Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Thu, Mar 3, 2016 at 4:28 AM, Borislav Petkov wrote: > From: Borislav Petkov > Date: Sun, 28 Feb 2016 21:35:44 +0100 > Subject: [PATCH -v2] x86/asm: Make sure verify_cpu() has a good stack > 04633df0c43d ("x86/cpu: Call verify_cpu() after having entered long mode

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Thu, Mar 3, 2016 at 4:28 AM, Borislav Petkov wrote: > From: Borislav Petkov > Date: Sun, 28 Feb 2016 21:35:44 +0100 > Subject: [PATCH -v2] x86/asm: Make sure verify_cpu() has a good stack > 04633df0c43d ("x86/cpu: Call verify_cpu() after having entered long mode too") > added the call to

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Thu, Mar 3, 2016 at 4:28 AM, Borislav Petkov wrote: > > 04633df0c43d ("x86/cpu: Call verify_cpu() after having entered long mode too") > added the call to verify_cpu() for sanitizing CPU configuration. > > The latter uses the stack minimally and it can happen that we land in >

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Thu, Mar 3, 2016 at 4:28 AM, Borislav Petkov wrote: > > 04633df0c43d ("x86/cpu: Call verify_cpu() after having entered long mode too") > added the call to verify_cpu() for sanitizing CPU configuration. > > The latter uses the stack minimally and it can happen that we land in > startup_64()

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Thu, Mar 03, 2016 at 01:22:59PM -0800, H. Peter Anvin wrote: > reason I can see for -8 though. ... and keeping the -8 won't hurt us or anything. I'll add a small comment about it. Thanks. -- Regards/Gruss, Boris. ECO tip #101: Trim your mails when you reply.

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Thu, Mar 03, 2016 at 01:22:59PM -0800, H. Peter Anvin wrote: > reason I can see for -8 though. ... and keeping the -8 won't hurt us or anything. I'll add a small comment about it. Thanks. -- Regards/Gruss, Boris. ECO tip #101: Trim your mails when you reply.

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On 03/03/16 12:54, Borislav Petkov wrote: > On Thu, Mar 03, 2016 at 12:22:06PM -0800, H. Peter Anvin wrote: >> The only thing I can think of is that the -8 creates a null pointer that >> terminates a stack trace. > > Probably not needed anymore as print_context_stack()->valid_stack_ptr() > in

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On 03/03/16 12:54, Borislav Petkov wrote: > On Thu, Mar 03, 2016 at 12:22:06PM -0800, H. Peter Anvin wrote: >> The only thing I can think of is that the -8 creates a null pointer that >> terminates a stack trace. > > Probably not needed anymore as print_context_stack()->valid_stack_ptr() > in

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Thu, Mar 03, 2016 at 12:22:06PM -0800, H. Peter Anvin wrote: > The only thing I can think of is that the -8 creates a null pointer that > terminates a stack trace. Probably not needed anymore as print_context_stack()->valid_stack_ptr() in dumpstack.c look at the stack boundaries instead of

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Thu, Mar 03, 2016 at 12:22:06PM -0800, H. Peter Anvin wrote: > The only thing I can think of is that the -8 creates a null pointer that > terminates a stack trace. Probably not needed anymore as print_context_stack()->valid_stack_ptr() in dumpstack.c look at the stack boundaries instead of

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On 03/03/16 08:29, Borislav Petkov wrote: > On Thu, Mar 03, 2016 at 07:26:06AM -0800, H. Peter Anvin wrote: >> Why -8? > > GLOBAL(stack_start) > .quad init_thread_union+THREAD_SIZE-8 > ^^^ > > But I don't see why it needed the -8 then.

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On 03/03/16 08:29, Borislav Petkov wrote: > On Thu, Mar 03, 2016 at 07:26:06AM -0800, H. Peter Anvin wrote: >> Why -8? > > GLOBAL(stack_start) > .quad init_thread_union+THREAD_SIZE-8 > ^^^ > > But I don't see why it needed the -8 then.

