lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <m1r6pmqg1n.fsf@ebiederm.dsl.xmission.com>
Date:	Sat, 12 May 2007 08:20:52 -0600
From:	ebiederm@...ssion.com (Eric W. Biederman)
To:	Alexander van Heukelum <heukelum@...lshack.com>
Cc:	"H. Peter Anvin" <hpa@...or.com>,
	"Antonino A. Daplas" <adaplas@...il.com>, Andi Kleen <ak@...e.de>,
	Andrew Morton <akpm@...l.org>,
	Matt Domsch <Matt_Domsch@...l.com>,
	Vivek Goyal <vgoyal@...ibm.com>,
	James Bottomley <James.Bottomley@...senPar>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: x86 setup rewrite tree ready for flamage^W review

Alexander van Heukelum <heukelum@...lshack.com> writes:

> On Thu, May 10, 2007 at 03:48:08PM -0700, H. Peter Anvin wrote:

> I can confirm that it works for at least one computer over here (a six
> months old x86_64 machine with ATI ES1000-based on-board graphics). Some
> non-vesa modes including a nice 100x30 one with 8x16 font are found by
> the 'scan' option. No 100x60, however, but that is not a regression.
>
>> > I thought the 32-bit jump was required to come before the segment loads.
>> > Does this code load values from the gdt, or are they just loaded as real
>> > mode segments? As long as it does not crash it does not matter, because
>> > head.S reloads them again.
>> 
>> Once CR0.PE is set, segments are loaded from the GDT.
>
> I believe you :).

HPA is both right and wrong on this.  The safe sequence for entering
protected mode requires a jump immediately after setting PE in %cr0.
To serialize the instruction stream and to be on an execution that
is tested and guaranteed to work in cpus.

On a lot of processors you can get away with more then that, but
Intel at least explicitly states in their "Software Developers Manual
Volume 3: System Programming" in 9.9.1 "Switching to Protected Mode"
that you need the jump immediately following enabling PE in cr0.

So while I was debugging and instrumenting code I would happily
place an instruction before the jump so I could get output.
However in production grade code I would not place anything
between the setting of PE in cr0 and the first jump instruction.

Eric
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