Received: by 2002:a05:7412:8d10:b0:f3:1519:9f41 with SMTP id bj16csp1220937rdb; Wed, 6 Dec 2023 11:59:20 -0800 (PST) X-Google-Smtp-Source: AGHT+IESE4FYOSOJGuwaEw9vbcmoaaDleGorkNPjgf25mcqLFjHO0b9iDss2hAgJXTkrO1RXAgtu X-Received: by 2002:a05:6a20:9381:b0:18d:b43:78ea with SMTP id x1-20020a056a20938100b0018d0b4378eamr1666706pzh.43.1701892760325; Wed, 06 Dec 2023 11:59:20 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1701892760; cv=none; d=google.com; s=arc-20160816; b=EHe8a7Iw3jVXiruWFRN/xgfGOpbq2pEJoqq8fb/f3q+6UucuZSU9FvYjYF9l+/sRFN bOtkC8doiwYEuy+USjguHy7oVU6rQ5+yz5s9aq0Rh3TOyrfYxzU+wYhCFrSsOYd2L2rm 0UM2r5t/VmV9zNzElLaJ7/y3hPRgUt4VL/SurCOo6LkJFLI891weDpoHrM87o/NIQw7I GaYRT9AEXWNuZesRo/bCc2fP44ryCBuEAXrORhhYmN9S9CURzFibY2qK+4UM0hUNDci8 UrCeRKxA0nGmTzQPWxQU5ifekWKWa/UNUlxa8PvUJofz2AYL4wZAdyJrUjh+qJzL/KC0 k5Pg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=Y3MVaLAQQ+8IH1t0woX8XXUKr5UkxZE7+TDCaXdlmH8=; fh=Afnj5KAgk7YYY8Tiv2EyW2CW13RClrLdITUyQxXL/kc=; b=F4X+o53zfcSm4Qu4G8FRiCORiC4LujS1S455vu7gFI0Ha6IUGv6XP9A0hKLIRV2gIw ICcGRlY52F6KerJFLakUPRCwP8uInJaNwZk7KBsVn/a6lNhkenUFfeulSHABVqglmcK4 B78XuBR233+o+ZUIXO+kLETaVg9Gmcmybkv2uX69O0srg5HJJIBvy4qCUPaT6RnXxVm3 bhyPFC6fSjocfozGoW842fZDARrn3L4ER9PqsfSPV6wxFOhR9uY9THDKqDH1/wPeF+gy 2DZF7JdgIKp6o1btDHXp+aFjvJcduiqq7i9VC6ierDR/2kAD6eOwDrcC55FvQLglT+3V mh0w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=ZBGqcGZb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from howler.vger.email (howler.vger.email. [2620:137:e000::3:4]) by mx.google.com with ESMTPS id r185-20020a632bc2000000b00585463c36fbsi408866pgr.44.2023.12.06.11.59.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 06 Dec 2023 11:59:20 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) client-ip=2620:137:e000::3:4; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=ZBGqcGZb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by howler.vger.email (Postfix) with ESMTP id 93FCF83B009B; Wed, 6 Dec 2023 11:59:17 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at howler.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1442822AbjLFT7D (ORCPT + 99 others); Wed, 6 Dec 2023 14:59:03 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53206 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1379434AbjLFT7C (ORCPT ); Wed, 6 Dec 2023 14:59:02 -0500 Received: from mail-lf1-x132.google.com (mail-lf1-x132.google.com [IPv6:2a00:1450:4864:20::132]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E92E2FA; Wed, 6 Dec 2023 11:59:07 -0800 (PST) Received: by mail-lf1-x132.google.com with SMTP id 2adb3069b0e04-50bfd3a5b54so201162e87.3; Wed, 06 Dec 2023 11:59:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1701892746; x=1702497546; darn=vger.kernel.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=Y3MVaLAQQ+8IH1t0woX8XXUKr5UkxZE7+TDCaXdlmH8=; b=ZBGqcGZbHIZxjuU4F9cm4eNEBrFykJjAapqrwOKzzNW3/SZzK78F3/5VsVzei1P6RU wcq9a/CqqWtBJLzIl4tD3h7gUDoGqQx+VOIKjO4y3H3M5uZ5jqjheiunP0KTHHiaHacT wnNzLKggUj7zv5cMuwlf6SEPRyFhQvB5evDMepCz0G/jaHTgnJXz04fgGm9GyqIEIH0F ZVikEn1iiAjtmnM1YP5+yz2D9PKtNe3hINBerHh3kHrdSGqF/215Khp7nmB5TNSZvCJs HrzKbtcW18HanV36jcwXBT3wq/iW9+2JxzlY+z9oxDdA7b1b/xFs+4YGTs7Zq2XqWguv pQPA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701892746; x=1702497546; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Y3MVaLAQQ+8IH1t0woX8XXUKr5UkxZE7+TDCaXdlmH8=; b=aL+moYpFZXU34LDhzvy7akMYTyIL+iXMbpIYXL6dKDYmD5NQkU0dm9MG9APt43Pv9B eS8osdLGzhGvddOn/jJPUOTyv50T4bs902wu9kA9CTquTiHsuipqsaflf2aoCnymfgCj ku4Ef4RtOrQkLjdolmi/k28mewMKHF9UmahbZKh52MUguZhfZtCuDlEmYBDo/xC/QET7 SeAHMFkdN5W1wKPMntnKhyivyTLuwcbOH9YN2weQlYGuLpC5IcwEr4AYxmGzChjvQVIX fX4+AWd3aG67/VI6WYTmhfK5TUd8GudziXSrqJ5JwYzXHRUGlbc7F+5M2SVKIwIBKLTu eW5w== X-Gm-Message-State: AOJu0Yy3uqLolAE1eZnF7dYtKb+TeUMgZIPLYEAoTKsrA1ug7eQIIXqc ILeT3H5B/K/jBXf35HXJPWZDqNQRfWQfcseggw== X-Received: by 2002:a05:6512:158e:b0:50c:6b:f180 with SMTP id bp14-20020a056512158e00b0050c006bf180mr812498lfb.56.1701892745640; Wed, 06 Dec 2023 11:59:05 -0800 (PST) MIME-Version: 1.0 References: <20231205105030.8698-1-xin3.li@intel.com> <20231205105030.8698-27-xin3.li@intel.com> <4e41b658-f49e-424c-8a86-08c8ab8e384d@citrix.com> In-Reply-To: From: Brian Gerst Date: Wed, 6 Dec 2023 14:58:54 -0500 Message-ID: Subject: Re: [PATCH v13 26/35] x86/fred: FRED entry/exit and dispatch code To: "Li, Xin3" Cc: "andrew.cooper3@citrix.com" , "linux-doc@vger.kernel.org" , "linux-kernel@vger.kernel.org" , "linux-edac@vger.kernel.org" , "linux-hyperv@vger.kernel.org" , "kvm@vger.kernel.org" , "xen-devel@lists.xenproject.org" , "tglx@linutronix.de" , "mingo@redhat.com" , "bp@alien8.de" , "dave.hansen@linux.intel.com" , "x86@kernel.org" , "hpa@zytor.com" , "Lutomirski, Andy" , "pbonzini@redhat.com" , "seanjc@google.com" , "peterz@infradead.org" , "Gross, Jurgen" , "Shankar, Ravi V" , "mhiramat@kernel.org" , "jiangshanlai@gmail.com" , "nik.borisov@suse.com" , "Kang, Shan" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-0.6 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on howler.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (howler.vger.email [0.0.0.0]); Wed, 06 Dec 2023 11:59:17 -0800 (PST) On Wed, Dec 6, 2023 at 2:19=E2=80=AFPM Li, Xin3 wrote: > > > >>> + case X86_TRAP_OF: > > >>> + exc_overflow(regs); > > >>> + return; > > >>> + > > >>> + /* INT3 */ > > >>> + case X86_TRAP_BP: > > >>> + exc_int3(regs); > > >>> + return; > > >> ... neither OF nor BP will ever enter fred_intx() because they're > > >> type SWEXC not SWINT. > > > Per FRED spec 5.0, section 7.3 Software Interrupts and Related Instru= ctions: > > > INT n (opcode CD followed by an immediate byte): There are 256 such > > > software interrupt instructions, one for each value n of the immediat= e > > > byte (0=E2=80=93255). > > > > > > And appendix B Event Stack Levels: > > > If the event is an execution of INT n (opcode CD n for 8-bit value n)= , > > > the event stack level is 0. The event type is 4 (software interrupt) > > > and the vector is n. > > > > > > So int $0x4 and int $0x3 (use asm(".byte 0xCD, 0x03")) get here. > > > > > > But into (0xCE) and int3 (0xCC) do use event type SWEXC. > > > > > > BTW, into is NOT allowed in 64-bit mode but "int $0x4" is allowed. > > > > There is certainly fun to be had with CD 03 and CD 04 byte patterns, bu= t if you > > meant to mean those here, then the comments are wrong. > > > > Vectors 3 and 4 are installed with DPL3 because that is necessary to ma= ke CC and > > CE function in userspace. It also suggests that the SWINT vs SWEXC dis= tinction > > was retrofitted to architecture after the 286, because exceptions don't= check DPL > > and ICEBP delivers #DB from userspace even when Vector 1 has a DPL of 0= . > > > > While CC is for most cases indistinguishable from CD 03, CE behaves ent= irely > > differently to CD 04. CD 04 doesn't #UD in 64bit mode, and will trigge= r > > exc_overflow() irrespective of the state of EFLAGS.OF. > > > > > > The SDM goes out of it's way to say not to use the CD 03 byte pattern (= and it > > does take effort to emit this byte pattern - e.g. GAS will silently tra= nslate "int $3" > > to "int3"), and there's no plausible way software is using CD 04 in pla= ce of CE. > > > > So why do we care about containing to make mistakes of the IDT era work= in a > > FRED world? > > First, I agree with you because it makes things simple and neat. > > However, the latest SDM and FRED spec 5.0 both doesn't disallow it, so it > becomes an OS implementation choice. > > > > > Is there anything (other than perhaps the selftests) which would even n= otice? > > I'm just conservative :) > > If a user app can do it with IDT, we should still allow it when FRED is > enabled. But if all key stakeholders don't care whatever gets broken > due to the change and agree to change it. One case to consider is Windows software running under Wine. Anti-tampering code has been known to do some non-standard things, like using ICEBP or using SYSCALL directly instead of through system DLLs. Keeping the status quo should be preferred, especially if Microsoft does the same. Brian Gerst