From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753412AbbCITcR (ORCPT ); Mon, 9 Mar 2015 15:32:17 -0400 Received: from mail-qg0-f47.google.com ([209.85.192.47]:37000 "EHLO mail-qg0-f47.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752138AbbCITcQ (ORCPT ); Mon, 9 Mar 2015 15:32:16 -0400 MIME-Version: 1.0 In-Reply-To: References: <1425909943-14687-1-git-send-email-dvlasenk@redhat.com> From: Denys Vlasenko Date: Mon, 9 Mar 2015 20:31:55 +0100 Message-ID: Subject: Re: [PATCH] x86: entry_32.S: change ESPFIX test to not touch PT_OLDSS(%esp) To: Andy Lutomirski Cc: Denys Vlasenko , Linus Torvalds , Steven Rostedt , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , Oleg Nesterov , Frederic Weisbecker , Alexei Starovoitov , Will Drewry , Kees Cook , X86 ML , "linux-kernel@vger.kernel.org" Content-Type: multipart/mixed; boundary=001a1140b1766f7f300510e0170d Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --001a1140b1766f7f300510e0170d Content-Type: text/plain; charset=UTF-8 >> What we definitely should do here is at least frame this check with >>> That being said, what ends up in the high bits of esp when we iret to >>> vm86 mode? >> >> I don't know. I guess it's time to write an actual vm86 testcase :) > > Ick. I can try... I found an example which runs small bit of 16-bit code using vm86 machinery. Tried in 32-bit kernel under qemu, it worked: printed "Hello". --001a1140b1766f7f300510e0170d Content-Type: text/x-csrc; charset=US-ASCII; name="vm86.c" Content-Disposition: attachment; filename="vm86.c" Content-Transfer-Encoding: base64 X-Attachment-Id: f_i729kjvy0 LyoKICogQWRhcGVkIGZyb206IHJ1bmNvbSB2ZXJzaW9uIDAuMSAoYykgMjAwMyBGYWJyaWNlIEJl bGxhcgogKiAiU2ltcGxlIGV4YW1wbGUgb2YgdXNlIG9mIHZtODY6IGxhdW5jaCBhIGJhc2ljIC5j b20gRE9TIGV4ZWN1dGFibGUiCiAqCiAqIGdjYyAtbTMyIC1PcyAtV2FsbCAtc3RhdGljIHZtODYu YyAtb3ZtODYKICovCiNpbmNsdWRlIDxzdGRsaWIuaD4KI2luY2x1ZGUgPHN0ZGlvLmg+CiNpbmNs dWRlIDxzdHJpbmcuaD4KI2luY2x1ZGUgPGludHR5cGVzLmg+CiNpbmNsdWRlIDx1bmlzdGQuaD4K I2luY2x1ZGUgPGZjbnRsLmg+CiNpbmNsdWRlIDxzeXMvbW1hbi5oPgojaW5jbHVkZSA8c2lnbmFs Lmg+CiNpbmNsdWRlIDxsaW51eC91bmlzdGQuaD4KI2luY2x1ZGUgPGFzbS92bTg2Lmg+CiNpbmNs dWRlIDxzeXMvdm04Ni5oPgoKLy8jZGVmaW5lIFNJR1RFU1QKCiNkZWZpbmUgQ09NX0JBU0VfQURE UiAgICAweDEwMTAwCgpzdGF0aWMgaW5saW5lIHZvaWQgc2V0X2JpdCh1aW50OF90ICphLCB1bnNp Z25lZCBpbnQgYml0KQp7CiAgICBhW2JpdCAvIDhdIHw9ICgxIDw8IChiaXQgJSA4KSk7Cn0KCnN0 YXRpYyBpbmxpbmUgdWludDhfdCAqc2VnX3RvX2xpbmVhcih1bnNpZ25lZCBpbnQgc2VnLCB1bnNp Z25lZCBpbnQgcmVnKQp7CiAgICByZXR1cm4gKHVpbnQ4X3QgKikoKHNlZyA8PCA0KSArIChyZWcg JiAweGZmZmYpKTsKfQoKc3RhdGljIGlubGluZSB2b2lkIHB1c2h3KHN0cnVjdCB2bTg2X3JlZ3Mg KnIsIGludCB2YWwpCnsKICAgIHItPmVzcCA9IChyLT5lc3AgJiB+MHhmZmZmKSB8ICgoci0+ZXNw IC0gMikgJiAweGZmZmYpOwogICAgKih1aW50MTZfdCAqKXNlZ190b19saW5lYXIoci0+c3MsIHIt PmVzcCkgPSB2YWw7Cn0KCnZvaWQgZHVtcF9yZWdzKHN0cnVjdCB2bTg2X3JlZ3MgKnIpCnsKICAg IGZwcmludGYoc3RkZXJyLAogICAgICAgICAgICAiQVg9JTA4bHggQlg9JTA4bHggQ1g9JTA4bHgg RFg9JTA4bHhcbiIKICAgICAgICAgICAgIlNJPSUwOGx4IERJPSUwOGx4IEJQPSUwOGx4IFNQPSUw OGx4XG4iCiAgICAgICAgICAgICJJUD0lMDhseCBGTD0lMDhseFxuIgogICAgICAgICAgICAiQ1M9 JTA0eCBEUz0lMDR4IEVTPSUwNHggU1M9JTA0eCBGUz0lMDR4IEdTPSUwNHhcbiIsCiAgICAgICAg ICAgIHItPmVheCwgci0+ZWJ4LCByLT5lY3gsIHItPmVkeCwgci0+ZXNpLCByLT5lZGksIHItPmVi cCwgci0+ZXNwLAogICAgICAgICAgICByLT5laXAsIHItPmVmbGFncywKICAgICAgICAgICAgci0+ Y3MsIHItPmRzLCByLT5lcywgci0+c3MsIHItPmZzLCByLT5ncyk7Cn0KCiNpZmRlZiBTSUdURVNU CnZvaWQgYWxhcm1faGFuZGxlcihpbnQgc2lnKQp7CiAgICBmcHJpbnRmKHN0ZGVyciwgImFsYXJt IHNpZ25hbD0lZFxuIiwgc2lnKTsKICAgIGFsYXJtKDEpOwp9CiNlbmRpZgoKZXh0ZXJuIGNoYXIg Y29kZTE2OwpleHRlcm4gY2hhciBjb2RlMTZfZW5kOwoKaW50IG1haW4oaW50IGFyZ2MsIGNoYXIg Kiphcmd2KQp7CiAgICB1aW50OF90ICp2bTg2X21lbTsKICAgIGludCByZXQsIHNlZzsKICAgIHN0 cnVjdCB2bTg2cGx1c19zdHJ1Y3QgY3R4OwogICAgc3RydWN0IHZtODZfcmVncyAqcjsKCiAgICB2 bTg2X21lbSA9IG1tYXAoKHZvaWQgKikweDAwMDAwMDAwLCAweDExMDAwMCwKICAgICAgICAgICAg ICAgICAgICBQUk9UX1dSSVRFIHwgUFJPVF9SRUFEIHwgUFJPVF9FWEVDLAogICAgICAgICAgICAg ICAgICAgIE1BUF9GSVhFRCB8IE1BUF9BTk9OIHwgTUFQX1BSSVZBVEUsIC0xLCAwKTsKICAgIGlm