Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp3263892imu;
        Sun, 11 Nov 2018 11:03:11 -0800 (PST)
X-Google-Smtp-Source: AJdET5cjRapNK6oz2zRyQ7nZuEpeGz8rSXG0gZqOvFSJsQH+zMPojlLLc/HOgNcbyPRyv6eiCwlk
X-Received: by 2002:a63:4b60:: with SMTP id k32mr14735321pgl.186.1541962991125;
        Sun, 11 Nov 2018 11:03:11 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1541962991; cv=none;
        d=google.com; s=arc-20160816;
        b=vtGagn/BcBFBgYQ3mIpkZ2436t9Zor2tUeChz1Qon2T+ylWOHXgUe8kD5+m3mdTSTu
         xzMR1UFkZzNYZm8kvtzFDGKQXGVpqT08eo9wk7DUvzzgPUnu5Jry+u+VP7Ibrtu0ydJm
         agEEI8dtdy338kzm7rfBvaQsiacsCaO+NXVdH9hyg5/K5xuuhHT+bUmqDVC0CaN4cPs5
         MZUmg17HomDBnwFo923AGCTP+99Y8H9IG49SAMHiIB3mBCBRIIKjRNiYRzb6Yy5SH1D5
         awzm2SQ8Wi46tAjNDofV6y3PljdOOWALyHCBZdi2AKGpVgK9YEMTxEO/3Ou29G6lqL/R
         WgnQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date;
        bh=wNZFoqKOpMDhkLXCbKf2Zkj332Nw4ZUvJeRWB4eRkxE=;
        b=n4gSLFoQuoBDZNFs6uy53TkWrj7OIVS3tCgPMXLEfCF8HNR6VZhvvwCWR3zQD75CJL
         VOzN66hV5kRtIjIdVZyNJHzsVy7Gj+pk3cJwS5zUHOAq8m3P3xEEg5h/PDe1nce92fqt
         Y3dv4JeEHF/B5jcwx5Bi9nhrC7wR2Lzr1FQUQe8LDzdqq1A7BICXNWIuGk9XjCRFFQX4
         jdlZUrXTF0qQVhqE5SwCvw/jhJ13Wlu8XxWMnTtrbLp3nHVPRMf5NemzZAH6O70BUQAI
         nPCpV+Zkdw2yg86ZUr+GTa8rpRSx9vpoigVjpKJ8kzRS1JlZEb38FbCadEPduDXaUqcH
         55XQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 30si13418678pgr.396.2018.11.11.11.02.55;
        Sun, 11 Nov 2018 11:03:11 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1729478AbeKLEvy (ORCPT <rfc822;hubert.jasudowicz@gmail.com>
        + 99 others); Sun, 11 Nov 2018 23:51:54 -0500
Received: from atrey.karlin.mff.cuni.cz ([195.113.26.193]:52644 "EHLO
        atrey.karlin.mff.cuni.cz" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1729405AbeKLEvy (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sun, 11 Nov 2018 23:51:54 -0500
Received: by atrey.karlin.mff.cuni.cz (Postfix, from userid 512)
        id 1B173806D6; Sun, 11 Nov 2018 20:02:29 +0100 (CET)
Date:   Sun, 11 Nov 2018 20:02:30 +0100
From:   Pavel Machek <pavel@ucw.cz>
To:     Andy Lutomirski <luto@amacapital.net>
Cc:     Borislav Petkov <bp@alien8.de>,
        Yu-cheng Yu <yu-cheng.yu@intel.com>, x86@kernel.org,
        "H. Peter Anvin" <hpa@zytor.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@redhat.com>, linux-kernel@vger.kernel.org,
        linux-doc@vger.kernel.org, linux-mm@kvack.org,
        linux-arch@vger.kernel.org, linux-api@vger.kernel.org,
        Arnd Bergmann <arnd@arndb.de>,
        Balbir Singh <bsingharora@gmail.com>,
        Cyrill Gorcunov <gorcunov@gmail.com>,
        Dave Hansen <dave.hansen@linux.intel.com>,
        Eugene Syromiatnikov <esyr@redhat.com>,
        Florian Weimer <fweimer@redhat.com>,
        "H.J. Lu" <hjl.tools@gmail.com>, Jann Horn <jannh@google.com>,
        Jonathan Corbet <corbet@lwn.net>,
        Kees Cook <keescook@chromium.org>,
        Mike Kravetz <mike.kravetz@oracle.com>,
        Nadav Amit <nadav.amit@gmail.com>,
        Oleg Nesterov <oleg@redhat.com>,
        Peter Zijlstra <peterz@infradead.org>,
        Randy Dunlap <rdunlap@infradead.org>,
        "Ravi V. Shankar" <ravi.v.shankar@intel.com>,
        Vedvyas Shanbhogue <vedvyas.shanbhogue@intel.com>
Subject: Re: [PATCH v5 04/27] x86/fpu/xstate: Add XSAVES system states for
 shadow stack
Message-ID: <20181111190230.GA2681@amd>
References: <20181011151523.27101-1-yu-cheng.yu@intel.com>
 <20181011151523.27101-5-yu-cheng.yu@intel.com>
 <20181108184038.GJ7543@zn.tnic>
 <20181111113103.GG27666@amd>
 <4E917DA9-5192-48E2-8857-08C3ABE08AFE@amacapital.net>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
        protocol="application/pgp-signature"; boundary="azLHFNyN32YCQGCU"
Content-Disposition: inline
In-Reply-To: <4E917DA9-5192-48E2-8857-08C3ABE08AFE@amacapital.net>
User-Agent: Mutt/1.5.23 (2014-03-12)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org


