| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 12 May 2007 11:09:32 -0700 From: "H. Peter Anvin" <hpa@...or.com> To: "Eric W. Biederman" <ebiederm@...ssion.com> CC: Alexander van Heukelum <heukelum@...lshack.com>, "Antonino A. Daplas" <adaplas@...il.com>, Andi Kleen <ak@...e.de>, Andrew Morton <akpm@...l.org>, Matt Domsch <Matt_Domsch@...l.com>, Vivek Goyal <vgoyal@...ibm.com>, James Bottomley <James.Bottomley@...senPar>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org> Subject: Re: x86 setup rewrite tree ready for flamage^W review Eric W. Biederman wrote: > > HPA is both right and wrong on this. The safe sequence for entering > protected mode requires a jump immediately after setting PE in %cr0. > To serialize the instruction stream and to be on an execution that > is tested and guaranteed to work in cpus. > Eric, that's complete nonsense. What Intel documents and what Intel tests are two very different things. Intel appears to be afraid of what they call "the crack", but the semantics of the transition are quite well understood. > On a lot of processors you can get away with more then that, but > Intel at least explicitly states in their "Software Developers Manual > Volume 3: System Programming" in 9.9.1 "Switching to Protected Mode" > that you need the jump immediately following enabling PE in cr0. > > So while I was debugging and instrumenting code I would happily > place an instruction before the jump so I could get output. > However in production grade code I would not place anything > between the setting of PE in cr0 and the first jump instruction. A lot of the Intel manuals are boilerplate written by technical writers. Once you're used to them you can spot it quite easily because it's carried from generation to generation with little change, even when it's blatantly obsoleted. I can tell you there is tons of production code out there which *never* reloads CS after switching into and out of protected mode. It just plain has to work, on every x86 CPU ever made, with the obvious semantics. With Intel's VT, you want to avoid sticking in that mode for extended periods of time, for performance reasons, but it will work even there (it kicks to interpreter, though.) Staying long enough to load the segment registers is not an issue. -hpa - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists