From: Peter Zijlstra <peterz@infradead.org>
To: Thomas Gleixner <tglx@linutronix.de>
Cc: LKML <linux-kernel@vger.kernel.org>,
Dave Hansen <dave.hansen@linux.intel.com>,
Andy Lutomirski <luto@kernel.org>, Ingo Molnar <mingo@kernel.org>,
Borislav Petkov <bp@alien8.de>, Brian Gerst <brgerst@gmail.com>,
Denys Vlasenko <dvlasenk@redhat.com>,
"H. Peter Anvin" <hpa@zytor.com>,
Josh Poimboeuf <jpoimboe@redhat.com>,
Linus Torvalds <torvalds@linux-foundation.org>,
Rik van Riel <riel@redhat.com>,
daniel.gruss@iaik.tugraz.at, hughd@google.com,
keescook@google.com, linux-mm@kvack.org,
michael.schwarz@iaik.tugraz.at, moritz.lipp@iaik.tugraz.at,
richard.fellner@student.tugraz.at
Subject: Re: [patch V2 5/5] x86/kaiser: Add boottime disable switch
Date: Mon, 27 Nov 2017 22:43:08 +0100 [thread overview]
Message-ID: <20171127214308.hxzturumrucfnlpy@hirez.programming.kicks-ass.net> (raw)
In-Reply-To: <20171127102241.oj225ycxkc7rfvft@hirez.programming.kicks-ass.net>
On Mon, Nov 27, 2017 at 11:22:41AM +0100, Peter Zijlstra wrote:
> Could be a simple as this.. but I've not tested.
>
>
> diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
> index f4f4ab8525bd..1be393a97421 100644
> --- a/arch/x86/kernel/cpu/common.c
> +++ b/arch/x86/kernel/cpu/common.c
> @@ -1442,7 +1442,10 @@ void syscall_init(void)
> (entry_SYSCALL_64_trampoline - _entry_trampoline);
>
> wrmsr(MSR_STAR, 0, (__USER32_CS << 16) | __KERNEL_CS);
> - wrmsrl(MSR_LSTAR, SYSCALL64_entry_trampoline);
> + if (kaiser_enabled)
> + wrmsrl(MSR_LSTAR, SYSCALL64_entry_trampoline);
> + else
> + wrmsrl(MSR_LSTAR, (unsigned long)entry_SYSCALL_64);
>
> #ifdef CONFIG_IA32_EMULATION
> wrmsrl(MSR_CSTAR, (unsigned long)entry_SYSCALL_compat);
Seems to work:
root@ivb-ep:~# rdmsr --all 0xc0000082 | uniq
ffffffff81beb780
root@ivb-ep:~# grep ffffffff81beb780 /proc/kallsyms
ffffffff81beb780 T entry_SYSCALL_64
WARNING: multiple messages have this Message-ID
From: Peter Zijlstra <peterz@infradead.org>
To: Thomas Gleixner <tglx@linutronix.de>
Cc: LKML <linux-kernel@vger.kernel.org>,
Dave Hansen <dave.hansen@linux.intel.com>,
Andy Lutomirski <luto@kernel.org>, Ingo Molnar <mingo@kernel.org>,
Borislav Petkov <bp@alien8.de>, Brian Gerst <brgerst@gmail.com>,
Denys Vlasenko <dvlasenk@redhat.com>,
"H. Peter Anvin" <hpa@zytor.com>,
Josh Poimboeuf <jpoimboe@redhat.com>,
Linus Torvalds <torvalds@linux-foundation.org>,
Rik van Riel <riel@redhat.com>,
daniel.gruss@iaik.tugraz.at, hughd@google.com,
keescook@google.com, linux-mm@kvack.org,
michael.schwarz@iaik.tugraz.at, moritz.lipp@iaik.tugraz.at,
richard.fellner@student.tugraz.at
Subject: Re: [patch V2 5/5] x86/kaiser: Add boottime disable switch
Date: Mon, 27 Nov 2017 22:43:08 +0100 [thread overview]
Message-ID: <20171127214308.hxzturumrucfnlpy@hirez.programming.kicks-ass.net> (raw)
In-Reply-To: <20171127102241.oj225ycxkc7rfvft@hirez.programming.kicks-ass.net>
On Mon, Nov 27, 2017 at 11:22:41AM +0100, Peter Zijlstra wrote:
> Could be a simple as this.. but I've not tested.
