Received: by 2002:ac0:a594:0:0:0:0:0 with SMTP id m20-v6csp1609209imm; Tue, 22 May 2018 06:46:25 -0700 (PDT) X-Google-Smtp-Source: AB8JxZrkxAE5vovYOUkDl56AfeaqyL7pIzUuxl2nhWXqlE270fpl7w+ZH2jw9pfe9XQnEf9/VHwM X-Received: by 2002:a17:902:848b:: with SMTP id c11-v6mr24809499plo.132.1526996785908; Tue, 22 May 2018 06:46:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1526996785; cv=none; d=google.com; s=arc-20160816; b=XYspscnoOF4IXlEFowiK+lE9OrUEV+7E+TphwiyySAXkVclgHh/dKGWvCn1Ni+Bjob g8sUP8QxfMhtFGC86qzAEzKjaUcZhMv0eyUU32XKXgCegC9pnDLZ8tK7lD2duR61mYMI GT4vjqTnZO/GouY5h3lEj1Vr18RtmjMqyCxkp706w4cI8EdByzUtlxFFFkpFvTof9llE g3ASNxzoIThN87oJbsI4Iy9hGd/in68tgzcP+tz3GTvLkaXkC6fx0Gf2Ctf8mUOE6wDl 9vSfeBRU87KoF0zgltNJKKWfGw/r1d6lJaiCoSwIdtWJkpah4N1nY8xd8JUl4QqitZ1a qxSw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=iHJlYK4K+GaXOiiLLhfX/QwZYYRydxCz9fdiEgprBZI=; b=x/KspeF6el0iw0jvpieeWtMoLbDcmm4f+D6UVFRpMk8ylpLuxZ48elRkHs+Q+5Ltgc icuc9iwCFD9vTrpQuHT6JV6dClN2MytlsQaFERMXSTxZXSNPYeqiDqC/NuavZ+/BHMci y89OpoPLcKIYvzrRnmOq5UhyRjRinyIDgRtJVwn4K9ApSYcXRH082rPzscYT0dI1AOSI ZMo9ohSSb518KB6m+mugXAj2FlJ6G0vqDJWKagi3mDcL5LXKf9lAQxcfUzds98mrA1En Q5LwMNsOVRJrjENBca4h46Ixrl9M2XwZT11Ulc1WYiywELKi7LR9N9WSO1lxKrUZDFR4 rHzA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=qa5jYif8; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id q9-v6si12874848pgt.5.2018.05.22.06.46.10; Tue, 22 May 2018 06:46:25 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=qa5jYif8; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751371AbeEVNp7 (ORCPT + 99 others); Tue, 22 May 2018 09:45:59 -0400 Received: from mail-it0-f66.google.com ([209.85.214.66]:51201 "EHLO mail-it0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751199AbeEVNp6 (ORCPT ); Tue, 22 May 2018 09:45:58 -0400 Received: by mail-it0-f66.google.com with SMTP id n202-v6so25338480ita.1 for ; Tue, 22 May 2018 06:45:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=iHJlYK4K+GaXOiiLLhfX/QwZYYRydxCz9fdiEgprBZI=; b=qa5jYif8S5YHdBetsTudVtM29f48m2f7G+1/MUlpd7XYp30pnKHrfVIoVAqDuLvNgn +zddA3RK9CFH7LA/g2Hp1LxA4td5H2LLaQR/oo6l9VSgYn0YbsJcuj1DcGNUhmfoYKsb 6HtCFnDzgv0BUqeJQRBb5kfFO5zubGLOCLENePQxx81VcV4kD73TAeSTRx9i1HtsW0SW WM4e+gQyuIvf2zSnXczvRxxHD7r/n0Kq4aNG+/k65Zq/q1HeXR6KltEwFNPIzS18Hpnf dYlo9Ou/lfy8KyFyWKW5C0fj9Dc+U2E2GdFufCkURih5v39EPwL+mxO6+cpmOOJb/H26 5ZKg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=iHJlYK4K+GaXOiiLLhfX/QwZYYRydxCz9fdiEgprBZI=; b=PFOAoJ76g2iX6bgkAj2IzfxSbfiSNj4DG99Zjldfkxn1+OdOqS4D9AU1vxyezjFbc/ IJXpOWRfdk01bv2NJaboOvYbJ0Dl72W7FuXc1Mvooy9X+TVJAEef/JVVwDi2vD653cci rDXFEX+ZcKMY10L4TjqblXnAxsXuY3pZhB/GjPxVklRC8N/o2qwIHmzFYy2CD/NBoiBF a5pwaNGMHsrE9MsYPRgEQ63GnzIYfYFq2ed7Ur01AmfXAndjQ3rGkJJtzI5qhceXj9LB VYIwN9cup9mWFKG06mYTnPeUNDFEtu/oYVlpJLqcPlCOozj8Y3XNQDPIxwyu6ISjYi0I tkOw== X-Gm-Message-State: ALKqPweXlgldB+vHsDo7aafh0M/4MRJYGm+0mYQOtjq27yj6p2AWlblY YqCzIdYnqpEiDqM+NtMTGDzCIWiSWvxwsMa58A== X-Received: by 2002:a24:70d0:: with SMTP id f199-v6mr1356908itc.2.1526996757622; Tue, 22 May 2018 06:45:57 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a02:7f0a:0:0:0:0:0 with HTTP; Tue, 22 May 2018 06:45:57 -0700 (PDT) In-Reply-To: <20180522035445.16911-2-boris.ostrovsky@oracle.com> References: <20180522035445.16911-1-boris.ostrovsky@oracle.com> <20180522035445.16911-2-boris.ostrovsky@oracle.com> From: Brian Gerst Date: Tue, 22 May 2018 09:45:57 -0400 Message-ID: Subject: Re: [PATCH v4 1/2] xen/PVH: Set up GS segment for stack canary To: Boris Ostrovsky Cc: xen-devel@lists.xenproject.org, Linux Kernel Mailing List , Juergen Gross , Jan Beulich Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, May 21, 2018 at 11:54 PM, Boris Ostrovsky wrote: > We are making calls to C code (e.g. xen_prepare_pvh()) which may use > stack canary (stored in GS segment). > > Signed-off-by: Boris Ostrovsky > --- > arch/x86/xen/xen-pvh.S | 26 +++++++++++++++++++++++++- > 1 file changed, 25 insertions(+), 1 deletion(-) > > diff --git a/arch/x86/xen/xen-pvh.S b/arch/x86/xen/xen-pvh.S > index e1a5fbe..0169374 100644 > --- a/arch/x86/xen/xen-pvh.S > +++ b/arch/x86/xen/xen-pvh.S > @@ -54,6 +54,9 @@ > * charge of setting up it's own stack, GDT and IDT. > */ > > +#define PVH_GDT_ENTRY_CANARY 4 > +#define PVH_CANARY_SEL (PVH_GDT_ENTRY_CANARY * 8) > + > ENTRY(pvh_start_xen) > cld > > @@ -98,6 +101,12 @@ ENTRY(pvh_start_xen) > /* 64-bit entry point. */ > .code64 > 1: > + /* Set base address in stack canary descriptor. */ > + mov $MSR_GS_BASE,%ecx > + mov $canary, %rax > + cdq > + wrmsr CDQ only sign-extends EAX to RAX. What you really want is to move the high 32-bits to EDX (or zero EDX if we can guarantee it is loaded below 4G). -- Brian Gerst