--azLHFNyN32YCQGCU
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sun 2018-11-11 06:59:24, Andy Lutomirski wrote:
>=20
>=20
> > On Nov 11, 2018, at 3:31 AM, Pavel Machek <pavel@ucw.cz> wrote:
> >=20
> > Hi!
> >=20
> >>> +/*
> >>> + * State component 12 is Control flow Enforcement kernel states
> >>> + */
> >>> +struct cet_kernel_state {
> >>> +    u64 kernel_ssp;    /* kernel shadow stack */
> >>> +    u64 pl1_ssp;    /* ring-1 shadow stack */
> >>> +    u64 pl2_ssp;    /* ring-2 shadow stack */
> >>=20
> >> Just write "privilege level" everywhere - not "ring".
> >=20
> > Please just use word "ring". It is well estabilished terminology.
> >=20
> > Which ring is priviledge level 1, given that we have SMM and
> > virtualization support?
>=20
> To the contrary: CPL, DPL, and RPL are very well defined terms in the arc=
hitecture manuals. =E2=80=9CPL=E2=80=9D is privilege level. PL 1 is very we=
ll defined.
>=20

"Priviledge level" is generic term. "CPL" I may recognize as
Intel-specific. "priviledge level" I would not. So I'd really use
"ring" there. "CPL 1 shadow stack" would be okay, too I guess.

> SMM is SMM, full stop (unless dual mode or whatever it=E2=80=99s called i=
s on, but AFAIK no one uses it).  VMX non-root CPL 1 is *still* privilege l=
evel 1.
>=20
> In contrast, the security community likes to call SMM =E2=80=9Cring -1=E2=
=80=9D, which is cute, but wrong from a systems programmer view. For exampl=
e, SMM=E2=80=99s CPL can still range from 0-3.
>=20

Regards,
									Pavel
--=20
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blo=
g.html

--azLHFNyN32YCQGCU
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEARECAAYFAlvofMYACgkQMOfwapXb+vI9WgCfSA5mLeg0dMNk4A/6IbLq/9Ih
RVoAnA4XuVV1d1EoMJO4lhfDC+rwf0qd
=xaDH
-----END PGP SIGNATURE-----

--azLHFNyN32YCQGCU--