[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAK1hOcPp3Xav4iR2mZ4oq4zB5XY+ZNuEds32Rf0Z3fB8A7h1PQ@mail.gmail.com>
Date: Thu, 23 Apr 2015 22:01:16 +0200
From: Denys Vlasenko <vda.linux@...glemail.com>
To: Andy Lutomirski <luto@...capital.net>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>,
Brian Gerst <brgerst@...il.com>,
Denys Vlasenko <dvlasenk@...hat.com>,
Ingo Molnar <mingo@...nel.org>,
Steven Rostedt <rostedt@...dmis.org>,
Borislav Petkov <bp@...en8.de>,
"H. Peter Anvin" <hpa@...or.com>, Oleg Nesterov <oleg@...hat.com>,
Frederic Weisbecker <fweisbec@...il.com>,
Alexei Starovoitov <ast@...mgrid.com>,
Will Drewry <wad@...omium.org>,
Kees Cook <keescook@...omium.org>,
"the arch/x86 maintainers" <x86@...nel.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] x86/asm/entry/32: Restore %ss before SYSRETL if necessary
On Thu, Apr 23, 2015 at 6:27 PM, Andy Lutomirski <luto@...capital.net> wrote:
> I'll go out on a limb and guess the present bit doesn't leak. If I
> were implementing an x86 cpu, I wouldn't have a present bit at all in
> the descriptor cache, since you aren't supposed to be able to load a
> non-present descriptor in the first place.
There is definitely a present bit in cached descriptors.
It is used to track whether NULL selector was loaded into this
particular segment register.
The bit is even visible in SMM save area.
See table 10-1 in 24593_APM.pdf
Naturally, CS can't be NULL, and up until today
I thought SS also can't. But the bit is probably implemented
for all eight cached descriptors.
--
vda
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists