| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20200827152657.GA669574@rani.riverdale.lan>
Date: Thu, 27 Aug 2020 11:26:57 -0400
From: Arvind Sankar <nivedita@...m.mit.edu>
To: Joerg Roedel <joro@...tes.org>
Cc: x86@...nel.org, Joerg Roedel <jroedel@...e.de>, hpa@...or.com,
Andy Lutomirski <luto@...nel.org>,
Dave Hansen <dave.hansen@...ux.intel.com>,
Peter Zijlstra <peterz@...radead.org>,
Jiri Slaby <jslaby@...e.cz>,
Dan Williams <dan.j.williams@...el.com>,
Tom Lendacky <thomas.lendacky@....com>,
Juergen Gross <jgross@...e.com>,
Kees Cook <keescook@...omium.org>,
David Rientjes <rientjes@...gle.com>,
Cfir Cohen <cfir@...gle.com>,
Erdem Aktas <erdemaktas@...gle.com>,
Masami Hiramatsu <mhiramat@...nel.org>,
Mike Stunes <mstunes@...are.com>,
Sean Christopherson <sean.j.christopherson@...el.com>,
Martin Radev <martin.b.radev@...il.com>,
linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
virtualization@...ts.linux-foundation.org
Subject: Re: [PATCH v6 13/76] x86/boot/compressed/64: Add IDT Infrastructure
On Mon, Aug 24, 2020 at 10:54:08AM +0200, Joerg Roedel wrote:
> From: Joerg Roedel <jroedel@...e.de>
>
> Add code needed to setup an IDT in the early pre-decompression
> boot-code. The IDT is loaded first in startup_64, which is after
> EfiExitBootServices() has been called, and later reloaded when the
> kernel image has been relocated to the end of the decompression area.
>
> This allows to setup different IDT handlers before and after the
> relocation.
>
> Signed-off-by: Joerg Roedel <jroedel@...e.de>
> Link: https://lore.kernel.org/r/20200724160336.5435-13-joro@8bytes.org
> diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S
> index 9e46729cf162..260c7940f960 100644
> --- a/arch/x86/boot/compressed/head_64.S
> +++ b/arch/x86/boot/compressed/head_64.S
> @@ -33,6 +33,7 @@
> #include <asm/processor-flags.h>
> #include <asm/asm-offsets.h>
> #include <asm/bootparam.h>
> +#include <asm/desc_defs.h>
> #include "pgtable.h"
>
> /*
> @@ -415,6 +416,10 @@ SYM_CODE_START(startup_64)
>
> .Lon_kernel_cs:
>
> + pushq %rsi
> + call load_stage1_idt
> + popq %rsi
> +
Do we need the functions later in the series or could this just use lidt
directly?
Is there any risk of exceptions getting triggered during the move of the
compressed kernel, before the stage2 reload?
>
> +SYM_DATA_START(boot_idt_desc)
> + .word boot_idt_end - boot_idt
I think this should be boot_idt_end - boot_idt - 1, right?
The limit value is expressed in bytes and is added to the base address
to get the address of the last valid byte. A limit value of 0 results
in exactly 1 valid byte. Because IDT entries are always eight bytes
long, the limit should always be one less than an integral multiple of
eight (that is, 8N – 1).
> + .quad 0
> +SYM_DATA_END(boot_idt_desc)
> + .balign 8
> +SYM_DATA_START(boot_idt)
> + .rept BOOT_IDT_ENTRIES
> + .quad 0
> + .quad 0
> + .endr
> +SYM_DATA_END_LABEL(boot_idt, SYM_L_GLOBAL, boot_idt_end)
> +
Powered by blists - more mailing lists