Received: by 10.213.65.68 with SMTP id h4csp1856722imn; Mon, 19 Mar 2018 15:23:14 -0700 (PDT) X-Google-Smtp-Source: AG47ELuFKmpzD+beHDG6d6CZKuqAQ0PFrxrItecoJ45Z+awZ2ZsW9t9vbzTpQ+dawUDbl70co7wx X-Received: by 10.99.111.139 with SMTP id k133mr10512363pgc.236.1521498194772; Mon, 19 Mar 2018 15:23:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1521498194; cv=none; d=google.com; s=arc-20160816; b=DUjIjWcXyDyDIkbIU36Ajs67+JY7hozfFDrrrBtI8CfKVGLKFqP7pwUYbVd+EWGGdp WM+H7pMD3pAYcsDLE3gBoUk0lo3G0RQxZ4KKHUiDkZhZ+7b72BAWL6uiQsPQV6mWCpH/ 1abhj7/CBJ8EKJlu5oX6T1j4tWxlbqlS2rwWo5cypf8OELuQavPuY9HQfdjMLu82s7i8 Owwq91/3UW3sb+IrS23NJ17OI5LB4s8ygjcZ4Nj1DIq47W5KliRvhJcMwOg2AhLzh+vS FZ1xrmRuTMy4Tp68A4hOxBu+XOMs1WOl+c+Ee5DoS5qgSdHDS/E5blqDHjBLdqY/oL49 9yWA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-language :content-transfer-encoding:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature :arc-authentication-results; bh=DBR7MbGOxOF5sD1E2pnhv1kwZVRIDDHmXwOTJkSTywg=; b=xiJwNVcnlQjO3I3agrdrwn7nVLNtJAVb60nwKYqFLcKB/MeLRr0hsJfBYrVDXhVryg rxl6JeorqjMakYwskUsfw4ZO6jYlRN2No/aFQlArJXw3heGy1rKefrY5qLeg8facmdY8 7cDFhFfufnVWHGqv9Aj7IAkA5EcqpexQmmOF94ouIXe4G/N1DB1Tt+gMqFerrs0nOh6F vIbpLsOTy9BfklP1raxieXlC3jT5T+/7D5lwO2QSq/7Df5D94sWYWqGrEkrKfWXOUZwa ntnkZM/gAEqUkb/M9vHvqCw8OhJFqzVb2X4eUfD69EzRR7buoLdVwq/UGrYVhTSpiXrT 7BUg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=mD9zj53I; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h188si159538pgc.330.2018.03.19.15.23.00; Mon, 19 Mar 2018 15:23:14 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=mD9zj53I; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S936440AbeCSWVI (ORCPT + 99 others); Mon, 19 Mar 2018 18:21:08 -0400 Received: from aserp2120.oracle.com ([141.146.126.78]:54816 "EHLO aserp2120.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933937AbeCSWVC (ORCPT ); Mon, 19 Mar 2018 18:21:02 -0400 Received: from pps.filterd (aserp2120.oracle.com [127.0.0.1]) by aserp2120.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w2JMCHTO177250; Mon, 19 Mar 2018 22:20:44 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=subject : to : cc : references : from : message-id : date : mime-version : in-reply-to : content-type : content-transfer-encoding; s=corp-2017-10-26; bh=DBR7MbGOxOF5sD1E2pnhv1kwZVRIDDHmXwOTJkSTywg=; b=mD9zj53IH1S8S0dnWaYjZNweRVbRChzegVefGuTvc5Zdfa/KKK8brUxc+8aRApdxSo4b +fw2r9ja6W8Wegku8YxIBuKSXPD5uysg7FGLilKy75XiwBXBWB4C9Fm2c1hWUPKO+2+u DGCKd1HnaelpJ39SbTzdrgednp+75MVGWzxfpWNEVUHPzvubnBYIFmGTwP1L/NEdr1O/ P3Wnw1jtfJa7br9AoL0yrkmh7MBmGE1X4OONYSa2nGXp3PCQ7WkWFRLZsQ9EdnHy/doE wFb7JIh2n/3LjnGK0AgDUW4qimlj2xdOFv7uOO4fuiFD+S91OpUKNbiR/lga0s4nw0OD sQ== Received: from userv0022.oracle.com (userv0022.oracle.com [156.151.31.74]) by aserp2120.oracle.com with ESMTP id 2gtnstg0r5-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 19 Mar 2018 22:20:43 +0000 Received: from userv0122.oracle.com (userv0122.oracle.com [156.151.31.75]) by userv0022.oracle.com (8.14.4/8.14.4) with ESMTP id w2JMKgLi023021 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 