Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756166AbcCBRoW (ORCPT ); Wed, 2 Mar 2016 12:44:22 -0500 Received: from mail-am1on0095.outbound.protection.outlook.com ([157.56.112.95]:30304 "EHLO emea01-am1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1755349AbcCBRoU (ORCPT ); Wed, 2 Mar 2016 12:44:20 -0500 Authentication-Results: amd.com; dkim=none (message not signed) header.d=none;amd.com; dmarc=none action=none header.from=nextfour.com; Subject: Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack To: Borislav Petkov References: <1456917606-4979-1-git-send-email-bp@alien8.de> <56D70CE2.1050500@nextfour.com> <20160302161532.GK16954@pd.tnic> <56D716F7.3080407@nextfour.com> <20160302165516.GC8362@pd.tnic> CC: "H. Peter Anvin" , X86 ML , LKML , Tom Lendacky From: =?UTF-8?Q?Mika_Penttil=c3=a4?= Message-ID: <56D7266B.9030009@nextfour.com> Date: Wed, 2 Mar 2016 19:44:11 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1 MIME-Version: 1.0 In-Reply-To: <20160302165516.GC8362@pd.tnic> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit X-Originating-IP: [84.250.21.106] X-ClientProxiedBy: DB5PR06CA0033.eurprd06.prod.outlook.com (25.162.165.43) To VI1PR07MB0910.eurprd07.prod.outlook.com (25.161.108.28) X-Microsoft-Exchange-Diagnostics: 1;VI1PR07MB0910;2:Db4L73eIwoWM3/EOo2IePXtNm212FpoM3FNVe4rZLcnCwyjaYkdisMr8LJg0pZLdr0xnN/zLHH0k1GlVm27TnUjLZ97IP/KYEgDjAbmCmn4cQ2WptneSz3Kman9CGMJm+xktbqL3gUGZ6ubZLpWOnQ==;3:nFVNd7rTBq/Y+ySE48zS+jBqzrWtMN8yuA5vPLr3Obet8oJzdvaSeTzLEAO0yG5fpDkJAOFrQrUZr+X6FV1rNh46/c1DUFajxhgogTarNklxwkmXka+hsEggLhKv1QKU;25:YnJJ0w8N3e2ZFQh2txsRBVNOg47MjeYvO3rVCR/7BqKQoeZMCMRSMNvpzEKTISUM2ccRyLmpAo2Fz3ZFxvoBwlVeoa/CZso6NleDKEdkwPm8h6yeEQ+tPB8Ro52sAu3TJEt87mu1W5fTdZaXZJyqCFhHJRxgtshJ6evZJb0R2PEAkaSrUGvHOb0dd04SzUu1uLRG2kEg/nuH36TavzCohF+1fc7ZCTr36U/N1fkz/wctKDh95It5xUTd5PJWG37h88AodTPzIKFXiWUZpDMsnI/UnwQKgWiCdRiuLnSWQoEhz4awy0gDsxoyxfsK6TrSNvvoOb1ymXQvcCGOx1TvjEdXolhPsetWMw4lnhQBYbSfxiUcIzLoTAPnYexPyW/1DMK1mDGaLws+MZ6EAmjThw== X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:VI1PR07MB0910; X-MS-Office365-Filtering-Correlation-Id: fdc06680-bb27-44ae-2f71-08d342c246bd X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001);SRVR:VI1PR07MB0910;BCL:0;PCL:0;RULEID:;SRVR:VI1PR07MB0910; X-Microsoft-Exchange-Diagnostics: 