Received: by 2002:a05:7412:361b:b0:f9:2edb:3e4d with SMTP id ie27csp36979rdb; Sun, 17 Dec 2023 13:10:44 -0800 (PST) X-Google-Smtp-Source: AGHT+IERBsFdSPnGD8sbZWF6ZbuXgpqegPl9vXKpbu1qL3PNXwFl2Vfe61fypvVvUppJAJEQXjij X-Received: by 2002:a05:620a:2724:b0:77e:fba4:3a36 with SMTP id b36-20020a05620a272400b0077efba43a36mr19390374qkp.140.1702847444607; Sun, 17 Dec 2023 13:10:44 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1702847444; cv=none; d=google.com; s=arc-20160816; b=j7GA59gMq0wmSxRaMy22qK0HU1dHqNQ3I5BFwGAVPuUnd7pbgRR1hyDLD8tyARfBw4 107+Kye/i9lVIWhUmjDIs0Mwi9SuHULmo0PpYbHj2srBEAtxk8RH92IixvKR7f120Q84 uUL/s6aWUUbg7wzNrNq+aGtUf4cO8SSdnxBx6gkyjxbCYAqwhktt0ODxNXjd8luBLp5m KPl/XiZRLOXXskuIogIu03TQr4t8K/mFdCFrIl/IoBHzgbNDuLh/8K4BqFOuYDze0SUg blxfN8QQXNlYxG7tIiQldVL2MKDP5ALmEFjle8eOWOXGfslCU0X+tyIpufXbs6Y457CX OkIA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:message-id:references:in-reply-to :user-agent:subject:cc:to:from:date:dkim-signature:dkim-filter; bh=KdPuOoPgErrSBVmW7yfmqp9/uMOdEbu6olafAGTTIeQ=; fh=5NhcMJ39C01GrlHkie5K8/G+eKoCnnDFzWXw8Mrbd48=; b=zSdKrXJdo6canjI5adCbWQQs/KMI7ToEKxEH+YUfFtkDVfUUTOPFRWuUfiw3bv/uC2 zuMO/9tjUBDY7FjcwsCWkUmDMxqRdKUJ57DhN3Y5AwC/9cnxVGtuas1IVF5HIA4JqDFu lh5piKxfsUpcLtGK89va88RGIdressdNBusKgjuYzVRMl6RaEHWOmJQtKRxAb4OnUoKO YhOwwzIvgBauaGyAoNpPAlMCbKJ1+4BNqYCyGgII/iotPCIS5WOQOnx4i7HAEzflT+JY 4oLkrR1CSZ40DQmXiVBH2rm7KKOuLK1PGhtL1Hyy3XHziUngVp9614Y/M2SWXaVwKrKh gkKQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@zytor.com header.s=2023121201 header.b=CsbKKpV3; spf=pass (google.com: domain of linux-kernel+bounces-2819-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-2819-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zytor.com Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id t19-20020a05620a451300b0077d63b7dfdesi23312286qkp.113.2023.12.17.13.10.44 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 17 Dec 2023 13:10:44 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-2819-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@zytor.com header.s=2023121201 header.b=CsbKKpV3; spf=pass (google.com: domain of linux-kernel+bounces-2819-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-2819-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zytor.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 5C82B1C20AD1 for ; Sun, 17 Dec 2023 21:10:44 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 6F6E54B14B; Sun, 17 Dec 2023 21:09:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=zytor.com header.i=@zytor.com header.b="CsbKKpV3" X-Original-To: linux-kernel@vger.kernel.org Received: from mail.zytor.com (terminus.zytor.com [198.137.202.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 326294B131 for ; Sun, 17 Dec 2023 21:09:52 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=zytor.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=zytor.com Received: from [127.0.0.1] ([76.133.66.138]) (authenticated bits=0) by mail.zytor.com (8.17.2/8.17.1) with ESMTPSA id 3BHL9P3c403970 (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO); Sun, 17 Dec 2023 13:09:26 -0800 DKIM-Filter: OpenDKIM Filter v2.11.0 mail.zytor.com 3BHL9P3c403970 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zytor.com; s=2023121201; t=1702847366; bh=KdPuOoPgErrSBVmW7yfmqp9/uMOdEbu6olafAGTTIeQ=; h=Date:From:To:CC:Subject:In-Reply-To:References:From; b=CsbKKpV3TlXtICMMuIxbvG7qq7WP0zBTr86nL3DsVmU43uXWlzBk0QwZDmbGW8u47 oHCw0tOT63Kv71CwJSFdRfCQtiBTqJPp7TGfdv58NVvUJ3/a+cC89FzpdrZ4s1tQes IImRDGZtyEVFMLlrmltYFnrXnbZrSRfIlREegFMeFEy+qZKd7qHsgKbiVu6ZeNrwUD DVeNP1TwhR3HklfyrIs303MInwTALfTfAaUoApcD94n0gnP51uNkDajWHScwIVB7E2 soLquXrHZVMFodI/2JdIphPZMtVamC8U5NlGlnnfQJ37xROrTMfMUfgfGbZl+WXvIB GRevEgX5+JVvw== Date: Sun, 17 Dec 2023 13:09:20 -0800 From: "H. Peter Anvin" To: Linus Torvalds , Brian Gerst CC: linux-kernel@vger.kernel.org, x86@kernel.org, Ingo Molnar , Thomas Gleixner , Borislav Petkov , Peter Zijlstra Subject: Re: [PATCH 1/3] x86: Move TSS and LDT to end of the GDT User-Agent: K-9 Mail for Android In-Reply-To: References: <20231213163443.70490-1-brgerst@gmail.com> <20231213163443.70490-2-brgerst@gmail.com> Message-ID: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On December 13, 2023 10:51:11 AM PST, Linus Torvalds wrote: >On Wed, 13 Dec 2023 at 08:34, Brian Gerst wrote: >> >> This will make testing for system segments easier=2E > >It seems to make more sense organizationally too, with the special >non-data/code segments clearly separate at the end=2E > >So I think this is fine conceptually=2E > >HOWEVER, I think that you might want to expand on this a bit more, >because there are other special segments selectors that might not be >thing you want to expose to user space=2E > >We have GDT_ENTRY_PERCPU for example, which is a kernel-only segment=2E >It also happens to be 32-bit only, it doesn't matter for the thing >you're trying to fix, but that valid_user_selector() thing is then >used on x86-32 too=2E > >So the ESPFIX and per-cpu segments are kernel-only, but then the VDSO >getcpu one is a user segment=2E > >And the PnP and APM BIOS segments are similarly kernel-only=2E > >But then the VDSO getcpu segment is user-visible, in the middle, and >again, it's 32-bit only but that whole GDT_SYSTEM_START thing is >supposed to work there too=2E > >End result: this seems incomplete and not really fully baked=2E > >I wonder if instead of GDT_SYSTEM_START, you'd be better off just >making a trivial constant bitmap of "these are user visible segments >in the GDT"=2E No need to re-order things, just have something like > > #define USER_SEGMENTS_MASK \ > ((1ul << GDT_ENTRY_DEFAULT_USER_CS) | > ,,,, > >and use that for the test (remember to check for GDT_ENTRIES as the max)= =2E > >Hmm? > > Linus Somewhat unrelated: X86_BUG_ESPFIX should just be deleted, as we aren't ac= tually ever cleaning it=2E All current x86 processors have that problem (un= til FRED)=2E