* Does __KERNEL_DS serve a purpose?
@ 2016-04-08 0:24 Andy Lutomirski
2016-04-08 8:01 ` Andrew Cooper
0 siblings, 1 reply; 11+ messages in thread
From: Andy Lutomirski @ 2016-04-08 0:24 UTC (permalink / raw)
To: X86 ML, linux-kernel; +Cc: kvm list, xen-devel, Borislav Petkov
I can't see any reason that we need the __KERNEL_DS segment at all --
I think that everything that uses __KERNEL_DS could use __USER_DS
instead. Am I missing anything? This has been bugging me for a
while.
I mulled over this a bit when trying to understand the sysret_ss_attrs
bug and then forgot about it.
--Andy
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [Xen-devel] Does __KERNEL_DS serve a purpose?
2016-04-08 0:24 Does __KERNEL_DS serve a purpose? Andy Lutomirski
@ 2016-04-08 8:01 ` Andrew Cooper
0 siblings, 0 replies; 11+ messages in thread
From: Andrew Cooper @ 2016-04-08 8:01 UTC (permalink / raw)
To: Andy Lutomirski, X86 ML, linux-kernel
Cc: Borislav Petkov, kvm list, xen-devel
On 08/04/2016 01:24, Andy Lutomirski wrote:
> I can't see any reason that we need the __KERNEL_DS segment at all --
> I think that everything that uses __KERNEL_DS could use __USER_DS
> instead. Am I missing anything? This has been bugging me for a
> while.
>
> I mulled over this a bit when trying to understand the sysret_ss_attrs
> bug and then forgot about it.
Linux doesn't have a separate __KERNEL_SS. For the plain data segments,
the dpl is not interesting.
However, %ss is also loaded with __KERNEL_DS, and %ss.dpl is somewhat
important.
~Andrew
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: Does __KERNEL_DS serve a purpose?
@ 2016-04-08 8:01 ` Andrew Cooper
0 siblings, 0 replies; 11+ messages in thread
From: Andrew Cooper @ 2016-04-08 8:01 UTC (permalink / raw)
To: Andy Lutomirski, X86 ML, linux-kernel
Cc: Borislav Petkov, kvm list, xen-devel
On 08/04/2016 01:24, Andy Lutomirski wrote:
> I can't see any reason that we need the __KERNEL_DS segment at all --
> I think that everything that uses __KERNEL_DS could use __USER_DS
> instead. Am I missing anything? This has been bugging me for a
> while.
>
> I mulled over this a bit when trying to understand the sysret_ss_attrs
> bug and then forgot about it.
Linux doesn't have a separate __KERNEL_SS. For the plain data segments,
the dpl is not interesting.
However, %ss is also loaded with __KERNEL_DS, and %ss.dpl is somewhat
important.
~Andrew
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [Xen-devel] Does __KERNEL_DS serve a purpose?
2016-04-08 8:01 ` Andrew Cooper
(?)
(?)
@ 2016-04-08 16:00 ` Andy Lutomirski
2016-04-08 17:12 ` Paolo Bonzini
2016-04-08 17:12 ` Paolo Bonzini
-1 siblings, 2 replies; 11+ messages in thread
From: Andy Lutomirski @ 2016-04-08 16:00 UTC (permalink / raw)
To: Andrew Cooper
Cc: Andy Lutomirski, X86 ML, linux-kernel, Borislav Petkov, kvm list,
xen-devel
On Fri, Apr 8, 2016 at 1:01 AM, Andrew Cooper <andrew.cooper3@citrix.com> wrote:
> On 08/04/2016 01:24, Andy Lutomirski wrote:
>> I can't see any reason that we need the __KERNEL_DS segment at all --
>> I think that everything that uses __KERNEL_DS could use __USER_DS
>> instead. Am I missing anything? This has been bugging me for a
>> while.
>>
>> I mulled over this a bit when trying to understand the sysret_ss_attrs
>> bug and then forgot about it.
>
> Linux doesn't have a separate __KERNEL_SS. For the plain data segments,
> the dpl is not interesting.
>
> However, %ss is also loaded with __KERNEL_DS, and %ss.dpl is somewhat
> important.
But %ss can be loaded with 0 on 64-bit kernels. (I assume that
loading 0 into %ss sets SS.DPL to 0 if done at CPL0, but I'm vague on
this, since it only really matters to hypervisor code AFAIK.)