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Thu, Mar 03, 2016 at 07:26:06AM -0800, H. Peter Anvin wrote: > Why -8? GLOBAL(stack_start) .quad init_thread_union+THREAD_SIZE-8 ^^^ But I don't see why it needed the -8 then. It came with a conglomerate dump in 2002: commit

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Thu, Mar 03, 2016 at 07:26:06AM -0800, H. Peter Anvin wrote: > Why -8? GLOBAL(stack_start) .quad init_thread_union+THREAD_SIZE-8 ^^^ But I don't see why it needed the -8 then. It came with a conglomerate dump in 2002: commit

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On March 3, 2016 4:28:36 AM PST, Borislav Petkov wrote: >On Wed, Mar 02, 2016 at 02:32:54PM -0800, H. Peter Anvin wrote: >> I'm trying to think of any reason why we couldn't simply have a >symbol >> at the top of the initial stack? Then a simple leaq would suffice; >> this is for

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On March 3, 2016 4:28:36 AM PST, Borislav Petkov wrote: >On Wed, Mar 02, 2016 at 02:32:54PM -0800, H. Peter Anvin wrote: >> I'm trying to think of any reason why we couldn't simply have a >symbol >> at the top of the initial stack? Then a simple leaq would suffice; >> this is for the BSP after

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Wed, Mar 02, 2016 at 02:32:54PM -0800, H. Peter Anvin wrote: > I'm trying to think of any reason why we couldn't simply have a symbol > at the top of the initial stack? Then a simple leaq would suffice; > this is for the BSP after all. How about something like this: --- From: Borislav Petkov

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Wed, Mar 02, 2016 at 02:32:54PM -0800, H. Peter Anvin wrote: > I'm trying to think of any reason why we couldn't simply have a symbol > at the top of the initial stack? Then a simple leaq would suffice; > this is for the BSP after all. How about something like this: --- From: Borislav Petkov

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Wed, Mar 2, 2016 at 5:00 PM, Yinghai Lu wrote: > On Wed, Mar 2, 2016 at 4:13 PM, Yinghai Lu wrote: >> On Wed, Mar 2, 2016 at 2:32 PM, H. Peter Anvin wrote: >>> >>> I'm trying to think of any reason why we couldn't simply have a symbol

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Wed, Mar 2, 2016 at 5:00 PM, Yinghai Lu wrote: > On Wed, Mar 2, 2016 at 4:13 PM, Yinghai Lu wrote: >> On Wed, Mar 2, 2016 at 2:32 PM, H. Peter Anvin wrote: >>> >>> I'm trying to think of any reason why we couldn't simply have a symbol at >>> the top of the initial stack? Then a simple leaq

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Wed, Mar 2, 2016 at 4:13 PM, Yinghai Lu wrote: > On Wed, Mar 2, 2016 at 2:32 PM, H. Peter Anvin wrote: >> >> I'm trying to think of any reason why we couldn't simply have a symbol at >> the top of the initial stack? Then a simple leaq would suffice; this

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Wed, Mar 2, 2016 at 4:13 PM, Yinghai Lu wrote: > On Wed, Mar 2, 2016 at 2:32 PM, H. Peter Anvin wrote: >> >> I'm trying to think of any reason why we couldn't simply have a symbol at >> the top of the initial stack? Then a simple leaq would suffice; this is for >> the BSP after all. > >

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Wed, Mar 2, 2016 at 2:32 PM, H. Peter Anvin wrote: > > I'm trying to think of any reason why we couldn't simply have a symbol at the > top of the initial stack? Then a simple leaq would suffice; this is for the > BSP after all. Why do we need to call verify_cpu in

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Wed, Mar 2, 2016 at 2:32 PM, H. Peter Anvin wrote: > > I'm trying to think of any reason why we couldn't simply have a symbol at the > top of the initial stack? Then a simple leaq would suffice; this is for the > BSP after all. Why do we need to call verify_cpu in arch/x86/kernel/head_64.S

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Wed, Mar 02, 2016 at 02:32:54PM -0800, H. Peter Anvin wrote: > I'm trying to think of any reason why we couldn't simply have a symbol > at the top of the initial stack? Then a simple leaq would suffice; > this is for the BSP after all. That should be simpler. And we do games like that already

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Wed, Mar 02, 2016 at 02:32:54PM -0800, H. Peter Anvin wrote: > I'm trying to think of any reason why we couldn't simply have a symbol > at the top of the initial stack? Then a simple leaq would suffice; > this is for the BSP after all. That should be simpler. And we do games like that already

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On March 2, 2016 2:28:42 PM PST, Borislav Petkov wrote: >On Wed, Mar 02, 2016 at 02:11:51PM -0800, H. Peter Anvin wrote: >> Not sure if we need a reference to _text here. > >Ah, so stack_start is in .ref.data, I guess we can add a __ref_data >marker in vmlinux.lds.S to denote the

