| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <5D0385FC-D535-457A-A0D9-E5F013F301BE@intel.com>
Date: Thu, 20 Aug 2020 18:43:10 +0000
From: "Bae, Chang Seok" <chang.seok.bae@...el.com>
To: Tom Lendacky <thomas.lendacky@....com>
CC: "Christopherson, Sean J" <sean.j.christopherson@...el.com>,
"Andy Lutomirski" <luto@...nel.org>,
Joerg Roedel <joro@...tes.org>,
Paolo Bonzini <pbonzini@...hat.com>,
Vitaly Kuznetsov <vkuznets@...hat.com>,
Wanpeng Li <wanpengli@...cent.com>,
Jim Mattson <jmattson@...gle.com>,
"Linux Kernel Mailing List" <linux-kernel@...r.kernel.org>,
X86 ML <x86@...nel.org>, Thomas Gleixner <tglx@...utronix.de>,
Sasha Levin <sashal@...nel.org>,
Borislav Petkov <bp@...en8.de>,
Peter Zijlstra <peterz@...radead.org>,
"Ingo Molnar" <mingo@...nel.org>,
"Hansen, Dave" <dave.hansen@...el.com>,
"Shankar, Ravi V" <ravi.v.shankar@...el.com>
Subject: Re: FSGSBASE causing panic on 5.9-rc1
> On Aug 20, 2020, at 08:21, Tom Lendacky <thomas.lendacky@....com> wrote:
> On 8/20/20 10:10 AM, Sean Christopherson wrote:
>>
>> Pretty sure current->thread.gsbase can be stale, i.e. this needs:
>> current_save_fsgs();
>
> I did try adding current_save_fsgs() in svm_vcpu_load(), saving the current->thread.gsbase value to a new variable in the svm struct. I then used that variable in the wrmsrl below, but it still crashed.
Then, current->thread.gsbase is from __rdgsbase_inactive() which is
user GSBASE.
If you do the wrmsrl below, it overwrites the current GSBASE with the
user value.
>> wrmsrl(MSR_KERNEL_GS_BASE, current->thread.gsbase);
Thanks,
Chang
Powered by blists - more mailing lists