lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20061122234111.GA8499@srv.junsun.net>
Date:	Wed, 22 Nov 2006 15:41:11 -0800
From:	Jun Sun <jsun@...sun.net>
To:	linux-kernel@...r.kernel.org
Subject: failed 'ljmp' in linear addressing mode


I am plowing along as I am learning about the in'n'outs about i386.  I am
totally stuck on this one.  I would appreciate any help.

As you can see, the function turns off paging mode (of course it
runs from identically mapped page) and tries to jump to an absolute
address at 0x10000000.  It appears the machine would reboot when running
"ljmp" instruction.

Any pointers?

I was not too certain about the %cs, %ds business and did quite 
a few experiments with different values but with no luck.

Thanks in advance.

Jun

--------------------------

/* [JSUN] we will map this page into identity mapping before execution */
        .align  4096
ENTRY(do_os_switching)
	/* interrupt is disabled! */

        /* the black magic, some copied form relocate_new_kernel, JSUN */
        /* Set cr0 to a known state:
         * 31 0 == Paging disabled
         * 18 0 == Alignment check disabled
         * 16 0 == Write protect disabled
         * 3  0 == No task switch
         * 2  0 == Don't do FP software emulation.
         * 0  1 == Proctected mode enabled
         */

        movl    %cr0, %eax
        andl    $~((1<<31)|(1<<18)|(1<<16)|(1<<3)|(1<<2)), %eax
        orl     $(1<<0), %eax
        movl    %eax, %cr0


        /* JSUN, 0x11 was the boot up value for cr0.
        movl    $0x11, %eax
        movl    %eax, %cr0
        */

        /* clear cr4 */
        movl    $0, %eax
        movl    %eax, %cr4

	/* why this? */
        jmp     1f
1:

        /* clear cr3, flush TLB */
        movl    $0, %eax
        movl    %eax, %cr3

        /*
        movl    $(__KERNEL_DS),%eax
        movl    %eax,%ds
        movl    %eax,%es
        movl    %eax,%fs
        movl    %eax,%gs
        movl    %eax,%ss
        */

        ljmp    $(__KERNEL_CS), $0x10000000

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