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On March 2, 2016 2:28:42 PM PST, Borislav Petkov wrote: >On Wed, Mar 02, 2016 at 02:11:51PM -0800, H. Peter Anvin wrote: >> Not sure if we need a reference to _text here. > >Ah, so stack_start is in .ref.data, I guess we can add a __ref_data >marker in vmlinux.lds.S to denote the start of the

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Wed, Mar 02, 2016 at 02:11:51PM -0800, H. Peter Anvin wrote: > Not sure if we need a reference to _text here. Ah, so stack_start is in .ref.data, I guess we can add a __ref_data marker in vmlinux.lds.S to denote the start of the .ref.data section and use that for calculating the delta... --

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Wed, Mar 02, 2016 at 02:11:51PM -0800, H. Peter Anvin wrote: > Not sure if we need a reference to _text here. Ah, so stack_start is in .ref.data, I guess we can add a __ref_data marker in vmlinux.lds.S to denote the start of the .ref.data section and use that for calculating the delta... --

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On 03/02/16 14:09, Borislav Petkov wrote: > On Wed, Mar 02, 2016 at 01:54:50PM -0800, H. Peter Anvin wrote: >> A relocating bootloader is one that doesn't load the kernel at >> CONFIG_PHYSICAL_ADDRESS. The EFI stub is one example. >> >> __START_KERNEL_map is not relocated. On x86-64 we do

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On 03/02/16 14:09, Borislav Petkov wrote: > On Wed, Mar 02, 2016 at 01:54:50PM -0800, H. Peter Anvin wrote: >> A relocating bootloader is one that doesn't load the kernel at >> CONFIG_PHYSICAL_ADDRESS. The EFI stub is one example. >> >> __START_KERNEL_map is not relocated. On x86-64 we do

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Wed, Mar 02, 2016 at 01:54:50PM -0800, H. Peter Anvin wrote: > A relocating bootloader is one that doesn't load the kernel at > CONFIG_PHYSICAL_ADDRESS. The EFI stub is one example. > > __START_KERNEL_map is not relocated. On x86-64 we do relocation by > pointing the page tables at a

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Wed, Mar 02, 2016 at 01:54:50PM -0800, H. Peter Anvin wrote: > A relocating bootloader is one that doesn't load the kernel at > CONFIG_PHYSICAL_ADDRESS. The EFI stub is one example. > > __START_KERNEL_map is not relocated. On x86-64 we do relocation by > pointing the page tables at a

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On 03/02/16 13:46, Borislav Petkov wrote: > On Wed, Mar 02, 2016 at 01:35:09PM -0800, H. Peter Anvin wrote: >> You're not actually testing anything as the real issue is what happens >> with a relocating bootloader. > > Hmm, how would that relocation happen so that va - __START_KERNEL_map >

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On 03/02/16 13:46, Borislav Petkov wrote: > On Wed, Mar 02, 2016 at 01:35:09PM -0800, H. Peter Anvin wrote: >> You're not actually testing anything as the real issue is what happens >> with a relocating bootloader. > > Hmm, how would that relocation happen so that va - __START_KERNEL_map >

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Wed, Mar 02, 2016 at 01:35:09PM -0800, H. Peter Anvin wrote: > You're not actually testing anything as the real issue is what happens > with a relocating bootloader. Hmm, how would that relocation happen so that va - __START_KERNEL_map doesn't give pa? Or do you mean something else with

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Wed, Mar 02, 2016 at 01:35:09PM -0800, H. Peter Anvin wrote: > You're not actually testing anything as the real issue is what happens > with a relocating bootloader. Hmm, how would that relocation happen so that va - __START_KERNEL_map doesn't give pa? Or do you mean something else with

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On 03/02/16 11:50, Borislav Petkov wrote: > On Wed, Mar 02, 2016 at 10:39:05AM -0800, H. Peter Anvin wrote: >> Well, we definitely should use %rip-relative addressing if we can. > > Right you are. > >> However, even so I believe this breaks if the kernel is loaded anywhere >> but its default

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On 03/02/16 11:50, Borislav Petkov wrote: > On Wed, Mar 02, 2016 at 10:39:05AM -0800, H. Peter Anvin wrote: >> Well, we definitely should use %rip-relative addressing if we can. > > Right you are. > >> However, even so I believe this breaks if the kernel is loaded anywhere >> but its default

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Wed, Mar 02, 2016 at 08:50:53PM +0100, Borislav Petkov wrote: > But better safe than sorry. I got this, it looks good when I'm single-stepping through it with gdb and it boots fine in kvm. I'll run it on baremetal tomorrow: /* * Setup stack for verify_cpu(): make sure we

