Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 14 Mar 2017 22:04:24 +0100
From: Pavel Machek <>
To: Thomas Garnier <>
Cc: Thomas Gleixner <>, Ingo Molnar <>,
	"H . Peter Anvin" <>, Jonathan Corbet <>,
	Andrey Ryabinin <>,
	Alexander Potapenko <>,
	Dmitry Vyukov <>,
	Lorenzo Stoakes <>,
	Kees Cook <>, Juergen Gross <>,
	Andy Lutomirski <>,
	Paul Gortmaker <>,
	Andrew Morton <>,
	Michal Hocko <>, zijun_hu <>,
	Chris Wilson <>,
	Andy Lutomirski <>,
	"Rafael J . Wysocki" <>,
	Len Brown <>, Jiri Kosina <>,
	Matt Fleming <>,
	Ard Biesheuvel <>,
	Boris Ostrovsky <>,
	Rusty Russell <>,
	Paolo Bonzini <>, Borislav Petkov <>,
	Christian Borntraeger <>,
	Frederic Weisbecker <>,
	"Luis R . Rodriguez" <>,
	Stanislaw Gruszka <>,
	Peter Zijlstra <>,
	Josh Poimboeuf <>,
	Vitaly Kuznetsov <>,
	Tim Chen <>,
	Joerg Roedel <>,
	Radim Krčmář <>,,,,,,,,,,,
Subject: Re: [PATCH v7 3/3] x86: Make the GDT remapping read-only on 64-bit

On Tue 2017-03-14 10:05:08, Thomas Garnier wrote:
> This patch makes the GDT remapped pages read-only to prevent corruption.
> This change is done only on 64-bit.
> The native_load_tr_desc function was adapted to correctly handle a
> read-only GDT. The LTR instruction always writes to the GDT TSS entry.
> This generates a page fault if the GDT is read-only. This change checks
> if the current GDT is a remap and swap GDTs as needed. This function was
> tested by booting multiple machines and checking hibernation works
> properly.
> KVM SVM and VMX were adapted to use the writeable GDT. On VMX, the
> per-cpu variable was removed for functions to fetch the original GDT.
> Instead of reloading the previous GDT, VMX will reload the fixmap GDT as
> expected. For testing, VMs were started and restored on multiple
> configurations.
> Signed-off-by: Thomas Garnier <>

Can we get the same change for 32-bit, too? Growing differences
between 32 and 64 bit are a bit of a problem...
(cesky, pictures)

Download attachment "signature.asc" of type "application/pgp-signature" (182 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.