32-bit kernels need __KERNEL_DS, I think.
--Andy
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: Does __KERNEL_DS serve a purpose?
2016-04-08 8:01 ` Andrew Cooper
(?)
@ 2016-04-08 16:00 ` Andy Lutomirski
-1 siblings, 0 replies; 11+ messages in thread
From: Andy Lutomirski @ 2016-04-08 16:00 UTC (permalink / raw)
To: Andrew Cooper
Cc: kvm list, X86 ML, linux-kernel, xen-devel, Borislav Petkov,
Andy Lutomirski
On Fri, Apr 8, 2016 at 1:01 AM, Andrew Cooper <andrew.cooper3@citrix.com> wrote:
> On 08/04/2016 01:24, Andy Lutomirski wrote:
>> I can't see any reason that we need the __KERNEL_DS segment at all --
>> I think that everything that uses __KERNEL_DS could use __USER_DS
>> instead. Am I missing anything? This has been bugging me for a
>> while.
>>
>> I mulled over this a bit when trying to understand the sysret_ss_attrs
>> bug and then forgot about it.
>
> Linux doesn't have a separate __KERNEL_SS. For the plain data segments,
> the dpl is not interesting.
>
> However, %ss is also loaded with __KERNEL_DS, and %ss.dpl is somewhat
> important.
But %ss can be loaded with 0 on 64-bit kernels. (I assume that
loading 0 into %ss sets SS.DPL to 0 if done at CPL0, but I'm vague on
this, since it only really matters to hypervisor code AFAIK.)
32-bit kernels need __KERNEL_DS, I think.
--Andy
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [Xen-devel] Does __KERNEL_DS serve a purpose?
2016-04-08 16:00 ` [Xen-devel] " Andy Lutomirski
@ 2016-04-08 17:12 ` Paolo Bonzini
2016-04-08 22:06 ` Andy Lutomirski
2016-04-08 22:06 ` [Xen-devel] " Andy Lutomirski
2016-04-08 17:12 ` Paolo Bonzini
1 sibling, 2 replies; 11+ messages in thread
From: Paolo Bonzini @ 2016-04-08 17:12 UTC (permalink / raw)
To: Andy Lutomirski, Andrew Cooper
Cc: Andy Lutomirski, X86 ML, linux-kernel, Borislav Petkov, kvm list,
xen-devel
On 08/04/2016 18:00, Andy Lutomirski wrote:
> But %ss can be loaded with 0 on 64-bit kernels. (I assume that
> loading 0 into %ss sets SS.DPL to 0 if done at CPL0, but I'm vague on
> this, since it only really matters to hypervisor code AFAIK.)
It's even simpler, unless CPL=0 SS cannot be loaded with 0 while in a
64-bit code segment (SS can never be loaded with 0 if you're not in a
64-bit code segment).
Thus indeed SS=0 implies SS.DPL=0 on 64-bit kernels.
Paolo
> 32-bit kernels need __KERNEL_DS, I think.
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: Does __KERNEL_DS serve a purpose?
2016-04-08 16:00 ` [Xen-devel] " Andy Lutomirski
2016-04-08 17:12 ` Paolo Bonzini
@ 2016-04-08 17:12 ` Paolo Bonzini
1 sibling, 0 replies; 11+ messages in thread
From: Paolo Bonzini @ 2016-04-08 17:12 UTC (permalink / raw)
To: Andy Lutomirski, Andrew Cooper
Cc: kvm list, X86 ML, linux-kernel, xen-devel, Borislav Petkov,
Andy Lutomirski
On 08/04/2016 18:00, Andy Lutomirski wrote:
> But %ss can be loaded with 0 on 64-bit kernels. (I assume that
> loading 0 into %ss sets SS.DPL to 0 if done at CPL0, but I'm vague on
> this, since it only really matters to hypervisor code AFAIK.)
It's even simpler, unless CPL=0 SS cannot be loaded with 0 while in a
64-bit code segment (SS can never be loaded with 0 if you're not in a
64-bit code segment).
Thus indeed SS=0 implies SS.DPL=0 on 64-bit kernels.
Paolo
> 32-bit kernels need __KERNEL_DS, I think.
