Received: by 2002:a25:868d:0:0:0:0:0 with SMTP id z13csp142526ybk; Tue, 19 May 2020 17:57:18 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzAGMgf8cbesp32p/xmDzjxJIULwp0PEvd2JzEgHZaEKXzQ70w0iKdbfmkuKYjDtdAETiZn X-Received: by 2002:a05:6402:144a:: with SMTP id d10mr1129330edx.67.1589936237833; Tue, 19 May 2020 17:57:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1589936237; cv=none; d=google.com; s=arc-20160816; b=u9IJdYQZVEMgy+VGnp2BUpOTvB25oRBrTiG5XnfwRlxKmpGScre6k3GhpdMHrPk1Zr mC+eo0hV/Vh11rcuu8xodCV4lqIbkmXCepo0mR+hvNk6VCICYONRO3RHLgKIAXT8KWRe DNH5BGYPU6m8PYXarwbcCntBOJkKibWRwUxh22/MyVOWglMAH82tyj0PAer8n7o1hOl9 7FP6NY3O1ljHhzhp+jSXh3YspGdlOGBz2Nb+IuOJDPoMb9zN4Rz6onNoMK+Vw8qRv0TJ qo5dSXmX6pKKMqex0RFU9UrjjMlDNT9AxfNWElKxeJx4/Y5Omfbx7dsEUMnxOK2h2Q9q OjJw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=9URx/2z6T3Wr0ztXHd8f6VnA+4wMBRiUrqqS9yNJBZM=; b=gnSoE3ot8jnDzlv34mzAjvyv93444yceWO7KgncX3Rxbg0SkGSCtblII7v9H62R+b/ 4dw+tFhLjxbtffEa0IXIMqU5DCp2+bSwv1SfVXwl8dB+Yl+82Le2ixwaoBHSXnJ6QK5p /OzTum7CLtYT8ZHT38Ovf1tQJAWLkApIuU3aFsRGjrXSd3FoXIbwifa2vcDDrWaHUjwk MgsMyxjosEVx3tKGq0IR7Nixw0Iw1qoBUoNmibjPDlftcCnqjcqA+51JVAdk4h8632DI ddtMEN3JrepZlCARnNG5UM5LTP2dHx/WBUl5I/xn9t08h7jBBExH8Z3viYgft7WQiwpl uaFA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=t0hfJFzW; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id i7si497790edb.520.2020.05.19.17.56.54; Tue, 19 May 2020 17:57:17 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=t0hfJFzW; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728297AbgETAzI (ORCPT + 99 others); Tue, 19 May 2020 20:55:08 -0400 Received: from mail.kernel.org ([198.145.29.99]:57574 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726178AbgETAzH (ORCPT ); Tue, 19 May 2020 20:55:07 -0400 Received: from mail-wm1-f45.google.com (mail-wm1-f45.google.com [209.85.128.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id C3E3720884 for ; Wed, 20 May 2020 00:55:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1589936107; bh=/WRbqgr69Owc1uGYRjM9oJ4jDke4SdZIBLYILg0ZDDE=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=t0hfJFzWfq/w6UG6MnwL6b5jOzIYBCpP8UsZY6guk3UyHqpOX4JVfHwqCChgE5Z0b aHx0UuiSn6eMFx/rpB9pmUo3L+vycvQoTUOUDprwE0psWvSLlvvyMO8+Cp4PP+Lhu4 QVzlwQQWs2Ab7sfaLmg1OdWQcoMjgXfvWXECEulU= Received: by mail-wm1-f45.google.com with SMTP id m12so1023862wmc.0 for ; Tue, 19 May 2020 17:55:06 -0700 (PDT) X-Gm-Message-State: AOAM532SdIYq8BNu123SEkBAUgTL6FWIlQG114PqXDaNQG6CphYp8TVH Nb+vd6htdGNTs2+7y0CKe9aaQRh9llvFIkBkpLrMnw== X-Received: by 2002:a05:600c:2299:: with SMTP id 25mr2053994wmf.138.1589936105183; Tue, 19 May 2020 17:55:05 -0700 (PDT) MIME-Version: 1.0 References: <20200519143815.cpsd2xfx2kl3khsq@wrt> <2330FAB4-A6CE-49E7-921C-B7D55763BDED@codeweavers.com> <20200519194320.GA25138@ranerica-svr.sc.intel.com> In-Reply-To: <20200519194320.GA25138@ranerica-svr.sc.intel.com> From: Andy Lutomirski Date: Tue, 19 May 2020 17:54:53 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: umip: AMD Ryzen 3900X, pagefault after emulate SLDT/SIDT instruction To: Ricardo Neri