search for: __kernel_ds

...xtended to support CPL 0,1,2 kernels. Note that assembly code must test against __ESPFIX_SS, the 16-bit stack on interrupts and exceptions. To do so at non-zero CPL requires masking off the RPL of the selector (which is a nop for the mach-default implementation). Also, there is no reason to load __KERNEL_DS into %ds or %es. __KERNEL_DS is actually quite poorly named, and is in fact the kernel stack selector. The kernel uses __USER_DS internally as both %es and %ds (since it is a flat CPL-3 accessible data segment that allows the kernel to skip reloading segments on sysexit). The reason for avoiding...

...xtended to support CPL 0,1,2 kernels. Note that assembly code must test against __ESPFIX_SS, the 16-bit stack on interrupts and exceptions. To do so at non-zero CPL requires masking off the RPL of the selector (which is a nop for the mach-default implementation). Also, there is no reason to load __KERNEL_DS into %ds or %es. __KERNEL_DS is actually quite poorly named, and is in fact the kernel stack selector. The kernel uses __USER_DS internally as both %es and %ds (since it is a flat CPL-3 accessible data segment that allows the kernel to skip reloading segments on sysexit). The reason for avoiding...

...ment registers are more costly than a single ALU instruction, and both cost a temporary register. Still, pushing the raw %cs value in the NMI after sysenter debug trap fixup code instead of __KERNEL_CS | RPL is just as efficient, since fetching RPL would require a %cs load anyway. The switch from __KERNEL_DS to __USER_DS at one point is for convenience, since they are both equivalent for %ds and %es segments; __KERNEL_DS, contrary to the name, is only useful for the %ss segment. Signed-off-by: Zachary Amsden <zach@vmware.com> Index: linux-2.6.16-rc5/include/asm-i386/ptrace.h ===================...

...ment registers are more costly than a single ALU instruction, and both cost a temporary register. Still, pushing the raw %cs value in the NMI after sysenter debug trap fixup code instead of __KERNEL_CS | RPL is just as efficient, since fetching RPL would require a %cs load anyway. The switch from __KERNEL_DS to __USER_DS at one point is for convenience, since they are both equivalent for %ds and %es segments; __KERNEL_DS, contrary to the name, is only useful for the %ss segment. Signed-off-by: Zachary Amsden <zach@vmware.com> Index: linux-2.6.16-rc5/include/asm-i386/ptrace.h ===================...

...+SYM_DATA_LOCAL(boot_gdt_descr, .word boot_gdt_end - boot_gdt) > +SYM_DATA_LOCAL(boot_gdt_base, .quad 0) > +SYM_DATA_START(boot_gdt) > + .quad 0 > + .quad 0x00cf9a000000ffff /* __KERNEL32_CS */ > + .quad 0x00af9a000000ffff /* __KERNEL_CS */ > + .quad 0x00cf92000000ffff /* __KERNEL_DS */ > + .quad 0 /* __USER32_CS - unused */ > + .quad 0 /* __USER_DS - unused */ > + .quad 0 /* __USER_CS - unused */ > + .quad 0 /* unused */ > + .quad 0x0080890000000000 /* TSS descriptor */ > + .quad 0x0000000000000000 /* TSS continued */ Any chance you could use...

...+SYM_DATA_LOCAL(boot_gdt_descr, .word boot_gdt_end - boot_gdt) > +SYM_DATA_LOCAL(boot_gdt_base, .quad 0) > +SYM_DATA_START(boot_gdt) > + .quad 0 > + .quad 0x00cf9a000000ffff /* __KERNEL32_CS */ > + .quad 0x00af9a000000ffff /* __KERNEL_CS */ > + .quad 0x00cf92000000ffff /* __KERNEL_DS */ > + .quad 0 /* __USER32_CS - unused */ > + .quad 0 /* __USER_DS - unused */ > + .quad 0 /* __USER_CS - unused */ > + .quad 0 /* unused */ > + .quad 0x0080890000000000 /* TSS descriptor */ > + .quad 0x0000000000000000 /* TSS continued */ Any chance you could use...

