lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <11745477-7dbb-cc36-1d14-f6cac9b0d13b@oracle.com>
Date:   Fri, 21 Apr 2017 10:51:37 -0400
From:   Boris Ostrovsky <boris.ostrovsky@...cle.com>
To:     Andrew Cooper <andrew.cooper3@...rix.com>,
        Juergen Gross <jgross@...e.com>, linux-kernel@...r.kernel.org,
        xen-devel@...ts.xenproject.org
Subject: Re: [PATCH v3 09/11] x86/xen: use capabilities instead of fake cpuid
 values for xsave

On 04/21/2017 10:45 AM, Andrew Cooper wrote:
> On 21/04/17 15:38, Juergen Gross wrote:
>> On 21/04/17 16:24, Boris Ostrovsky wrote:
>>>> +static bool __init xen_check_xsave(void)
>>>>  {
>>>> -	unsigned int ax, bx, cx, dx;
>>>> -	unsigned int xsave_mask;
>>>> +	unsigned int err, eax, edx;
>>>>  
>>>> -	ax = 1;
>>>> -	cx = 0;
>>>> -	cpuid(1, &ax, &bx, &cx, &dx);
>>>> +	/* Test OSXSAVE capability via xgetbv instruction. */
>>>> +	asm volatile("1: .byte 0x0f,0x01,0xd0\n\t" /* xgetbv */
>>>> +		     "xor %[err], %[err]\n"
>>>> +		     "2:\n\t"
>>>> +		     ".pushsection .fixup,\"ax\"\n\t"
>>>> +		     "3: movl $1,%[err]\n\t"
>>>> +		     "jmp 2b\n\t"
>>>> +		     ".popsection\n\t"
>>>> +		     _ASM_EXTABLE(1b, 3b)
>>>> +		     : [err] "=r" (err), "=a" (eax), "=d" (edx)
>>>> +		     : "c" (0));
>>> Have you tested this on processors where we actually trap on xgetbv?
>>>
>>> I have an AMD box without XSAVE support and this is a fatal error. I
>>> suspect it's too early to use exception fixup framework here.
>> Uuh, too bad.
>>
>> Then I fear we must use the other solution Andrew didn't like. :-(
>> Andrew, would you be okay with that?
> Hmm fine.  The status quo is probably best then to unblock this series.
>
> As an independent question, why are exceptions set up so late?  They
> really should be the very first thing done

It's exception fixup that is not set up yet --- we are executing here
before "main" kernel's entry point.

This is somewhat similar to what
arch/x86/kernel/head_64.S:early_idt_handler_common() does --- it has
special handling for early fixup --- early_fixup_exception().

I wonder though --- can this feature masking be deferred until a bit later?

-boris

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