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [Xen-devel] Does __KERNEL_DS serve a purpose?
2016-04-08 17:12 ` Paolo Bonzini
2016-04-08 22:06 ` Andy Lutomirski
@ 2016-04-08 22:06 ` Andy Lutomirski
2016-04-08 22:32 ` Andrew Cooper
2016-04-08 22:32 ` Andrew Cooper
1 sibling, 2 replies; 11+ messages in thread
From: Andy Lutomirski @ 2016-04-08 22:06 UTC (permalink / raw)
To: Paolo Bonzini
Cc: Andrew Cooper, Andy Lutomirski, X86 ML, linux-kernel,
Borislav Petkov, kvm list, xen-devel
On Fri, Apr 8, 2016 at 10:12 AM, Paolo Bonzini <pbonzini@redhat.com> wrote:
>
>
> On 08/04/2016 18:00, Andy Lutomirski wrote:
>> But %ss can be loaded with 0 on 64-bit kernels. (I assume that
>> loading 0 into %ss sets SS.DPL to 0 if done at CPL0, but I'm vague on
>> this, since it only really matters to hypervisor code AFAIK.)
>
> It's even simpler, unless CPL=0 SS cannot be loaded with 0 while in a
> 64-bit code segment (SS can never be loaded with 0 if you're not in a
> 64-bit code segment).
>
> Thus indeed SS=0 implies SS.DPL=0 on 64-bit kernels.
I think we are stuck with __KERNEL_DS: SYSCALL uses it. Unless we
start fiddling with conforming code segments (ugh), I don't think
there's a valid GDT layout that doesn't have two flat data segments.
Oh well, chalk it up to historical accident.
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: Does __KERNEL_DS serve a purpose?
2016-04-08 17:12 ` Paolo Bonzini
@ 2016-04-08 22:06 ` Andy Lutomirski
2016-04-08 22:06 ` [Xen-devel] " Andy Lutomirski
1 sibling, 0 replies; 11+ messages in thread
From: Andy Lutomirski @ 2016-04-08 22:06 UTC (permalink / raw)
To: Paolo Bonzini
Cc: kvm list, Andrew Cooper, X86 ML, linux-kernel, xen-devel,
Borislav Petkov, Andy Lutomirski
On Fri, Apr 8, 2016 at 10:12 AM, Paolo Bonzini <pbonzini@redhat.com> wrote:
>
>
> On 08/04/2016 18:00, Andy Lutomirski wrote:
>> But %ss can be loaded with 0 on 64-bit kernels. (I assume that
>> loading 0 into %ss sets SS.DPL to 0 if done at CPL0, but I'm vague on
>> this, since it only really matters to hypervisor code AFAIK.)
>
> It's even simpler, unless CPL=0 SS cannot be loaded with 0 while in a
> 64-bit code segment (SS can never be loaded with 0 if you're not in a
> 64-bit code segment).
>
> Thus indeed SS=0 implies SS.DPL=0 on 64-bit kernels.
I think we are stuck with __KERNEL_DS: SYSCALL uses it. Unless we
start fiddling with conforming code segments (ugh), I don't think
there's a valid GDT layout that doesn't have two flat data segments.
Oh well, chalk it up to historical accident.
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [Xen-devel] Does __KERNEL_DS serve a purpose?
2016-04-08 22:06 ` [Xen-devel] " Andy Lutomirski
@ 2016-04-08 22:32 ` Andrew Cooper
2016-04-08 22:32 ` Andrew Cooper
1 sibling, 0 replies; 11+ messages in thread
From: Andrew Cooper @ 2016-04-08 22:32 UTC (permalink / raw)
To: Andy Lutomirski, Paolo Bonzini
Cc: kvm list, X86 ML, linux-kernel, xen-devel, Borislav Petkov,
Andy Lutomirski
On 08/04/16 23:06, Andy Lutomirski wrote:
> On Fri, Apr 8, 2016 at 10:12 AM, Paolo Bonzini <pbonzini@redhat.com> wrote:
>>
>> On 08/04/2016 18:00, Andy Lutomirski wrote:
>>> But %ss can be loaded with 0 on 64-bit kernels. (I assume that
>>> loading 0 into %ss sets SS.DPL to 0 if done at CPL0, but I'm vague on
>>> this, since it only really matters to hypervisor code AFAIK.)
