On Mon, Mar 21, 2016 at 3:52 PM, Andi Kleen <[email protected]> wrote: >> No. My objection is that there needs to be an explicit statement what >> the semantics are. If the agreed-upon semantics are "undefined >> behavior if GS != 0 and GSBASE doesn't match the descriptor", so be >> it, but this needs to be a conscious decision and needs to be weighed >> against the alternatives. > > Documentation/x86/fsgs.txt already has this statement: > >>>> > Another requirement is that the FS or GS selector has to be zero > (is normally true unless changed explicitly). When it is non-zero > the context switch assumes the bases were loaded through the LDT/GDT, > and will reload that. > <<< > > Is that sufficient? >
Maybe. Are there better options? Could we, for example, actually try to preserve the state if this happens? Would it be worth it? >> >> The actual implementation details are just details. They need to >> match the intended semantics, of course. > > I believe my implementation matches the paragraph above. > > -Andi > > -- > [email protected] -- Speaking for myself only. -- Andy Lutomirski AMA Capital Management, LLC
