Received: by 2002:a89:48b:0:b0:1f5:f2ab:c469 with SMTP id a11csp592787lqd;
        Wed, 24 Apr 2024 10:54:09 -0700 (PDT)
X-Forwarded-Encrypted: i=3; AJvYcCXO7gYVqKJdRCXmTtwdauOrqtQDTdZer0sBJgxqPQl3r10qnOnDh+QISmCpf+qgFD9SlLQS7ouyPAoPlavMxuW/93gK5YiRt4/ch0eYRQ==
X-Google-Smtp-Source: AGHT+IGcp2z7z5iRIcldaXdMjtO8rJxkHmJJjmAAG9xV6WIwvPP65uUIF3Kc3tYf8Y50F0YG2Xjo
X-Received: by 2002:a17:902:eaca:b0:1e4:c75e:aae2 with SMTP id p10-20020a170902eaca00b001e4c75eaae2mr3596548pld.59.1713981248891;
        Wed, 24 Apr 2024 10:54:08 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1713981248; cv=pass;
        d=google.com; s=arc-20160816;
        b=y03SWyIM80jI3g+oZQTiUUoabfxSW9PN2jd1o48BfEobA4HbX57YA4VY2nzqW3D2Tu
         EiExRGELA8zoEHkSfZe0uzrfiu7JgicXcs/bqsWF7K6dZEHTkcZtpXL6vRi8YQ2IJIC8
         +vuP/EWSBqsK+lrvNwx9b4NaR0/3u6DdtL5Nl1yAupCKZ2WCcjkofdO/cQ3L0h70+7Yt
         TUMhC/uWiA01iPANAxipoqgihFJ6m/70umfLNQKgyDyZxVlUoQv5cEcpoSggYZ8U+m1y
         f75f8QrL7PIihWA/iqe924uP0jSe2+gT82VeIpSQS7Sv5yNaq604EAq227LhbJHwDCHs
         QNXg==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:list-unsubscribe:list-subscribe
         :list-id:precedence:dkim-signature;
        bh=H3xbHAyn16vTBtwRgYRx82/2kx6yE2xI2kdOWcMXXtc=;
        fh=bJh78YDpy9u/23y3XKn2NyBRrNRGklHrLooQJuD5YLU=;
        b=Kw6E0RAb/2+tvqP271fdsfRfNMYozTW9CTi21sPMyz6znzF0MFooEaqYX9ebTvFChQ
         0EEoletdaa1+kpM8mzlqAWK4p77iiAQaiz/lIeSM+plNkNUnBTO79qmSsXo5r1mNQ/75
         5Oi05u4xkctha0MMr9JWmIH9iiOXN+H+SgUe8dV8o7zPWjFdtcqp7f2fS9ngzIPrIItb
         Sb8XX5TNUJY+svVyMCgGS+Y/dFWB0Tb9Cnr1OAg0lBV2pSruJilscljKhYKczRHm34sL
         Guo/OjZGnCu4rhrwVb111kftkw0I5xNYttPY48WtFH5UKTYPhczLoO2E/rV5qu00sWJ1
         Qhdw==;
        dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=K7TJbDT+;
       arc=pass (i=1 dkim=pass dkdomain=kernel.org);
       spf=pass (google.com: domain of linux-kernel+bounces-157423-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-157423-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel+bounces-157423-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99])
        by mx.google.com with ESMTPS id e12-20020a170902cf4c00b001e4b20b9f97si11785412plg.646.2024.04.24.10.54.08
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 24 Apr 2024 10:54:08 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel+bounces-157423-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=K7TJbDT+;
       arc=pass (i=1 dkim=pass dkdomain=kernel.org);
       spf=pass (google.com: domain of linux-kernel+bounces-157423-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-157423-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by sv.mirrors.kernel.org (Postfix) with ESMTPS id 67E1A287501
	for <linux.lists.archive@gmail.com>; Wed, 24 Apr 2024 17:53:35 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id 0EB8C16D9B9;
	Wed, 24 Apr 2024 17:53:22 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="K7TJbDT+"
Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3169516D9AC
