Received: by 10.223.176.5 with SMTP id f5csp2639557wra;
        Mon, 29 Jan 2018 01:20:37 -0800 (PST)
X-Google-Smtp-Source: AH8x224oSpSLIch9PF5cJC5KdY5LagTpoBOE8VakeiNVXIwYvX2UWMLAh37hpmae4QwuxSTcDJV1
X-Received: by 2002:a17:902:8c89:: with SMTP id t9-v6mr20562136plo.2.1517217637515;
        Mon, 29 Jan 2018 01:20:37 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1517217637; cv=none;
        d=google.com; s=arc-20160816;
        b=dun5L+dL3TIlWbsZlbjTskgb/MXWg0Wf/RUUG1VDdcnqc1S1wORfCDg09jjcYPT+I/
         5pZYiFH+mLndW04iK6tbfaEI5MNhbVeGVjiWYqjDdClRw/IRZE3YTv40kH0Caq4twlVF
         mgvQ/FB0sMYVydXukLUA8SR3I4buj2+NnQGnhs3oZ89SfvvEQWtea7vJfGhZm1QkMj1l
         /KcqTcOIWN3ymOZsUgYf8JedvwB9PQCSAzLgZt/OjxwIl2O0ooZQ2sH+HZk2O80khiHX
         9oJR7HSb0JWQsTpr48/4CsFoiAJ1HVCmWQTtSQ+aLGLOCa/UWyouVYo0vV9lNSTTKaTB
         yn9g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject:arc-authentication-results;
        bh=RMNjwOpvujdeIhdNNGv3lEDnVfKGFAc++nY94YH/REE=;
        b=EtBNdWg3GB5YhXv12UW9XpyKjhkpUKpNwC/kKtaj9EAtHiSua7RdiTnrR0ZR3BJuGf
         PbFpGBRZ6jpIkjFqHpT65ore5aeXZ3cjmEurnS5zcN4Bf4YIowifowVW1RqcDQ7CO6na
         wn4/5ChfMo7dadJY0wUMA5wQMjwqwrXjk/pU7Htc+N+tv/Naj1y/nhoGVSNZogt5ne2H
         p1TfAjCd/5kfi4KzmdlVLAlWtd1ocb7TQ+0lzQZmMEa1wo6Ch/wjAVZFgrTqMm1PqYLl
         EBnqfivSCcEGjUHV8ecvCxxtXD2nZ37G4yegS6i9guqqs8YLsSgnTrtcfNrXPxEzVher
         1z3w==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id t3si7103723pgt.195.2018.01.29.01.20.23;
        Mon, 29 Jan 2018 01:20:37 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751777AbeA2JSj (ORCPT <rfc822;lunatang2017@gmail.com>
        + 99 others); Mon, 29 Jan 2018 04:18:39 -0500
Received: from terminus.zytor.com ([65.50.211.136]:36425 "EHLO mail.zytor.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1751701AbeA2JSh (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 29 Jan 2018 04:18:37 -0500
Received: from tazenda.hos.anvin.org (c-24-5-245-234.hsd1.ca.comcast.net [24.5.245.234] (may be forged))
        (authenticated bits=0)
        by mail.zytor.com (8.15.2/8.15.2) with ESMTPSA id w0T9E4AM032044
        (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO);
        Mon, 29 Jan 2018 01:14:04 -0800
Subject: Re: selftests/x86/fsgsbase_64 test problem
To:     Andy Lutomirski <luto@kernel.org>
Cc:     Borislav Petkov <bp@alien8.de>, Dan Rue <dan.rue@linaro.org>,
        Shuah Khan <shuah@kernel.org>, Ingo Molnar <mingo@kernel.org>,
        Dmitry Safonov <dsafonov@virtuozzo.com>,
        "open list:KERNEL SELFTEST FRAMEWORK" 
        <linux-kselftest@vger.kernel.org>,
        LKML <linux-kernel@vger.kernel.org>
References: <20180126153631.ha7yc33fj5uhitjo@xps>
 <CALCETrXVFC=6wPNpL0Dc7pkSv4JSaoEZZcu3Rtw0sg7KJsE5Pg@mail.gmail.com>
 <CALCETrUi7Ub2TbFy3Cvj+j4VXZeYULPY+mgL7OX7bz9L8GO9ew@mail.gmail.com>
 <CALCETrWvkd68wPCxGwmzqgsLTr_59+=L9u8obwt+f+oUQwDY=w@mail.gmail.com>
 <CALCETrW5=K5wJqLRZACmJJ+LF8Nb+Yf3OJ1tTNwqiOCxHu3w1Q@mail.gmail.com>
 <CALCETrWq04AngUHkSv-bqDYXDSVH8N0bhXS_Nh63SpMmndexSA@mail.gmail.com>
 <CALCETrUcJ2dVkSXGhtRvQeYQZZhPca95VhjQB8j6dFN6hzceSQ@mail.gmail.com>
From:   "H. Peter Anvin" <hpa@zytor.com>
Message-ID: <46328204-e363-e517-f30c-c8c94ac1442c@zytor.com>
Date:   Mon, 29 Jan 2018 01:13:59 -0800
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.4.0
MIME-Version: 1.0
In-Reply-To: <CALCETrUcJ2dVkSXGhtRvQeYQZZhPca95VhjQB8j6dFN6hzceSQ@mail.gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 01/28/18 11:21, Andy Lutomirski wrote:
>>
>> I think the bug is here.  I think that, when writing a NULL selector
>> to DS, ES, FS, or GS, Intel CPUs incorrectly set DPL == RPL, whereas
>> they should set DPL to 3.
> 
> As an experiment, I did this:
> 
>  DEFINE_PER_CPU_PAGE_ALIGNED(struct gdt_page, gdt_page) = { .gdt = {
> +       [0] = { .dpl = 3, },
> +
> 
> This had no apparent effect.  I was hoping that maybe loading NULL
> into a selector would copy DPL from from gdt[0], but it seems like it
> doesn't.
> 

GDT[0] doesn't actually exist.  It is pretty much scratch space (I have
suggested using it for the gsbase once all those issues get sorted out,
because it lets the paranoid code do something like:

	rdgsbase %rax
	push %rax	/* Save old gsbase */
	push %rax	/* Reserve space on stack */
	sgdt -2(%rsp)	/* We don't care about the limit */
	pop %rax	/* %rax <- gdtbase */
	mov (%rax),%rax	/* GDT[0] holds the gsbase for this cpu */
	wrgsbase %rax