ICh2bTg2X21lbSA9PSBNQVBfRkFJTEVEKSB7CiAgICAgICAgcGVycm9yKCJtbWFwIik7CiAgICAg ICAgZXhpdCgxKTsKICAgIH0KI2lmZGVmIFNJR1RFU1QKICAgIHsKICAgICAgICBzdHJ1Y3Qgc2ln YWN0aW9uIGFjdDsKCiAgICAgICAgYWN0LnNhX2hhbmRsZXIgPSBhbGFybV9oYW5kbGVyOwogICAg ICAgIHNpZ2VtcHR5c2V0KCZhY3Quc2FfbWFzayk7CiAgICAgICAgYWN0LnNhX2ZsYWdzID0gMDsK ICAgICAgICBzaWdhY3Rpb24oU0lHQUxSTSwgJmFjdCwgTlVMTCk7CiAgICAgICAgYWxhcm0oMSk7 CiAgICB9CiNlbmRpZgoKICAgIC8qIGxvYWQgMTYtYml0IGNvZGUgYXQgQ09NX0JBU0VfQUREUiAq LwogICAgbWVtY3B5KHZtODZfbWVtICsgQ09NX0JBU0VfQUREUiwgJmNvZGUxNiwgJmNvZGUxNl9l bmQgLSAmY29kZTE2KTsKCiAgICBtZW1zZXQoJmN0eCwgMCwgc2l6ZW9mKGN0eCkpOwogICAgLyog aW5pdCBiYXNpYyByZWdpc3RlcnMgKi8KICAgIHIgPSAmY3R4LnJlZ3M7CiAgICByLT5laXAgPSAw eDEwMDsKICAgIHItPmVzcCA9IDB4ZmZmZTsKICAgIHNlZyA9IChDT01fQkFTRV9BRERSIC0gMHgx MDApID4+IDQ7CiAgICByLT5jcyA9IHNlZzsKICAgIHItPnNzID0gc2VnOwogICAgci0+ZHMgPSBz ZWc7CiAgICByLT5lcyA9IHNlZzsKICAgIHItPmZzID0gc2VnOwogICAgci0+Z3MgPSBzZWc7CiAg ICByLT5lZmxhZ3MgPSAxIDw8IDE5OyAvL0VGTEFHUy5WSUYKCiAgICBzZXRfYml0KCh1aW50OF90 ICopJmN0eC5pbnRfcmV2ZWN0b3JlZCwgMHgyMSk7CiAgICAvKiBwdXQgcmV0dXJuIGNvZGUgKi8K ICAgICpzZWdfdG9fbGluZWFyKHItPmNzLCAwKSA9IDB4YjQ7IC8qIG1vdiBhaCwgJDAgKi8KICAg ICpzZWdfdG9fbGluZWFyKHItPmNzLCAxKSA9IDB4MDA7CiAgICAqc2VnX3RvX2xpbmVhcihyLT5j cywgMikgPSAweGNkOyAvKiBpbnQgJDB4MjEgKi8KICAgICpzZWdfdG9fbGluZWFyKHItPmNzLCAz KSA9IDB4MjE7CiAgICBwdXNodygmY3R4LnJlZ3MsIDB4MDAwMCk7CgogICAgZm9yKDs7KSB7CiAg ICAgICAgcmV0ID0gdm04NihWTTg2X0VOVEVSLCAmY3R4KTsKICAgICAgICBzd2l0Y2goVk04Nl9U WVBFKHJldCkpIHsKICAgICAgICBjYXNlIFZNODZfSU5UeDoKICAgICAgICAgICAgewogICAgICAg ICAgICAgICAgaW50IGludF9udW0sIGFoOwoKICAgICAgICAgICAgICAgIGludF9udW0gPSBWTTg2 X0FSRyhyZXQpOwogICAgICAgICAgICAgICAgaWYgKGludF9udW0gIT0gMHgyMSkKICAgICAgICAg ICAgICAgICAgICBnb3RvIHVua25vd25faW50OwogICAgICAgICAgICAgICAgYWggPSAoci0+ZWF4 ID4+IDgpICYgMHhmZjsKICAgICAgICAgICAgICAgIHN3aXRjaChhaCkgewogICAgICAgICAgICAg ICAgY2FzZSAweDAwOiAvKiBleGl0ICovCiAgICAgICAgICAgICAgICAgICAgZXhpdCgwKTsKICAg ICAgICAgICAgICAgIGNhc2UgMHgwMjogLyogd3JpdGUgY2hhciAqLwogICAgICAgICAgICAgICAg