...(), similar to initial_stack below */ leaq (__end_init_task - SIZEOF_PTREGS)(%rip), %rsp + /* Setup boot GDT descriptor and load boot GDT */ + leaq boot_gdt(%rip), %rax + movq %rax, boot_gdt_base(%rip) + lgdt boot_gdt_descr(%rip) + + /* New GDT is live - reload data segment registers */ + movl $__KERNEL_DS, %eax + movl %eax, %ds + movl %eax, %ss + movl %eax, %es + + /* Now switch to __KERNEL_CS so IRET works reliably */ + pushq $__KERNEL_CS + leaq .Lon_kernel_cs(%rip), %rax + pushq %rax + lretq + +.Lon_kernel_cs: + UNWIND_HINT_EMPTY + /* Sanitize CPU configuration */ call verify_cpu @@ -480,6 +...

...r, .word boot_gdt_end - boot_gdt) > > +SYM_DATA_LOCAL(boot_gdt_base, .quad 0) > > +SYM_DATA_START(boot_gdt) > > + .quad 0 > > + .quad 0x00cf9a000000ffff /* __KERNEL32_CS */ > > + .quad 0x00af9a000000ffff /* __KERNEL_CS */ > > + .quad 0x00cf92000000ffff /* __KERNEL_DS */ > > + .quad 0 /* __USER32_CS - unused */ > > + .quad 0 /* __USER_DS - unused */ > > + .quad 0 /* __USER_CS - unused */ > > + .quad 0 /* unused */ > > + .quad 0x0080890000000000 /* TSS descriptor */ > > + .quad 0x0000000000000000 /* TSS continue...

This patch removes the __init modifier from an extern function declaration in acpi.h. Besides not being strictly needed, it requires the inclusion of linux/init.h, which is usually not even included directly, increasing header mess by a lot. Signed-off-by: Glauber de Oliveira Costa <gcosta@redhat.com> --- include/asm-x86/acpi.h | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-)

This patch removes the __init modifier from an extern function declaration in acpi.h. Besides not being strictly needed, it requires the inclusion of linux/init.h, which is usually not even included directly, increasing header mess by a lot. Signed-off-by: Glauber de Oliveira Costa <gcosta@redhat.com> --- include/asm-x86/acpi.h | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-)

...t mapped yet */ +SYM_DATA_LOCAL(boot_gdt_descr, .word boot_gdt_end - boot_gdt) +SYM_DATA_LOCAL(boot_gdt_base, .quad 0) +SYM_DATA_START(boot_gdt) + .quad 0 + .quad 0x00cf9a000000ffff /* __KERNEL32_CS */ + .quad 0x00af9a000000ffff /* __KERNEL_CS */ + .quad 0x00cf92000000ffff /* __KERNEL_DS */ + .quad 0x0080890000000000 /* TS descriptor */ + .quad 0x0000000000000000 /* TS continued */ +SYM_DATA_END_LABEL(boot_gdt, SYM_L_LOCAL, boot_gdt_end) + #include "../../x86/xen/xen-head.S" __PAGE_ALIGNED_BSS -- 2.17.1

On Tue, Feb 11, 2020 at 5:53 AM Joerg Roedel <joro at 8bytes.org> wrote: > > From: Joerg Roedel <jroedel at suse.de> > > Handling exceptions during boot requires a working GDT. The kernel GDT > is not yet ready for use, so install a temporary boot GDT. > > Signed-off-by: Joerg Roedel <jroedel at suse.de> > --- > arch/x86/kernel/head_64.S | 26

...fixup_pointer(startup_gdt, physbase); native_load_gdt(&startup_gdt_descr); @@ -521,4 +524,8 @@ void __head startup_64_setup_env(unsigned long physbase) asm volatile("movl %%eax, %%ds\n" "movl %%eax, %%ss\n" "movl %%eax, %%es\n" : : "a"(__KERNEL_DS) : "memory"); + + /* Setup GS_BASE - needed for stack protector */ + gsbase = (unsigned long)fixup_pointer((void *)initial_gs, physbase); + __wrmsr(MSR_GS_BASE, (u32)gsbase, (u32)(gsbase >> 32)); } diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S index 2b2e9162722...

