lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <464602DC.4050603@zytor.com>
Date:	Sat, 12 May 2007 11:09:32 -0700
From:	"H. Peter Anvin" <hpa@...or.com>
To:	"Eric W. Biederman" <ebiederm@...ssion.com>
CC:	Alexander van Heukelum <heukelum@...lshack.com>,
	"Antonino A. Daplas" <adaplas@...il.com>, Andi Kleen <ak@...e.de>,
	Andrew Morton <akpm@...l.org>,
	Matt Domsch <Matt_Domsch@...l.com>,
	Vivek Goyal <vgoyal@...ibm.com>,
	James Bottomley <James.Bottomley@...senPar>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: x86 setup rewrite tree ready for flamage^W review

Eric W. Biederman wrote:
> 
> HPA is both right and wrong on this.  The safe sequence for entering
> protected mode requires a jump immediately after setting PE in %cr0.
> To serialize the instruction stream and to be on an execution that
> is tested and guaranteed to work in cpus.
> 

Eric, that's complete nonsense.  What Intel documents and what Intel
tests are two very different things.

Intel appears to be afraid of what they call "the crack", but the
semantics of the transition are quite well understood.

> On a lot of processors you can get away with more then that, but
> Intel at least explicitly states in their "Software Developers Manual
> Volume 3: System Programming" in 9.9.1 "Switching to Protected Mode"
> that you need the jump immediately following enabling PE in cr0.
> 
> So while I was debugging and instrumenting code I would happily
> place an instruction before the jump so I could get output.
> However in production grade code I would not place anything
> between the setting of PE in cr0 and the first jump instruction.

A lot of the Intel manuals are boilerplate written by technical writers.
 Once you're used to them you can spot it quite easily because it's
carried from generation to generation with little change, even when it's
blatantly obsoleted.

I can tell you there is tons of production code out there which *never*
reloads CS after switching into and out of protected mode.  It just
plain has to work, on every x86 CPU ever made, with the obvious
semantics.  With Intel's VT, you want to avoid sticking in that mode for
extended periods of time, for performance reasons, but it will work even
there (it kicks to interpreter, though.)  Staying long enough to load
the segment registers is not an issue.

	-hpa
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