	for <linux-kernel@vger.kernel.org>; Wed, 24 Apr 2024 17:53:20 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1713981201; cv=none; b=i1SL0fZpQk5ec4GypJePP6zTEngmOvm5vGQ9+oumMPWtH6zXb/9XM7dJ5MU5pjv04U9T41LJ2S3NdDsGmOBp6SIk7/4kODhHdFdRri1PwjePCSQvSHcxPdnLPdrPaORzVQ3QmVZupqH0qfJayBSMkQCfRauKup790v7MnTYNTXY=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1713981201; c=relaxed/simple;
	bh=+Y1ZPNAOnvDD7u2fc6pjhcGl3M0GcN9oDhwji0epk0g=;
	h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject:
	 To:Cc:Content-Type; b=R4KAnV+E8TzaKJr7FZE1cXOhUdJfpU8N4TbofQm/DPjXahpXx4f2kd0WSXXQZlr9XtczBpGBE9ADE5iKIY25iCDOR+UN2W32dCR6CwZVRehVqDnB4QdgfjNh+byAyuK9abU/5KRiMKwE/jEpvaJanoA3gcT2NPB5rNNANOf8RXI=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=K7TJbDT+; arc=none smtp.client-ip=10.30.226.201
Received: by smtp.kernel.org (Postfix) with ESMTPSA id AF568C3277B
	for <linux-kernel@vger.kernel.org>; Wed, 24 Apr 2024 17:53:20 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1713981200;
	bh=+Y1ZPNAOnvDD7u2fc6pjhcGl3M0GcN9oDhwji0epk0g=;
	h=References:In-Reply-To:From:Date:Subject:To:Cc:From;
	b=K7TJbDT+N7svbG0vpuJ3tinrPlxPbSpYLtp0tmTSJJxEF8lWXbS4ZfQQ0yKa0gmIX
	 G22Me/FlYTVzNGx5XyXeq69E0TzV+ijG6TpTUM7Om01z/UunwKHVan0O5RCvguFWIE
	 hkNVdxtgOhfIpTSaQQFJIwINDUlvVWtMMYvkarw6xXoycLrMY27DMHWrW4kqJToyMk
	 ifIg+3psk4vZkqYnj4Cn7SV7pQ96PD14TJXtnXQmm2NFzDPsAM7V5oTXN37qJrYhHN
	 jzmpmnfKs4zJ3by7heppEANiCFdmYCrgc7pxxNot/SAnjeE4L42BvFiNFHXfgw2193
	 IBzCAWpeTVTIQ==
Received: by mail-lj1-f181.google.com with SMTP id 38308e7fff4ca-2de233961caso788881fa.3
        for <linux-kernel@vger.kernel.org>; Wed, 24 Apr 2024 10:53:20 -0700 (PDT)
X-Forwarded-Encrypted: i=1; AJvYcCU7ELTyXWjtMleAGciWbLx43baoNO7nG/UIQ/p+kUWq325e/HV7ilrWcS+pwg4PWwQlQ4JMdPrzIJESfeY82gzXPWzYOULtIGUOJDY3
X-Gm-Message-State: AOJu0Yx9diJ+nSrSxXGlFBI666CFeUCacD/nZkWMyjHdi3IYLG/UjooZ
	Kb+6TNvIaawbFhzmOmf/+SORkoh6FDV+I/SlEeGjewDNkzH9b/d1GEotuaIDh7tg44T4+rrfbeK
	i8W+KbAyUGLiRW7m5zA0rLkGclLo=
X-Received: by 2002:a2e:a602:0:b0:2da:a3ff:5254 with SMTP id
 v2-20020a2ea602000000b002daa3ff5254mr2795618ljp.1.1713981198934; Wed, 24 Apr
 2024 10:53:18 -0700 (PDT)
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
References: <20240424155309.1719454-11-ardb+git@google.com>
 <20240424155309.1719454-15-ardb+git@google.com> <CAMzpN2g3E3Pj1wso0rUR5EWrHqTuUePsOWcQGf29wNkMa0+G3w@mail.gmail.com>
In-Reply-To: <CAMzpN2g3E3Pj1wso0rUR5EWrHqTuUePsOWcQGf29wNkMa0+G3w@mail.gmail.com>
From: Ard Biesheuvel <ardb@kernel.org>
Date: Wed, 24 Apr 2024 19:53:06 +0200
X-Gmail-Original-Message-ID: <CAMj1kXE4f7UERE-x4CghW3=wQrvT1b2ODRSX3z6QAoy_wSJjiw@mail.gmail.com>
Message-ID: <CAMj1kXE4f7UERE-x4CghW3=wQrvT1b2ODRSX3z6QAoy_wSJjiw@mail.gmail.com>
Subject: Re: [RFC PATCH 4/9] x86/purgatory: Avoid absolute reference to GDT
To: Brian Gerst <brgerst@gmail.com>
Cc: Ard Biesheuvel <ardb+git@google.com>, linux-kernel@vger.kernel.org, x86@kernel.org, 
	Arnd Bergmann <arnd@arndb.de>, Eric Biederman <ebiederm@xmission.com>, kexec@lists.infradead.org, 
	Nathan Chancellor <nathan@kernel.org>, Nick Desaulniers <ndesaulniers@google.com>, 
	Kees Cook <keescook@chromium.org>, Bill Wendling <morbo@google.com>, 
	Justin Stitt <justinstitt@google.com>, Masahiro Yamada <masahiroy@kernel.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Hi Brian,