ICAgIHsKICAgICAgICAgICAgICAgICAgICAgICAgdWludDhfdCBjID0gci0+ZWR4OwogICAgICAg ICAgICAgICAgICAgICAgICB3cml0ZSgxLCAmYywgMSk7CiAgICAgICAgICAgICAgICAgICAgfQog ICAgICAgICAgICAgICAgICAgIGJyZWFrOwogICAgICAgICAgICAgICAgY2FzZSAweDA5OiAvKiB3 cml0ZSBzdHJpbmcgKi8KICAgICAgICAgICAgICAgICAgICB7CgkJCWludCBwdHIgPSByLT5lZHg7 CiAgICAgICAgICAgICAgICAgICAgICAgIHVpbnQ4X3QgYzsKICAgICAgICAgICAgICAgICAgICAg ICAgZm9yKDs7KSB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICBjID0gKnNlZ190b19saW5l YXIoci0+ZHMsIHB0cisrKTsKICAgICAgICAgICAgICAgICAgICAgICAgICAgIGlmIChjID09ICck JykKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBicmVhazsKICAgICAgICAgICAgICAg ICAgICAgICAgICAgIHdyaXRlKDEsICZjLCAxKTsKICAgICAgICAgICAgICAgICAgICAgICAgfQog ICAgICAgICAgICAgICAgICAgICAgICByLT5lYXggPSAoci0+ZWF4ICYgfjB4ZmYpIHwgJyQnOwog ICAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgICAgICBicmVhazsKICAgICAgICAg ICAgICAgIGRlZmF1bHQ6CnVua25vd25faW50OgogICAgICAgICAgICAgICAgICAgIGZwcmludGYo c3RkZXJyLCAidW5zdXBwb3J0ZWQgaW50IDB4JTAyeFxuIiwgaW50X251bSk7CiAgICAgICAgICAg ICAgICAgICAgZHVtcF9yZWdzKCZjdHgucmVncyk7CiAgICAgICAgICAgICAgICAgICAgLy8gICAg ICAgICAgICAgICAgICAgIGV4aXQoMSk7CiAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgIH0K ICAgICAgICAgICAgYnJlYWs7CiAgICAgICAgY2FzZSBWTTg2X1NJR05BTDoKICAgICAgICAgICAg LyogYSBzaWduYWwgY2FtZSwgd2UganVzdCBpZ25vcmUgdGhhdCAqLwogICAgICAgICAgICBicmVh azsKICAgICAgICBjYXNlIFZNODZfU1RJOgogICAgICAgICAgICBicmVhazsKICAgICAgICBkZWZh dWx0OgogICAgICAgICAgICBmcHJpbnRmKHN0ZGVyciwgInVuaGFuZGxlZCB2bTg2IHJldHVybiBj b2RlICgweCV4KVxuIiwgcmV0KTsKICAgICAgICAgICAgZHVtcF9yZWdzKCZjdHgucmVncyk7CiAg ICAgICAgICAgIGV4aXQoMSk7CiAgICAgICAgfQogICAgfQp9Cgp2b2lkIGNvZGUoKQp7Cglhc20g dm9sYXRpbGUoIlxuIgoJIgkuY29kZTE2IiJcbiIKCgkiY29kZTE2OiIiXG4iCgkiCW1vdgkkKDB4 MTAwK21zZy1jb2RlMTYpLCVkeCIiXG4iCgkiCW1vdgkkMHgwOSwlYWgiIlxuIgoJIglpbnQJJDB4 MjEiIlxuIgoJIglyZXQiIlxuIgoKCSJtc2c6IiJcbiIKCSIJLnN0cmluZwlcIkhlbGxvXCIiIlxu IgoJIgkuYnl0ZQkxMCIiXG4iCgkiCS5zdHJpbmcJXCIkXCIiIlxuIgoKCSJjb2RlMTZfZW5kOiIi XG4iCgkiCS5jb2RlMzIiIlxuIgoJKTsKfQo= --001a1140b1766f7f300510e0170d--