| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CALCETrXUS04--8n7MZ7GvJZi2rU-j=-tPkrjfEMH9+s4SQcg6Q@mail.gmail.com> Date: Fri, 8 Apr 2016 15:06:07 -0700 From: Andy Lutomirski <luto@...capital.net> To: Paolo Bonzini <pbonzini@...hat.com> Cc: Andrew Cooper <andrew.cooper3@...rix.com>, Andy Lutomirski <luto@...nel.org>, X86 ML <x86@...nel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, Borislav Petkov <bp@...en8.de>, kvm list <kvm@...r.kernel.org>, xen-devel <Xen-devel@...ts.xen.org> Subject: Re: [Xen-devel] Does __KERNEL_DS serve a purpose? On Fri, Apr 8, 2016 at 10:12 AM, Paolo Bonzini <pbonzini@...hat.com> wrote: > > > On 08/04/2016 18:00, Andy Lutomirski wrote: >> But %ss can be loaded with 0 on 64-bit kernels. (I assume that >> loading 0 into %ss sets SS.DPL to 0 if done at CPL0, but I'm vague on >> this, since it only really matters to hypervisor code AFAIK.) > > It's even simpler, unless CPL=0 SS cannot be loaded with 0 while in a > 64-bit code segment (SS can never be loaded with 0 if you're not in a > 64-bit code segment). > > Thus indeed SS=0 implies SS.DPL=0 on 64-bit kernels. I think we are stuck with __KERNEL_DS: SYSCALL uses it. Unless we start fiddling with conforming code segments (ugh), I don't think there's a valid GDT layout that doesn't have two flat data segments. Oh well, chalk it up to historical accident.
Powered by blists - more mailing lists