Received: by 2002:ac0:a594:0:0:0:0:0 with SMTP id m20-v6csp3391324imm; Thu, 17 May 2018 08:04:15 -0700 (PDT) X-Google-Smtp-Source: AB8JxZoirkGVq8LAQeLhAwrPgxvmDapgJzlwbAvQv6i3g/GwzJl2S59eDs0Re3f3qR77DRm3VMOr X-Received: by 2002:a17:902:4603:: with SMTP id o3-v6mr5720093pld.49.1526569455903; Thu, 17 May 2018 08:04:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1526569455; cv=none; d=google.com; s=arc-20160816; b=fA4pk9el4fwJVZ3fOW4IxT3JRMZs2iWZqJGzPE+LTxO70hpFn2JqT1P8IPjU5rEXfA 6VfFv3F34fB4mt+aVcFy6BwkbpGXDSoTzyfL8qan99MmvKOXAvsrQJWr8MGZKMzleArY 2yUuzTAl501vf1PwNKUc2OaDm8h6nf1TfoYg4ZHhHdA0EolSIahzpgZ1MX55zOjspeXK XkszfMCuqV5VBxP5X5Na3bAjYpBubA1rgbTsVS6ofkIse5geNgZLQQzeBRmHoZOWMb0R 5kk09La/EWra8yxM+5+izn+BDfpVH3HoLIBN/dQc6yKDUY8glgSFk0oJe0b05+ZdQhzI RSjA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-disposition :content-transfer-encoding:mime-version:in-reply-to:references :subject:cc:to:from:date:message-id:arc-authentication-results; bh=jBlr+YhWc2xwG/KDYLUuDwYTgKdtEE356Yk7u+TgFJA=; b=hGpiGQHTwyLuA9JLP5eBwMomgMbtGaNoGVdd4ACMAwuUN/ub8x45JvKiiVLpyYRxlJ H1ZB7VqOH38i7UIWFZlLScsPQpFt897zxxp58pt/aTiwBJbw/tCygLkcgN4pz3QNfDRa 43hlhCabCuvnfcLrR1lUoi1MfwNWfX1/Jb4ednLO80RiRwpUyJWSsuksucoyPN0zXyx/ w7byy6wVcKqpYF3NQErbSjbRSvMakJG/cVg17zEmLH5AyhvCfliAQcAUlzPgeUBp4Eks 4Gv35RDVgfTgqikGj/iptLNk0BbSVUZtlT2hbk/7B+QgyJ02+G5SrHqlqdYwGA0oOJL/ DqOw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 3-v6si5413821pla.38.2018.05.17.08.03.37; Thu, 17 May 2018 08:04:15 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752485AbeEQPCs convert rfc822-to-8bit (ORCPT + 99 others); Thu, 17 May 2018 11:02:48 -0400 Received: from prv1-mh.provo.novell.com ([137.65.248.33]:57143 "EHLO prv1-mh.provo.novell.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751533AbeEQPCr (ORCPT ); Thu, 17 May 2018 11:02:47 -0400 Received: from INET-PRV1-MTA by prv1-mh.provo.novell.com with Novell_GroupWise; Thu, 17 May 2018 09:02:46 -0600 Message-Id: <5AFD999402000078001C3B29@prv1-mh.provo.novell.com> X-Mailer: Novell GroupWise Internet Agent 18.0.0 Date: Thu, 17 May 2018 09:02:44 -0600 From: "Jan Beulich" To: "Boris Ostrovsky" Cc: "xen-devel" , "Juergen Gross" , Subject: Re: [PATCH v3 1/2] xen/PVH: Set up GS segment for stack canary References: <20180517144723.21585-1-boris.ostrovsky@oracle.com> <20180517144723.21585-2-boris.ostrovsky@oracle.com> In-Reply-To: <20180517144723.21585-2-boris.ostrovsky@oracle.com> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 8BIT Content-Disposition: inline Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org >>> On 17.05.18 at 16:47, wrote: > @@ -64,6 +67,9 @@ ENTRY(pvh_start_xen) > mov %eax,%es > mov %eax,%ss > > + mov $PVH_CANARY_SEL,%eax > + mov %eax,%gs I doubt this is needed for 64-bit (you could equally well load zero or leave in place what's there in that case), and loading the selector before setting the base address in the descriptor won't have the intended effect. > @@ -150,9 +170,12 @@ gdt_start: > .quad GDT_ENTRY(0xc09a, 0, 0xfffff) /* __KERNEL_CS */ > #endif > .quad GDT_ENTRY(0xc092, 0, 0xfffff) /* __KERNEL_DS */ > + .quad GDT_ENTRY(0x4090, 0, 0x18) /* PVH_CANARY_SEL */ > gdt_end: > > - .balign 4 > + .balign 16 > +canary: > + .fill 24, 1, 0 This is too little space for 64-bit afaict (the canary lives at offset 40 there if I can trust asm/processor.h). Jan