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Wed, Mar 02, 2016 at 08:50:53PM +0100, Borislav Petkov wrote: > But better safe than sorry. I got this, it looks good when I'm single-stepping through it with gdb and it boots fine in kvm. I'll run it on baremetal tomorrow: /* * Setup stack for verify_cpu(): make sure we

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Wed, Mar 02, 2016 at 10:39:05AM -0800, H. Peter Anvin wrote: > Well, we definitely should use %rip-relative addressing if we can. Right you are. > However, even so I believe this breaks if the kernel is loaded anywhere > but its default load address. I think we need to do something like: >

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Wed, Mar 02, 2016 at 10:39:05AM -0800, H. Peter Anvin wrote: > Well, we definitely should use %rip-relative addressing if we can. Right you are. > However, even so I believe this breaks if the kernel is loaded anywhere > but its default load address. I think we need to do something like: >

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On 03/02/16 10:15, Borislav Petkov wrote: > On Wed, Mar 02, 2016 at 09:53:28AM -0800, H. Peter Anvin wrote: >> Please explain why we can't use rip-relative addressing in some form... > > We *can* do almost what Brian suggested: > > movqstack_start(%rip), %rsp > subq

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On 03/02/16 10:15, Borislav Petkov wrote: > On Wed, Mar 02, 2016 at 09:53:28AM -0800, H. Peter Anvin wrote: >> Please explain why we can't use rip-relative addressing in some form... > > We *can* do almost what Brian suggested: > > movqstack_start(%rip), %rsp > subq

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On March 2, 2016 10:15:56 AM PST, Borislav Petkov wrote: >On Wed, Mar 02, 2016 at 09:53:28AM -0800, H. Peter Anvin wrote: >> Please explain why we can't use rip-relative addressing in some >form... > >We *can* do almost what Brian suggested: > >movqstack_start(%rip),

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On March 2, 2016 10:15:56 AM PST, Borislav Petkov wrote: >On Wed, Mar 02, 2016 at 09:53:28AM -0800, H. Peter Anvin wrote: >> Please explain why we can't use rip-relative addressing in some >form... > >We *can* do almost what Brian suggested: > >movqstack_start(%rip), %rsp >

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Wed, Mar 02, 2016 at 09:53:28AM -0800, H. Peter Anvin wrote: > Please explain why we can't use rip-relative addressing in some form... We *can* do almost what Brian suggested: movqstack_start(%rip), %rsp subq$__START_KERNEL_map, %rsp But we still have to subtract

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Wed, Mar 02, 2016 at 09:53:28AM -0800, H. Peter Anvin wrote: > Please explain why we can't use rip-relative addressing in some form... We *can* do almost what Brian suggested: movqstack_start(%rip), %rsp subq$__START_KERNEL_map, %rsp But we still have to subtract

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On March 2, 2016 8:25:30 AM PST, Borislav Petkov wrote: >On Wed, Mar 02, 2016 at 11:22:30AM -0500, Brian Gerst wrote: >> This should be: movq stack_start(%rip), %rsp > >No it wouldn't. That doesn't work. > >> > + subq$__START_KERNEL_map, %rsp >> >> It would be better to

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On March 2, 2016 8:25:30 AM PST, Borislav Petkov wrote: >On Wed, Mar 02, 2016 at 11:22:30AM -0500, Brian Gerst wrote: >> This should be: movq stack_start(%rip), %rsp > >No it wouldn't. That doesn't work. > >> > + subq$__START_KERNEL_map, %rsp >> >> It would be better to add the offset

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On 02.03.2016 18:55, Borislav Petkov wrote: > On Wed, Mar 02, 2016 at 06:38:15PM +0200, Mika Penttilä wrote: >> I actually looked at it a while too... >> >> The >> movq stack_start - __START_KERNEL_map, %rsp >> >> turns into (objdump disassembly) >> >> mov0x0,%rsp >> >> with relocation

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On 02.03.2016 18:55, Borislav Petkov wrote: > On Wed, Mar 02, 2016 at 06:38:15PM +0200, Mika Penttilä wrote: >> I actually looked at it a while too... >> >> The >> movq stack_start - __START_KERNEL_map, %rsp >> >> turns into (objdump disassembly) >> >> mov0x0,%rsp >> >> with relocation

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Wed, Mar 02, 2016 at 06:38:15PM +0200, Mika Penttilä wrote: > I actually looked at it a while too... > > The > movq stack_start - __START_KERNEL_map, %rsp > > turns into (objdump disassembly) > > mov0x0,%rsp > > with relocation > 0004 R_X86_64_32S