19 Mar 2018 22:20:42 GMT Received: from abhmp0006.oracle.com (abhmp0006.oracle.com [141.146.116.12]) by userv0122.oracle.com (8.14.4/8.14.4) with ESMTP id w2JMKf0n025320; Mon, 19 Mar 2018 22:20:42 GMT Received: from dhcp-burlington7-2nd-B-east-10-152-55-162.usdhcp.oraclecorp.com (/10.152.32.65) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Mon, 19 Mar 2018 15:20:41 -0700 Subject: Re: [PATCH] x86/xen: Delay get_cpu_cap until stack canary is established To: Jason Andryuk , Juergen Gross Cc: Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , x86@kernel.org, xen-devel@lists.xenproject.org, linux-kernel@vger.kernel.org References: <20180319165804.10636-1-jandryuk@gmail.com> From: Boris Ostrovsky Message-ID: <0726a193-6ce9-e835-9eef-01c56680d30a@oracle.com> Date: Mon, 19 Mar 2018 18:22:12 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 MIME-Version: 1.0 In-Reply-To: <20180319165804.10636-1-jandryuk@gmail.com> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Content-Language: en-US X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8836 signatures=668693 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1803190149 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 03/19/2018 12:58 PM, Jason Andryuk wrote: > Commit 2cc42bac1c79 ("x86-64/Xen: eliminate W+X mappings") introduced a > call to get_cpu_cap, which is fstack-protected. This is works on x86-64 s/This is works/This works/ Reviewed-by: Boris Ostrovsky Do we still need 4f277295e54? -boris > as commit 4f277295e54c ("x86/xen: init %gs very early to avoid page > faults with stack protector") ensures the stack protector is configured, > but it it did not cover x86-32. > > Delay calling get_cpu_cap until after xen_setup_gdt has initialized the > stack canary. Without this, a 32bit PV machine crashes early > in boot. > (XEN) Domain 0 (vcpu#0) crashed on cpu#0: > (XEN) ----[ Xen-4.6.6-xc x86_64 debug=n Tainted: C ]---- > (XEN) CPU: 0 > (XEN) RIP: e019:[<00000000c10362f8>] > > And the PV kernel IP corresponds to init_scattered_cpuid_features > 0xc10362f8 <+24>: mov %gs:0x14,%eax > > Fixes 2cc42bac1c79 ("x86-64/Xen: eliminate W+X mappings") > > Signed-off-by: Jason Andryuk > --- > arch/x86/xen/enlighten_pv.c | 8 ++++---- > 1 file changed, 4 insertions(+), 4 deletions(-) > > diff --git a/arch/x86/xen/enlighten_pv.c b/arch/x86/xen/enlighten_pv.c > index 3c2c2530737e..c36d23aa6c35 100644 > --- a/arch/x86/xen/enlighten_pv.c > +++ b/arch/x86/xen/enlighten_pv.c > @@ -1259,10 +1259,6 @@ asmlinkage __visible void __init xen_start_kernel(void) > */ > __userpte_alloc_gfp &= ~__GFP_HIGHMEM; > > - /* Work out if we support NX */ > - get_cpu_cap(&boot_cpu_data); > - x86_configure_nx(); > - > /* Get mfn list */ > xen_build_dynamic_phys_to_machine(); > > @@ -1272,6 +1268,10 @@ asmlinkage __visible void __init xen_start_kernel(void) > */ > xen_setup_gdt(0); > > + /* Work out if we support NX */ > + get_cpu_cap(&boot_cpu_data); > + x86_configure_nx(); > + > xen_init_irq_ops(); > > /* Let's presume PV guests always boot on vCPU with id 0. */