>
>
> diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
> index f4f4ab8525bd..1be393a97421 100644
> --- a/arch/x86/kernel/cpu/common.c
> +++ b/arch/x86/kernel/cpu/common.c
> @@ -1442,7 +1442,10 @@ void syscall_init(void)
> (entry_SYSCALL_64_trampoline - _entry_trampoline);
>
> wrmsr(MSR_STAR, 0, (__USER32_CS << 16) | __KERNEL_CS);
> - wrmsrl(MSR_LSTAR, SYSCALL64_entry_trampoline);
> + if (kaiser_enabled)
> + wrmsrl(MSR_LSTAR, SYSCALL64_entry_trampoline);
> + else
> + wrmsrl(MSR_LSTAR, (unsigned long)entry_SYSCALL_64);
>
> #ifdef CONFIG_IA32_EMULATION
> wrmsrl(MSR_CSTAR, (unsigned long)entry_SYSCALL_compat);
Seems to work:
root@ivb-ep:~# rdmsr --all 0xc0000082 | uniq
ffffffff81beb780
root@ivb-ep:~# grep ffffffff81beb780 /proc/kallsyms
ffffffff81beb780 T entry_SYSCALL_64
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2017-11-27 21:43 UTC|newest]
Thread overview: 64+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-11-26 23:14 [patch V2 0/5] x86/kaiser: Boot time disabling and debug support Thomas Gleixner
2017-11-26 23:14 ` Thomas Gleixner
2017-11-26 23:14 ` [patch V2 1/5] x86/kaiser: Respect disabled CPU features Thomas Gleixner
2017-11-26 23:14 ` Thomas Gleixner
2017-11-27 9:57 ` Peter Zijlstra
2017-11-27 9:57 ` Peter Zijlstra
2017-11-27 11:47 ` Thomas Gleixner
2017-11-27 11:47 ` Thomas Gleixner
2017-11-27 12:31 ` Brian Gerst
2017-11-27 12:31 ` Brian Gerst
2017-11-27 13:18 ` Thomas Gleixner
2017-11-27 13:18 ` Thomas Gleixner
2017-11-27 18:11 ` Dave Hansen
2017-11-27 18:11 ` Dave Hansen
2017-11-27 18:37 ` Kees Cook
2017-11-27 18:37 ` Kees Cook
2017-11-26 23:14 ` [patch V2 2/5] x86/kaiser: Simplify disabling of global pages Thomas Gleixner
2017-11-26 23:14 ` Thomas Gleixner
2017-11-27 11:49 ` Thomas Gleixner
2017-11-27 11:49 ` Thomas Gleixner
2017-11-27 18:15 ` Dave Hansen
2017-11-27 18:15 ` Dave Hansen
2017-11-27 20:28 ` Thomas Gleixner
2017-11-27 20:28 ` Thomas Gleixner
2017-11-26 23:14 ` [patch V2 3/5] x86/dump_pagetables: Check KAISER shadow page table for WX pages Thomas Gleixner
2017-11-26 23:14 ` Thomas Gleixner
2017-11-27 18:17 ` Dave Hansen
2017-11-27 18:17 ` Dave Hansen
2017-11-26 23:14 ` [patch V2 4/5] x86/mm/debug_pagetables: Allow dumping current pagetables Thomas Gleixner
2017-11-26 23:14 ` Thomas Gleixner
2017-11-27 9:41 ` Peter Zijlstra
2017-11-27 9:41 ` Peter Zijlstra
2017-11-27 10:06 ` [PATCH] vfs: Add PERM_* symbolic helpers for common file mode/permissions Ingo Molnar
2017-11-27 10:06 ` Ingo Molnar
2017-11-27 19:21 ` Linus Torvalds
2017-11-27 19:21 ` Linus Torvalds
2017-11-28 10:54 ` Ingo Molnar
2017-11-28 10:54 ` Ingo Molnar
2017-11-28 11:12 ` Ingo Molnar
2017-11-28 11:12 ` Ingo Molnar
2017-11-29 8:52 ` Michael Ellerman
2017-11-29 8:52 ` Michael Ellerman
2017-11-27 18:18 ` [patch V2 4/5] x86/mm/debug_pagetables: Allow dumping current pagetables Dave Hansen
2017-11-27 18:18 ` Dave Hansen
2017-11-26 23:14 ` [patch V2 5/5] x86/kaiser: Add boottime disable switch Thomas Gleixner
2017-11-26 23:14 ` Thomas Gleixner
2017-11-27 9:48 ` Peter Zijlstra
2017-11-27 9:48 ` Peter Zijlstra
2017-11-27 10:22 ` Peter Zijlstra
2017-11-27 10:22 ` Peter Zijlstra
2017-11-27 11:50 ` Thomas Gleixner
2017-11-27 11:50 ` Thomas Gleixner
2017-11-27 12:49 ` Peter Zijlstra
2017-11-27 12:49 ` Peter Zijlstra
2017-11-27 21:43 ` Peter Zijlstra [this message]
2017-11-27 21:43 ` Peter Zijlstra
2017-11-27 18:22 ` Dave Hansen
2017-11-27 18:22 ` Dave Hansen
2017-11-27 19:00 ` Thomas Gleixner
2017-11-27 19:00 ` Thomas Gleixner
2017-11-27 19:18 ` Josh Poimboeuf
2017-11-27 19:18 ` Josh Poimboeuf
2017-11-27 20:47 ` Thomas Gleixner
2017-11-27 20:47 ` Thomas Gleixner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171127214308.hxzturumrucfnlpy@hirez.programming.kicks-ass.net \
--to=peterz@infradead.org \
--cc=bp@alien8.de \
--cc=brgerst@gmail.com \
--cc=daniel.gruss@iaik.tugraz.at \
--cc=dave.hansen@linux.intel.com \
--cc=dvlasenk@redhat.com \
--cc=hpa@zytor.com \
--cc=hughd@google.com \
--cc=jpoimboe@redhat.com \
--cc=keescook@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luto@kernel.org \
--cc=michael.schwarz@iaik.tugraz.at \
--cc=mingo@kernel.org \
--cc=moritz.lipp@iaik.tugraz.at \
--cc=richard.fellner@student.tugraz.at \
--cc=riel@redhat.com \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.