[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4dcd23cb-eb55-42e7-aa76-dbaf2e2a7e07@citrix.com>
Date: Thu, 3 Jul 2025 00:42:27 +0100
From: Andrew Cooper <andrew.cooper3@...rix.com>
To: hpa@...or.com
Cc: acme@...hat.com, aik@....com, akpm@...ux-foundation.org,
alexander.shishkin@...ux.intel.com, ardb@...nel.org, ast@...nel.org,
bp@...en8.de, brijesh.singh@....com, changbin.du@...wei.com,
christophe.leroy@...roup.eu, corbet@....net, daniel.sneddon@...ux.intel.com,
dave.hansen@...ux.intel.com, ebiggers@...gle.com, geert+renesas@...der.be,
houtao1@...wei.com, jgg@...pe.ca, jgross@...e.com, jpoimboe@...nel.org,
kai.huang@...el.com, kees@...nel.org, kirill.shutemov@...ux.intel.com,
leitao@...ian.org, linux-doc@...r.kernel.org, linux-efi@...r.kernel.org,
linux-kernel@...r.kernel.org, linux-mm@...ck.org, linux@...musvillemoes.dk,
luto@...nel.org, mcgrof@...nel.org, mhiramat@...nel.org,
michael.roth@....com, mingo@...nel.org, mingo@...hat.com,
namhyung@...nel.org, paulmck@...nel.org, pawan.kumar.gupta@...ux.intel.com,
peterz@...radead.org, rick.p.edgecombe@...el.com, rppt@...nel.org,
sandipan.das@....com, shijie@...amperecomputing.com, sohil.mehta@...el.com,
tglx@...utronix.de, tj@...nel.org, tony.luck@...el.com,
vegard.nossum@...cle.com, x86@...nel.org, xin3.li@...el.com,
xiongwei.song@...driver.com, ytcoode@...il.com
Subject: Re: [PATCHv8 14/17] x86/traps: Handle LASS thrown #SS
> Note: for a FRED system, ERETU can generate #SS for a non-canonical user space RSP
How? Or to phrase it differently, I hope not.
%rsp is a 64bit value and does not have canonical restrictions elsewhere
in the architecture, so far as I'm aware. IRET really can restore a
non-canonical %rsp, and userspace can run for an indeterminate period of
time with a non-canonical %rsp as long as there are no stack accesses.
Accesses relative to the the stack using a non-canonical pointer will
suffer #SS, but ERETU doesn't modify the userspace stack AFAICT. I
can't see anything in the ERETU pseudocode in the FRED spec that
mentions a canonical check or memory access using %rsp.
~Andrew
Powered by blists - more mailing lists