Cc: Brendan Shanks , Andreas Rammhold , Thomas Gleixner , Ingo Molnar , Borislav Petkov , X86 ML , "H. Peter Anvin" , "Eric W. Biederman" , Sergey Senozhatsky , Babu Moger , Kefeng Wang , Jason Yan , LKML Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, May 19, 2020 at 12:43 PM Ricardo Neri wrote: > > On Tue, May 19, 2020 at 11:56:40AM -0700, Brendan Shanks wrote: > > > > > On May 19, 2020, at 7:38 AM, Andreas Rammhold wr= ote: > > > > > > Hi, > > > > > > I've been running into a weird problem with UMIP on a current Ryzen > > > 3900x with kernel 5.6.11 where a process receives a page fault after = the > > > kernel handled the SLDT (or SIDT) instruction (emulation). > > > > > > The program I am running is run through WINE in 32bit mode and tries = to > > > figure out if it is running in a VMWare machine by comparing the resu= lts > > > of SLDT against well known constants (basically as shown in the > > > [example] linked below). > > > > > > In dmesg I see the following log lines: > > >> [99970.004756] umip: Program.exe[3080] ip:4373fb sp:32f3e0: SIDT ins= truction cannot be used by applications. > > >> [99970.004757] umip: Program.exe[3080] ip:4373fb sp:32f3e0: For now,= expensive software emulation returns the result. > > >> [99970.004758] umip: Program.exe[3080] ip:437415 sp:32f3e0: SLDT ins= truction cannot be used by applications. > > > > > > Following that the process terminates with a page fault: > > >> Unhandled exception: page fault on read access to 0xffffffff in 32-b= it code (0x0000000000437415). > > > > > > Assembly at that address: > > >> 0x0000000000437415: sldt 0xffffffe8(%ebp) > > > > > > Running the same executable on the exact same kernel (and userland) b= ut > > > on a Intel i7-8565U doesn't crash at this point. I am guessing the > > > emulation is supposed to do something different on AMD CPUs? > > I am surprised you don't see it on the Intel processor. Maybe it does > not have UMIP. Do you see umip when you do > > $ grep umip /proc/cpuinfo > > ? > > > > > > On the Ryzen the code executes successfully after setting CONFIG_X86_= UMIP=3Dn. > > > > Hi Andreas, > > > > The problem is that the kernel does not emulate/spoof the SLDT instruct= ion, only SGDT, SIDT, and SMSW. > > SLDT and STR weren't thought to be commonly used, so emulation/spoofing= wasn=E2=80=99t added. > > In the last few months I have seen reports of one or two (32-bit) Windo= ws games that use SLDT though. > > Can you share more information about the application you=E2=80=99re run= ning? > > > > Maybe the best path is to add kernel emulation/spoofing for SLDT and ST= R on 32 and 64-bit, just to cover all the cases. It should be a pretty simp= le patch, I=E2=80=99ll start working on it. > > I have a patch for this already that I wrote for testing purposes: > > https://github.com/ricardon/tip/commit/1692889cb3f8accb523d44b682458e234b= 93be50 > > Perhaps it can be used as a starting point? Not sure what the spoofing > value should be, though. Perhaps 0? Possibly SLDT should return nonzero if there's an LDT. --Andy