Thanks for taking a look.

On Wed, 24 Apr 2024 at 19:39, Brian Gerst <brgerst@gmail.com> wrote:
>
> On Wed, Apr 24, 2024 at 12:06=E2=80=AFPM Ard Biesheuvel <ardb+git@google.=
com> wrote:
> >
> > From: Ard Biesheuvel <ardb@kernel.org>
> >
> > The purgatory is almost entirely position independent, without any need
> > for any relocation processing at load time except for the reference to
> > the GDT in the entry code. Generate this reference at runtime instead,
> > to remove the last R_X86_64_64 relocation from this code.
> >
> > While the GDT itself needs to be preserved in memory as long as it is
> > live, the GDT descriptor that is used to program the GDT can be
> > discarded so it can be allocated on the stack.
> >
> > Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
> > ---
> >  arch/x86/purgatory/entry64.S | 10 +++++++---
> >  1 file changed, 7 insertions(+), 3 deletions(-)
> >
> > diff --git a/arch/x86/purgatory/entry64.S b/arch/x86/purgatory/entry64.=
S
> > index 9913877b0dbe..888661d9db9c 100644
> > --- a/arch/x86/purgatory/entry64.S
> > +++ b/arch/x86/purgatory/entry64.S
> > @@ -16,7 +16,11 @@
> >
> >  SYM_CODE_START(entry64)
> >         /* Setup a gdt that should be preserved */
> > -       lgdt gdt(%rip)
> > +       leaq    gdt(%rip), %rax
> > +       pushq   %rax
> > +       pushw   $gdt_end - gdt - 1
> > +       lgdt    (%rsp)
> > +       addq    $10, %rsp
>
> This misaligns the stack, pushing 16 bytes on the stack but only
> removing 10 (decimal).
>

pushw subtracts 2 from RSP and stores a word. So the total size stored
is 10 decimal not 16.

> >
> >         /* load the data segments */
> >         movl    $0x18, %eax     /* data segment */
> > @@ -83,8 +87,8 @@ SYM_DATA_START_LOCAL(gdt)
> >          * 0x08 unused
> >          * so use them as gdt ptr
>
> obsolete comment
>
> >          */
> > -       .word gdt_end - gdt - 1
> > -       .quad gdt
> > +       .word 0
> > +       .quad 0
> >         .word 0, 0, 0
>
> This can be condensed down to:
>         .quad 0, 0
>

This code and the comment are removed in the next patch.