search for: sysent

The attached patch fixes the save/restore issue seen with 32bit Windows guest VMs. The root cause is that current Xen doesn''t intercept SYSENTER-related MSRs for 32bit guest VMs. As a result, the guest_sysenter_xxx fields contain incorrect values and shouldn''t be used for save/restore. This patch checks the LMA bit of EFER register in the save/restore code path. Please apply it to both Xen-4.0 and Xen-unstable trees. Reported-b...

I implemented sysenter for 32-on-64, since it seemed straightforward enough. It mostly works, but every now and again I get vcpus just hanging in blocked state, as if events are being lost or ignored. Its very similar to the symptoms that other people have reported against the pvops kernel, which I have not manag...

In compat mode, the return value here was uninitialized. Signed-off-by: Zachary Amsden <zach@vmware.com> diff -r 1fda49a076ed arch/i386/kernel/sysenter.c --- a/arch/i386/kernel/sysenter.c Fri Apr 06 14:25:09 2007 -0700 +++ b/arch/i386/kernel/sysenter.c Fri Apr 06 14:27:31 2007 -0700 @@ -254,7 +254,7 @@ int arch_setup_additional_pages(struct l { struct mm_struct *mm = current->mm; unsigned long addr; - int ret; + int ret = 0; bool compa...

In compat mode, the return value here was uninitialized. Signed-off-by: Zachary Amsden <zach@vmware.com> diff -r 1fda49a076ed arch/i386/kernel/sysenter.c --- a/arch/i386/kernel/sysenter.c Fri Apr 06 14:25:09 2007 -0700 +++ b/arch/i386/kernel/sysenter.c Fri Apr 06 14:27:31 2007 -0700 @@ -254,7 +254,7 @@ int arch_setup_additional_pages(struct l { struct mm_struct *mm = current->mm; unsigned long addr; - int ret; + int ret = 0; bool compa...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Xen Security Advisory CVE-2013-1917 / XSA-44 version 2 Xen PV DoS vulnerability with SYSENTER UPDATES IN VERSION 2 ==================== Public release. ISSUE DESCRIPTION ================= The SYSENTER instruction can be used by PV guests to accelerate system call processing. This instruction, however, leaves the EFLAGS register mostly unmodified - in particular, the NT flag doesn'...

The SYSENTER instruction jumps to a pre-programmed address at privilege level 0. We must not allow execution of guest code at that privilege level, so disable sysenter when we enter the guest (and re-enable it on return). This fixes current case where guest userspace can crash host. This save/restore adds...

The SYSENTER instruction jumps to a pre-programmed address at privilege level 0. We must not allow execution of guest code at that privilege level, so disable sysenter when we enter the guest (and re-enable it on return). This fixes current case where guest userspace can crash host. This save/restore adds...

>>However, in case (2) the i386 guest kernel unconditionally goes for >>sysenter, and the hypervisor will accept this because CPUID has advertised >>SEP. *But* AMD CPUs do not support sysenter except in legacy mode! The >>correct thing to do is to use syscall. The hypervisor 32-on-64 compat code >>would accept CALLBACKTYPE_syscall, but the Linux i386 code he...

I''m using a fbt probe where I get a system call id as an argument, how do I look up the name of it? At the moment I''m post-processing the output using /etc/name/to_sysnum but that doesn''t feel right :) cheers, /Martin -- This message posted from opensolaris.org

This was set to zero immediately before the #GP injection code, since SYSENTER doesn''t really have a return address. Reported-by: Ian Campbell <Ian.Campbell@citrix.com> Furthermore, UREGS_cs and UREGS_rip don''t need to be written a second time, as the PUSHes above already can/do take care of putting in place the intended values. Signed-off-by: Jan...

...IG_COMPAT_VDSO),yy) + +# vsyscall.o also contains the vsyscall DSO relocation info as __initdata. +# We must build both alternative images before we can assemble it. +# Note: kbuild does not track this dependency due to usage of .include +$(obj)/vsyscall.o: $(obj)/vsyscall-int80.rel $(obj)/vsyscall-sysenter.rel +targets += $(foreach F,int80 sysenter,vsyscall-$F.so.alt vsyscall-$F.rel) +targets += vsyscall.lds.alt + +# The alternative DSO images are built using an alternate base address. +quiet_cmd_syscall_alt = REBASE $@ + cmd_syscall_alt = sed ''s,^\([[:space:]]*\.[[:space:]]*=[[:spac...

...IG_COMPAT_VDSO),yy) + +# vsyscall.o also contains the vsyscall DSO relocation info as __initdata. +# We must build both alternative images before we can assemble it. +# Note: kbuild does not track this dependency due to usage of .include +$(obj)/vsyscall.o: $(obj)/vsyscall-int80.rel $(obj)/vsyscall-sysenter.rel +targets += $(foreach F,int80 sysenter,vsyscall-$F.so.alt vsyscall-$F.rel) +targets += vsyscall.lds.alt + +# The alternative DSO images are built using an alternate base address. +quiet_cmd_syscall_alt = REBASE $@ + cmd_syscall_alt = sed ''s,^\([[:space:]]*\.[[:space:]]*=[[:spac...