>> It's even simpler, unless CPL=0 SS cannot be loaded with 0 while in a
>> 64-bit code segment (SS can never be loaded with 0 if you're not in a
>> 64-bit code segment).
>>
>> Thus indeed SS=0 implies SS.DPL=0 on 64-bit kernels.
> I think we are stuck with __KERNEL_DS: SYSCALL uses it.
SYSCALL expects the OS to keep the programmed selector in sync with its
descriptor entry. It specifically loads fixed attributes, and doesn't
re-read the GDT.
> Unless we start fiddling with conforming code segments (ugh)
I don't see how this would help.
> , I don't think
> there's a valid GDT layout that doesn't have two flat data segments.
My gut feeling is that nothing good can possibly come of having the GDT
entry out of sync with the fixed attributes SYSCALL loads. It would
break code which manually reloaded %ss, such as constructed an IRET
frame using PUSH %ss.
> Oh well, chalk it up to historical accident.
Feel very glad that SYSCALL and SYSENTER (appear to) behave identically
in their expectations of GDT layout and fixed attributes...
I for one wouldn't bet on it, knowing the x86 architecture.
~Andrew
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: Does __KERNEL_DS serve a purpose?
2016-04-08 22:06 ` [Xen-devel] " Andy Lutomirski
2016-04-08 22:32 ` Andrew Cooper
@ 2016-04-08 22:32 ` Andrew Cooper
1 sibling, 0 replies; 11+ messages in thread
From: Andrew Cooper @ 2016-04-08 22:32 UTC (permalink / raw)
To: Andy Lutomirski, Paolo Bonzini
Cc: kvm list, X86 ML, linux-kernel, xen-devel, Borislav Petkov,
Andy Lutomirski
On 08/04/16 23:06, Andy Lutomirski wrote:
> On Fri, Apr 8, 2016 at 10:12 AM, Paolo Bonzini <pbonzini@redhat.com> wrote:
>>
>> On 08/04/2016 18:00, Andy Lutomirski wrote:
>>> But %ss can be loaded with 0 on 64-bit kernels. (I assume that
>>> loading 0 into %ss sets SS.DPL to 0 if done at CPL0, but I'm vague on
>>> this, since it only really matters to hypervisor code AFAIK.)
>> It's even simpler, unless CPL=0 SS cannot be loaded with 0 while in a
>> 64-bit code segment (SS can never be loaded with 0 if you're not in a
>> 64-bit code segment).
>>
>> Thus indeed SS=0 implies SS.DPL=0 on 64-bit kernels.
> I think we are stuck with __KERNEL_DS: SYSCALL uses it.
SYSCALL expects the OS to keep the programmed selector in sync with its
descriptor entry. It specifically loads fixed attributes, and doesn't
re-read the GDT.
> Unless we start fiddling with conforming code segments (ugh)
I don't see how this would help.
> , I don't think
> there's a valid GDT layout that doesn't have two flat data segments.
My gut feeling is that nothing good can possibly come of having the GDT
entry out of sync with the fixed attributes SYSCALL loads. It would
break code which manually reloaded %ss, such as constructed an IRET
frame using PUSH %ss.
> Oh well, chalk it up to historical accident.
Feel very glad that SYSCALL and SYSENTER (appear to) behave identically
in their expectations of GDT layout and fixed attributes...
I for one wouldn't bet on it, knowing the x86 architecture.
~Andrew
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 11+ messages in thread
end of thread, other threads:[~2016-04-08 22:32 UTC | newest]
Thread overview: 11+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-04-08 0:24 Does __KERNEL_DS serve a purpose? Andy Lutomirski
2016-04-08 8:01 ` [Xen-devel] " Andrew Cooper
2016-04-08 8:01 ` Andrew Cooper
2016-04-08 16:00 ` Andy Lutomirski
2016-04-08 16:00 ` [Xen-devel] " Andy Lutomirski
2016-04-08 17:12 ` Paolo Bonzini
2016-04-08 22:06 ` Andy Lutomirski
2016-04-08 22:06 ` [Xen-devel] " Andy Lutomirski
2016-04-08 22:32 ` Andrew Cooper
2016-04-08 22:32 ` Andrew Cooper
2016-04-08 17:12 ` Paolo Bonzini
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.