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Wed, Mar 02, 2016 at 06:38:15PM +0200, Mika Penttilä wrote: > I actually looked at it a while too... > > The > movq stack_start - __START_KERNEL_map, %rsp > > turns into (objdump disassembly) > > mov0x0,%rsp > > with relocation > 0004 R_X86_64_32S

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On 02.03.2016 18:15, Borislav Petkov wrote: > On Wed, Mar 02, 2016 at 05:55:14PM +0200, Mika Penttilä wrote: >>> + /* Setup a stack for verify_cpu */ >>> + movqstack_start - __START_KERNEL_map, %rsp >>> + subq$__START_KERNEL_map, %rsp >>> + >> You subtract __START_KERNEL_map twice ?

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On 02.03.2016 18:15, Borislav Petkov wrote: > On Wed, Mar 02, 2016 at 05:55:14PM +0200, Mika Penttilä wrote: >>> + /* Setup a stack for verify_cpu */ >>> + movqstack_start - __START_KERNEL_map, %rsp >>> + subq$__START_KERNEL_map, %rsp >>> + >> You subtract __START_KERNEL_map twice ?

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Wed, Mar 02, 2016 at 11:22:30AM -0500, Brian Gerst wrote: > This should be: movq stack_start(%rip), %rsp No it wouldn't. That doesn't work. > > + subq$__START_KERNEL_map, %rsp > > It would be better to add the offset to the initializer for > stack_start instead of adjusting it at

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Wed, Mar 02, 2016 at 11:22:30AM -0500, Brian Gerst wrote: > This should be: movq stack_start(%rip), %rsp No it wouldn't. That doesn't work. > > + subq$__START_KERNEL_map, %rsp > > It would be better to add the offset to the initializer for > stack_start instead of adjusting it at

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Wed, Mar 2, 2016 at 6:20 AM, Borislav Petkov wrote: > From: Borislav Petkov > > 04633df0c43d ("x86/cpu: Call verify_cpu() after having entered long mode too") > added the call to verify_cpu() for sanitizing CPU configuration. > > The latter uses the stack

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Wed, Mar 2, 2016 at 6:20 AM, Borislav Petkov wrote: > From: Borislav Petkov > > 04633df0c43d ("x86/cpu: Call verify_cpu() after having entered long mode too") > added the call to verify_cpu() for sanitizing CPU configuration. > > The latter uses the stack minimally and it can happen that we

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On 02.03.2016 13:20, Borislav Petkov wrote: > From: Borislav Petkov > > 04633df0c43d ("x86/cpu: Call verify_cpu() after having entered long mode too") > added the call to verify_cpu() for sanitizing CPU configuration. > > The latter uses the stack minimally and it can happen that we

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On 02.03.2016 13:20, Borislav Petkov wrote: > From: Borislav Petkov > > 04633df0c43d ("x86/cpu: Call verify_cpu() after having entered long mode too") > added the call to verify_cpu() for sanitizing CPU configuration. > > The latter uses the stack minimally and it can happen that we land in >

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Wed, Mar 02, 2016 at 05:55:14PM +0200, Mika Penttilä wrote: > > + /* Setup a stack for verify_cpu */ > > + movqstack_start - __START_KERNEL_map, %rsp > > + subq$__START_KERNEL_map, %rsp > > + > > You subtract __START_KERNEL_map twice ? Yes. That's not very obvious and it took me

Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

On Wed, Mar 02, 2016 at 05:55:14PM +0200, Mika Penttilä wrote: > > + /* Setup a stack for verify_cpu */ > > + movqstack_start - __START_KERNEL_map, %rsp > > + subq$__START_KERNEL_map, %rsp > > + > > You subtract __START_KERNEL_map twice ? Yes. That's not very obvious and it took me

[RFC PATCH] x86: Make sure verify_cpu has a good stack

From: Borislav Petkov 04633df0c43d ("x86/cpu: Call verify_cpu() after having entered long mode too") added the call to verify_cpu() for sanitizing CPU configuration. The latter uses the stack minimally and it can happen that we land in startup_64() directly from a 64-bit

[RFC PATCH] x86: Make sure verify_cpu has a good stack

From: Borislav Petkov 04633df0c43d ("x86/cpu: Call verify_cpu() after having entered long mode too") added the call to verify_cpu() for sanitizing CPU configuration. The latter uses the stack minimally and it can happen that we land in startup_64() directly from a 64-bit bootloader. Then we