Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp6238977ybv; Wed, 12 Feb 2020 08:29:14 -0800 (PST) X-Google-Smtp-Source: APXvYqzvpkr/RUMGGl6yWzgnekRSDHxvoaXLc1nZbo9IVVLD3dkWX78I/uTiHSmE2eyEqKUw9w0T X-Received: by 2002:a05:6808:a83:: with SMTP id q3mr6944075oij.0.1581524954296; Wed, 12 Feb 2020 08:29:14 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1581524954; cv=none; d=google.com; s=arc-20160816; b=Kr4F8gU83ABSDn29yUyNaZAeuZq4pAogKJap61z6E5ptxgKlNokpI9rgSsgBRG5RTh 2TuLsoBvibCKzrnZatrpeB66eJb7I5417a63mid3bPFbWjPpBCE8gj0nYieCZ+V5fClZ 3zu2DhZPWffxnl8Fejqdt9tHFYGrPLbhxRP849DlbzmwHW1CdJwShwLA3jkHr4EMQjS8 y0wuTdHomrKxbDi4+AvdqSONzla+rKJiUifemVWvw+l0cfF8eIgyPKmrr5CgttzHlP8L /v9+EhLI/zdLCI7uumW6/aATo1zafhAjEhX2DHSv9AjWYdQ8p8BI1t9e9J0iuM41sYi3 YUEQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject; bh=UF99khqY6I9Eji/tI82cfgDt6rtQcDrveBMQMbIbwhw=; b=Qe3H/m9aRY0IAmF/cqjYuNph1nqbXYPQzm4JnEy3yZSxCyiLE0bXn2z9j8kpmTZemM uLJ1mp8rt4HfIz+Eba56T+vEIC3gP0x8KHLdm+Pg9S/0y35ZhJuKdbjF6Htk6G+x483A zDQgOlQu5Lp+RWV0tQmUsn/opCVMuP7dp23CXQUB0OqAaOkYqcUkQUmI78z37rf6WyPd NsQNkkrtxCswK6crTFMaBbjTPC5aLnXW3lth4V7QSZIrGSq8HFWMJh+iYQKGbK3wK6Xz J3mqCt7iBItnYMeun8B1PoQFrQsF+OSr2Ugh4Hcu0JG5hqChA9co6med20dwe8pHoyUp 1tRg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h139si3199275oib.85.2020.02.12.08.29.01; Wed, 12 Feb 2020 08:29:14 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728575AbgBLQ2Z (ORCPT + 99 others); Wed, 12 Feb 2020 11:28:25 -0500 Received: from mx2.suse.de ([195.135.220.15]:42408 "EHLO mx2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728226AbgBLQ2Z (ORCPT ); Wed, 12 Feb 2020 11:28:25 -0500 X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (unknown [195.135.220.254]) by mx2.suse.de (Postfix) with ESMTP id A042FB071; Wed, 12 Feb 2020 16:28:23 +0000 (UTC) Subject: Re: [PATCH 23/62] x86/idt: Move IDT to data segment To: Andy Lutomirski , Joerg Roedel Cc: Andy Lutomirski , X86 ML , "H. Peter Anvin" , Dave Hansen , Peter Zijlstra , Thomas Hellstrom , Jiri Slaby , Dan Williams , Tom Lendacky , Kees Cook , LKML , kvm list , Linux Virtualization , Joerg Roedel References: <20200212115516.GE20066@8bytes.org> From: =?UTF-8?B?SsO8cmdlbiBHcm/Dnw==?= Message-ID: <879ace44-cee3-98aa-0dff-549b69355096@suse.com> Date: Wed, 12 Feb 2020 17:28:21 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.2.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 12.02.20 17:23, Andy Lutomirski wrote: > > >> On Feb 12, 2020, at 3:55 AM, Joerg Roedel wrote: >> >> On Tue, Feb 11, 2020 at 02:41:25PM -0800, Andy Lutomirski wrote: >>>> On Tue, Feb 11, 2020 at 5:53 AM Joerg Roedel wrote: >>>> >>>> From: Joerg Roedel >>>> >>>> With SEV-ES, exception handling is needed very early, even before the >>>> kernel has cleared the bss segment. In order to prevent clearing the >>>> currently used IDT, move the IDT to the data segment. >>> >>> Ugh. At the very least this needs a comment in the code. >> >> Yes, right, added a comment for that. >> >>> I had a patch to fix the kernel ELF loader to clear BSS, which would >>> fix this problem once and for all, but it didn't work due to the messy >>> way that the decompressor handles memory. I never got around to >>> fixing this, sadly. >> >> Aren't there other ways of booting (Xen-PV?) which don't use the kernel >> ELF loader? > > Dunno. I would hope the any sane loader would clear BSS before executing anything. This isn’t currently the case, though. Oh well. Xen-PV is clearing BSS as the very first action. Juergen