb 17, 2017 at 1:00 PM, Jim Mattson <jmattson@...gle.com> wrote:
>>> On Fri, Feb 17, 2017 at 12:11 PM, Thomas Garnier <thgarnie@...gle.com> wrote:
>>>> On Fri, Feb 17, 2017 at 9:49 AM, Jim Mattson <jmattson@...gle.com> wrote:
>>>>>
>>>>> Can we use the read-only GDT here? When expanding the virtual address
>>>>> for 64-bit system descriptors, isn't it sufficient to check (d->s == 0
>>>>> && d->type != 0)?
>>>>
>>>> We can use the readonly GDT but I think doesn't matter one or the
>>>> other here. We have to check specific types for LDT or TSS, other
>>>> values describe other entries (cf Intel volume 3, 3.5) (for example 14
>>>> & 15 on 64-bits are for trap & interrupt gates).
>>>
>>> According to volume 3 of the SDM, section 3.5.2:
>>>
>>> The following system descriptors expand to 16 bytes:
>>> — Call gate descriptors (see Section 5.8.3.1, “IA-32e Mode Call Gates”)
>>> — IDT gate descriptors (see Section 6.14.1, “64-Bit Mode IDT”)
>>> — LDT and TSS descriptors (see Section 7.2.3, “TSS Descriptor in 64-bit mode”).
>>>
>>> All legal system descriptor types (except for 0: Upper 8 bytes of an 16-byte
>>> descriptor) should get the high 32 bits of the base address from the next 8-byte
>>> descriptor.
>>>
>>
>> Ok, then I will test an updated version next week.
>>
>
> I'm going to send out some preliminary patches that just get rid of
> this problem entirely.

Okay, I guess I will have to wait for it to be integrated to
linux-next then. Or would you rather to it after this patch set is
added?

-- 
Thomas

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.