...fixup_pointer(startup_gdt, physbase); native_load_gdt(&startup_gdt_descr); @@ -521,4 +524,8 @@ void __head startup_64_setup_env(unsigned long physbase) asm volatile("movl %%eax, %%ds\n" "movl %%eax, %%ss\n" "movl %%eax, %%es\n" : : "a"(__KERNEL_DS) : "memory"); + + /* Setup GS_BASE - needed for stack protector */ + gsbase = (unsigned long)fixup_pointer((void *)initial_gs, physbase); + __wrmsr(MSR_GS_BASE, (u32)gsbase, (u32)(gsbase >> 32)); } diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S index 2b2e9162722...

...- /* set up PDA descriptor */ -// setup_pda(); - load_gdt(&early_gdt_descr); -// asm volatile ("mov %0, %%fs" : : "r" (__KERNEL_PDA) : "memory"); + /* Set up per-cpu descriptor (pointing to master area) */ + asm volatile ("mov %0, %%fs" : : "r" (__KERNEL_DS) : "memory"); reserve_top_address(lguest_data.reserve_mem);

...- /* set up PDA descriptor */ -// setup_pda(); - load_gdt(&early_gdt_descr); -// asm volatile ("mov %0, %%fs" : : "r" (__KERNEL_PDA) : "memory"); + /* Set up per-cpu descriptor (pointing to master area) */ + asm volatile ("mov %0, %%fs" : : "r" (__KERNEL_DS) : "memory"); reserve_top_address(lguest_data.reserve_mem);

...his is because + * the CPU will access an additional byte beyond the end of the IO + * permission bitmap. The extra byte must be all 1 bits, and must + * be within the limit. + */ +#define INIT_TSS { \ + .x86_tss = { \ + .sp0 = sizeof(init_stack) + (long)&init_stack, \ + .ss0 = __KERNEL_DS, \ + .ss1 = __KERNEL_CS, \ + .io_bitmap_base = INVALID_IO_BITMAP_OFFSET, \ + }, \ + .io_bitmap = { [0 ... IO_BITMAP_LONGS] = ~0 }, \ +} + +#define start_thread(regs, new_eip, new_esp) do { \ + __asm__("movl %0,%%gs": :"r" (0)); \ + regs->fs = 0; \ +...

...his is because + * the CPU will access an additional byte beyond the end of the IO + * permission bitmap. The extra byte must be all 1 bits, and must + * be within the limit. + */ +#define INIT_TSS { \ + .x86_tss = { \ + .sp0 = sizeof(init_stack) + (long)&init_stack, \ + .ss0 = __KERNEL_DS, \ + .ss1 = __KERNEL_CS, \ + .io_bitmap_base = INVALID_IO_BITMAP_OFFSET, \ + }, \ + .io_bitmap = { [0 ... IO_BITMAP_LONGS] = ~0 }, \ +} + +#define start_thread(regs, new_eip, new_esp) do { \ + __asm__("movl %0,%%gs": :"r" (0)); \ + regs->fs = 0; \ +...

...t_exc -.previous +.popsection CFI_ENDPROC = # perform work that needs to be done immediately before resumption @@ -525,14 +525,14 @@ syscall_badsys: je 28f; \ 27: popl %eax; \ CFI_ADJUST_CFA_OFFSET -4; \ -.section .fixup,"ax"; \ +.pushsection .fixup,"ax"; \ 28: movl $__KERNEL_DS, %eax; \ movl %eax, %ds; \ movl %eax, %es; \ /* switch to 32bit stack */ \ FIXUP_ESPFIX_STACK; \ jmp 27b; \ -.previous +.popsection = /* * Build the entry stubs and pointer table with @@ -639,7 +639,7 @@ error_code: call *%edi jmp ret_from_exception CFI_ENDPROC -.previous +KPRO...

...t_exc -.previous +.popsection CFI_ENDPROC = # perform work that needs to be done immediately before resumption @@ -525,14 +525,14 @@ syscall_badsys: je 28f; \ 27: popl %eax; \ CFI_ADJUST_CFA_OFFSET -4; \ -.section .fixup,"ax"; \ +.pushsection .fixup,"ax"; \ 28: movl $__KERNEL_DS, %eax; \ movl %eax, %ds; \ movl %eax, %es; \ /* switch to 32bit stack */ \ FIXUP_ESPFIX_STACK; \ jmp 27b; \ -.previous +.popsection = /* * Build the entry stubs and pointer table with @@ -639,7 +639,7 @@ error_code: call *%edi jmp ret_from_exception CFI_ENDPROC -.previous +KPRO...