Xen-Devel Archive on lore.kernel.org
 help / color / Atom feed
From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Jan Beulich <jbeulich@suse.com>
Cc: "xen-devel@lists.xenproject.org" <xen-devel@lists.xenproject.org>,
	"Wei Liu" <wl@xen.org>, "Roger Pau Monné" <roger.pau@citrix.com>
Subject: Re: [Xen-devel] [PATCH v2 2/2] x86/desc: Build boot_{, compat_}gdt[] in C
Date: Mon, 12 Aug 2019 11:36:01 +0100
Message-ID: <7c764dc0-9136-b937-feda-c9ce94fbef18@citrix.com> (raw)
In-Reply-To: <3b2ad6fb-d39f-e5b5-b35a-fc4ebfc695f3@suse.com>

On 12/08/2019 08:32, Jan Beulich wrote:
> On 09.08.2019 12:40, Jan Beulich wrote:
>> There is plenty more cleanup which can be done in the future.  As we are
>> 64-bit, there is no need for load_TR() to keep the TSS in sync
>> between the two
>> GDTs, which means it can drop all sgdt/lgdt instructions.
> I'm trying to figure what exactly you mean here. Are you suggesting
> we run with a TSS selector loaded whose descriptor's busy bit is
> clear? I agree this shouldn't cause issues in the 64-bit world, but
> it would still not feel right.

At a minimum, all the sgdt/lgdt can disappear because we're (AFAICT)
always on the native per-cpu GDT at this point.  (If not, I'm sure we
can arrange to be.)

As for running without a valid GDT reference, the CPU will function
fine, and it is a defence-in-depth strategy against Meltdown, seeing as
an attacker can no longer do sgdt; str to locate the TSS and find RSP0.

> Question is why they've retained the avail/busy distinction in the
> first place.

Easier than making any changes.


Xen-devel mailing list

  reply index

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-08-09 10:34 [Xen-devel] [PATCH v2 0/2] x86/boot: cleanup Jan Beulich
2019-08-09 10:38 ` [Xen-devel] [PATCH v2 1/2] x86: define a few selector values Jan Beulich
2019-08-09 11:50   ` Andrew Cooper
2019-08-09 12:35     ` Jan Beulich
2019-08-23  2:38   ` Tian, Kevin
2019-08-09 10:40 ` [Xen-devel] [PATCH v2 2/2] x86/desc: Build boot_{, compat_}gdt[] in C Jan Beulich
2019-08-09 12:19   ` Andrew Cooper
2019-08-09 12:43     ` Jan Beulich
2019-08-09 13:07       ` Andrew Cooper
2019-08-09 13:18         ` Jan Beulich
2019-08-09 15:25           ` Andrew Cooper
2019-08-12  7:32   ` Jan Beulich
2019-08-12 10:36     ` Andrew Cooper [this message]
2019-08-09 10:41 ` [Xen-devel] [PATCH v2 0/2] x86/boot: cleanup Jan Beulich
2019-08-09 12:39 ` [Xen-devel] [PATCH 3/2] x86/desc: Drop __HYPERVISOR_CS32 Andrew Cooper
2019-08-09 12:50   ` Jan Beulich
2019-08-09 15:36     ` Andrew Cooper
2019-08-09 15:52       ` Jan Beulich

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=7c764dc0-9136-b937-feda-c9ce94fbef18@citrix.com \
    --to=andrew.cooper3@citrix.com \
    --cc=jbeulich@suse.com \
    --cc=roger.pau@citrix.com \
    --cc=wl@xen.org \
    --cc=xen-devel@lists.xenproject.org \


* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Xen-Devel Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/xen-devel/0 xen-devel/git/0.git
	git clone --mirror https://lore.kernel.org/xen-devel/1 xen-devel/git/1.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 xen-devel xen-devel/ https://lore.kernel.org/xen-devel \
		xen-devel@lists.xenproject.org xen-devel@lists.xen.org
	public-inbox-index xen-devel

Example config snippet for mirrors

Newsgroup available over NNTP:

AGPL code for this site: git clone https://public-inbox.org/public-inbox.git