1;VI1PR07MB0910;4:bGJyMo+o60niiIDX3si8UueFRcF9uOtMP9VL67Il0mCXTPhT219Izg8vTXuRa3mZJabudWnlggAs2kviCbblFxQefWBaLzEA3NkJLoQ1f6nwztskGHJMQktCx8IlZIr7TJOQJXcqACyMFHcYkDqFWVHgACj9VPbNCubkR4HJqBjQqKqTbvhTVf4pe9bQfS9hLNrT36gJ2D8APYCwvTZwlzT7rvvWYa88PVxNeOtXBDc+nwnCXYICaSPGQm8B4DzvVvApmKsw9iz1XDYTgyL+9UPF6fBlQQkaHdgxXDIwA7JGZtl2C/1OmqS2F48GF92M3/yKYSRSjJ+RnfNoBJLWBEEfXg+OGGs8UORqHbQdjCUHgieAz/VaHd5YJAALeU8Q X-Forefront-PRVS: 086943A159 X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(4630300001)(6009001)(6049001)(24454002)(164054003)(189998001)(50466002)(65956001)(47776003)(4001350100001)(76176999)(66066001)(122386002)(40100003)(5004730100002)(2870700001)(83506001)(4326007)(5001960100004)(65816999)(92566002)(42186005)(6116002)(93886004)(3846002)(23676002)(5008740100001)(87976001)(33656002)(87266999)(2906002)(59896002)(54356999)(1096002)(36756003)(110136002)(77096005)(586003)(86362001)(2950100001)(117156001)(50986999)(81156010)(7059030);DIR:OUT;SFP:1101;SCL:1;SRVR:VI1PR07MB0910;H:[192.168.1.71];FPR:;SPF:None;MLV:sfv;LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtWSTFQUjA3TUIwOTEwOzIzOjhra2FXbVZrL3BTZVBTSTZDOU01bGVGV0dr?= =?utf-8?B?anJKTFhuZWdzRDFYaGF0cXBiOVI2L0dVaGRQaU00Y1JiNGdsQ1NsSU81WWNK?= =?utf-8?B?S2g2UFpQbkRPRHk3UEo5Ukt5cjFMSWt0RHowZXNiYkpBcFZuejZZUmpnK0hx?= =?utf-8?B?cS91azQ3emwxNEcrNGtQSTVYb0pGT0hsQ3RDV3hrRllGZXlDNzNYM1VldDdN?= =?utf-8?B?OGJvVU9CV0llK0Z6WnhjdU5tNDhOcjF1NG1mdmpMOCtnWDlYNlhrWjBEVHhk?= =?utf-8?B?MUdDVUt1YjhIT3dlVEt6cTB3b0dGemZxdWx5REJ6ekp5WmtmamI1cVdwbzVC?= =?utf-8?B?SURpb1FwRjZxS3BIUUJsUkVRSEZBTWlDWEFJVXl4VzFDcFR3WVZadVVwRmpu?= =?utf-8?B?NHRvRGMxTlVoRFhXbEcxVVh5NHI2Q0VPaTlaRDVzUlhlSDR5Q0VKUUplN2JI?= =?utf-8?B?U29wYjBQcTFTQ2VIOWZCUlh5aktxQ3dVYTdaeVlZV2IrWUwvOGZDWnhDNWUy?= =?utf-8?B?SmlRc1lEdXdkNFlTdWpHdnNhaFRVVVN4ZmEwb3FjWkVtYjVhT0tCZWkrTjBn?= =?utf-8?B?UXBCU1FEcjN6ZmQ3UThGVHNTOWM5QlRCVlNScTFpaVUrSkRMOHQ4WXZPTGlu?= =?utf-8?B?QzY2K0s3Wk4rZzFPbVhFNDU2aVJFVVhHbmZlRG9CWHBMSjZvUUVHV1NvTER0?= =?utf-8?B?OXAwbUR0R0ZoTmcyYmIxUkdpQmcyQjc3TG5yM1pReVE1VUhTRE8rVDRnVUQv?= =?utf-8?B?QlROS0RVNTRHMWlLbjVkK0c5czVZbkdia2s1UVhtOTFTY0F5MjIrNGZlL2d1?= =?utf-8?B?WXVMRHlDN1J3eTkwT2o3ZWRSZld6M3o0dVJueWZ1amJGd2RNUWdtUHhRSFlV?= =?utf-8?B?SHR3Z3VINGxJTDJ0a3JCOUVCa3BtOE5zSklHbEZjcG5ndmJDOWlMME80cHNI?= =?utf-8?B?S3g2VVV4WXNmeUxLMEdkSDlrMzVxNWo4YllLYmY0RFMvblN2UHMrMjZQenVB?= =?utf-8?B?dTBQVjZYUjdoZDhRcnRVZzFFQkJLN2JjanJRdFZuQTk3K25lVE1qWGF0K3BL?= =?utf-8?B?dUdSQmMyOTRyaWYvcHh1eUJkYy9PZURYeVpKcy9OT1cxUHR3b1kzVlY2UHFC?= =?utf-8?B?bWJoTHkwLy9iQW9ndWMyYUxVSU9QMHZVMGlxRnVvdUlUc29WKytENkpJdjNI?= =?utf-8?B?RlMxYko4OFpMQkh5MkpUM3RFTDJxWll4bUVhUjlSbDJpb0NHVmVSU1kwOFZs?