...IG_COMPAT_VDSO),yy) + +# vsyscall.o also contains the vsyscall DSO relocation info as __initdata. +# We must build both alternative images before we can assemble it. +# Note: kbuild does not track this dependency due to usage of .include +$(obj)/vsyscall.o: $(obj)/vsyscall-int80.rel $(obj)/vsyscall-sysenter.rel +targets += $(foreach F,int80 sysenter,vsyscall-$F.so.alt vsyscall-$F.rel) +targets += vsyscall.lds.alt + +# The alternative DSO images are built using an alternate base address. +quiet_cmd_syscall_alt = REBASE $@ + cmd_syscall_alt = sed ''s,^\([[:space:]]*\.[[:space:]]*=[[:spac...

...clear_bit(X86_FEATURE_SYSCALL % 32, &d); +#endif clear_bit(X86_FEATURE_RDTSCP % 32, &d); } else @@ -2026,6 +2031,13 @@ asmlinkage int do_debug(struct cpu_user_ if ( !guest_mode(regs) ) { +#ifdef __x86_64__ + /* + * Single stepping across sysenter must not result in the single step + * flag being lost: record it here for create_bounce_frame to pick up. + */ + v->arch.eflags_mask |= (regs->eflags & EF_TF); +#endif /* Clear TF just for absolute sanity. */ regs->eflags &= ~EF_TF;...

Hi Andi, Here's a couple of patches to fix up COMPAT_VDSO: The first is a straightforward implementation of Jan's original idea of relocating the VDSO to match its mapped location. Unlike Jan and Zach's version, I changed it to relocate based on the phdrs rather than the sections; the result is pleasantly compact. The second patch takes advantage of the fact that all the

Hi Andi, Here's a couple of patches to fix up COMPAT_VDSO: The first is a straightforward implementation of Jan's original idea of relocating the VDSO to match its mapped location. Unlike Jan and Zach's version, I changed it to relocate based on the phdrs rather than the sections; the result is pleasantly compact. The second patch takes advantage of the fact that all the

...predictable old-style address too, or + in the case of a VMI/Xen/lguest virtualized guest, don't create + the VDSO at all. ---help--- Say N here if you are running a sufficiently recent glibc version (2.3.3 or later), to remove the high-mapped diff -r f75715e64a3b arch/i386/kernel/sysenter.c --- a/arch/i386/kernel/sysenter.c Tue Mar 06 00:04:50 2007 +1100 +++ b/arch/i386/kernel/sysenter.c Tue Mar 06 00:21:42 2007 +1100 @@ -27,7 +27,7 @@ * Should the kernel map a VDSO page into processes and pass its * address down to glibc upon exec()? */ -#ifdef CONFIG_PARAVIRT +#if defined(...

...predictable old-style address too, or + in the case of a VMI/Xen/lguest virtualized guest, don't create + the VDSO at all. ---help--- Say N here if you are running a sufficiently recent glibc version (2.3.3 or later), to remove the high-mapped diff -r f75715e64a3b arch/i386/kernel/sysenter.c --- a/arch/i386/kernel/sysenter.c Tue Mar 06 00:04:50 2007 +1100 +++ b/arch/i386/kernel/sysenter.c Tue Mar 06 00:21:42 2007 +1100 @@ -27,7 +27,7 @@ * Should the kernel map a VDSO page into processes and pass its * address down to glibc upon exec()? */ -#ifdef CONFIG_PARAVIRT +#if defined(...

...x-2.6.17-rc4-git3.updated/arch/i386/kernel/asm-offsets.c 2006-05-17 17:10:49.000000000 +1000 @@ -53,6 +53,7 @@ void foo(void) OFFSET(TI_preempt_count, thread_info, preempt_count); OFFSET(TI_addr_limit, thread_info, addr_limit); OFFSET(TI_restart_block, thread_info, restart_block); + OFFSET(TI_sysenter_return, thread_info, sysenter_return); BLANK(); OFFSET(EXEC_DOMAIN_handler, exec_domain, handler); @@ -68,5 +69,4 @@ void foo(void) sizeof(struct tss_struct)); DEFINE(PAGE_SIZE_asm, PAGE_SIZE); - DEFINE(VSYSCALL_BASE, __fix_to_virt(FIX_VSYSCALL)); } diff -urpN --exclude TAGS -X /ho...

...x-2.6.17-rc4-git3.updated/arch/i386/kernel/asm-offsets.c 2006-05-17 17:10:49.000000000 +1000 @@ -53,6 +53,7 @@ void foo(void) OFFSET(TI_preempt_count, thread_info, preempt_count); OFFSET(TI_addr_limit, thread_info, addr_limit); OFFSET(TI_restart_block, thread_info, restart_block); + OFFSET(TI_sysenter_return, thread_info, sysenter_return); BLANK(); OFFSET(EXEC_DOMAIN_handler, exec_domain, handler); @@ -68,5 +69,4 @@ void foo(void) sizeof(struct tss_struct)); DEFINE(PAGE_SIZE_asm, PAGE_SIZE); - DEFINE(VSYSCALL_BASE, __fix_to_virt(FIX_VSYSCALL)); } diff -urpN --exclude TAGS -X /ho...