= =?utf-8?B?THV3UXhsUGNvMzZadllvWXBVb2F2SVN6Y3M1OTZqOXZlS3loR1NtM1R2UlBC?= =?utf-8?B?cnpmLzArZm4wbStXZEF3bVloWnc0VzZCQ2hVMmVLaTEwK1lsV3RrZ0JXNVdN?= =?utf-8?B?bkMvQms1KzA4aVd6VnhPNERFb1JqMlEvaXF2dnBUWmtNWG5yMEtLUVhoS2ky?= =?utf-8?B?SzFEaHhxeGVpRTRnMi9kQXA3VHg2OUxZQmFwQmkrT0xJaUNUQkY3R3hZaVN2?= =?utf-8?Q?tTyakpYdZW/RAHR5vMs6tfjiQxMEQqcHPNKKdXV5mreRzZ?= X-Microsoft-Exchange-Diagnostics: 1;VI1PR07MB0910;5:CxdeKFr3pf14unG1H1zJT37SmKGN860iB4ZQfjhOt4LcbD1Nph+kirIMQLbqj0dp8ZMPU4t5Jdu6dD5+UGFWAbOo+1NbfnT1lNEYddVY9FgSBKFVi0zKFU70JtEC/A6L5LN4M0kRWs6zDYiAAcIgvg==;24:CpzFjfEciOAUc+mJVnZH77hfjFcms04XFoTet+JpQ+tbkJe9lM9lDNaE5be2fXG0lD3UU+n7ZdP4KFd+N/L7VZaz6C3/D4zSJ+On/u6DRz8= SpamDiagnosticOutput: 1:23 SpamDiagnosticMetadata: NSPM X-OriginatorOrg: nextfour.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Mar 2016 17:44:15.9764 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR07MB0910 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1523 Lines: 57 On 02.03.2016 18:55, Borislav Petkov wrote: > On Wed, Mar 02, 2016 at 06:38:15PM +0200, Mika Penttilä wrote: >> I actually looked at it a while too... >> >> The >> movq stack_start - __START_KERNEL_map, %rsp >> >> turns into (objdump disassembly) >> >> mov 0x0,%rsp >> >> with relocation >> 0000000000000004 R_X86_64_32S stack_start+0x0000000080000000 >> >> Now stack_start is at ffffffff81ef3380, so the relocation gives 1ef3380 which would be correct, so why the >> second subq ? >> >> You may explain :) > Here it is :-) > > $ readelf -a vmlinux | grep stack_start > 70526: ffffffff81cbabf8 0 NOTYPE GLOBAL DEFAULT 14 stack_start > > 0xffffffff81cbabf8 - __START_KERNEL_map = > 0xffffffff81cbabf8 - 0xffffffff80000000 = > 0x1cbabf8 > > (gdb) x/x 0x1cbabf8 > 0x1cbabf8: 0xffffffff81c03ff8 > > (You don't need gdb for that - you can hexdump or objdump vmlinux). > > Now stack_start is: > > GLOBAL(stack_start) > .quad init_thread_union+THREAD_SIZE-8 > > which is > > $ readelf -a vmlinux | grep init_thread_union > 82491: ffffffff81c00000 16384 OBJECT GLOBAL DEFAULT 14 init_thread_union > > so init_thread_union+THREAD_SIZE-8 = 0xffffffff81c00000 + 4*4096-8 = 0xffffffff81c03ff8 > > So you have to subtract __START_KERNEL_map again because it has there a > virtual address and we haven't enabled paging yet: > > 0xffffffff81c03ff8 - 0xffffffff80000000 = 0x1c03ff8. > > Makes sense? > Ah missed completely that stack_start is effectively a pointer to stack.. Thanks, Mika