[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Xen-devel] [PATCH v7 3/3] x86: Make the GDT remapping read-only on 64-bit
- To: Thomas Garnier <thgarnie@xxxxxxxxxx>
- From: Pavel Machek <pavel@xxxxxx>
- Date: Tue, 14 Mar 2017 22:04:24 +0100
- Cc: Michal Hocko <mhocko@xxxxxxxx>, Stanislaw Gruszka <sgruszka@xxxxxxxxxx>, linux-doc@xxxxxxxxxxxxxxx, kvm@xxxxxxxxxxxxxxx, Radim Krčmář <rkrcmar@xxxxxxxxxx>, Matt Fleming <matt@xxxxxxxxxxxxxxxxxxx>, Frederic Weisbecker <fweisbec@xxxxxxxxx>, Chris Wilson <chris@xxxxxxxxxxxxxxxxxx>, linux-mm@xxxxxxxxx, Paul Gortmaker <paul.gortmaker@xxxxxxxxxxxxx>, linux-efi@xxxxxxxxxxxxxxx, Alexander Potapenko <glider@xxxxxxxxxx>, "H . Peter Anvin" <hpa@xxxxxxxxx>, kernel-hardening@xxxxxxxxxxxxxxxxxx, Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx>, zijun_hu <zijun_hu@xxxxxxx>, lguest@xxxxxxxxxxxxxxxx, xen-devel@xxxxxxxxxxxxxxxxxxxx, Jonathan Corbet <corbet@xxxxxxx>, Joerg Roedel <joro@xxxxxxxxxx>, x86@xxxxxxxxxx, kasan-dev@xxxxxxxxxxxxxxxx, Christian Borntraeger <borntraeger@xxxxxxxxxx>, Ingo Molnar <mingo@xxxxxxxxxx>, Andrey Ryabinin <aryabinin@xxxxxxxxxxxxx>, Borislav Petkov <bp@xxxxxxx>, Len Brown <len.brown@xxxxxxxxx>, Rusty Russell <rusty@xxxxxxxxxxxxxxx>, Kees Cook <keescook@xxxxxxxxxxxx>, linux-pm@xxxxxxxxxxxxxxx, Jiri Kosina <jikos@xxxxxxxxxx>, Andy Lutomirski <luto@xxxxxxxxxx>, Josh Poimboeuf <jpoimboe@xxxxxxxxxx>, Thomas Gleixner <tglx@xxxxxxxxxxxxx>, Vitaly Kuznetsov <vkuznets@xxxxxxxxxx>, Dmitry Vyukov <dvyukov@xxxxxxxxxx>, Juergen Gross <jgross@xxxxxxxx>, Peter Zijlstra <peterz@xxxxxxxxxxxxx>, Lorenzo Stoakes <lstoakes@xxxxxxxxx>, Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx>, "Rafael J . Wysocki" <rjw@xxxxxxxxxxxxx>, linux-kernel@xxxxxxxxxxxxxxx, Andy Lutomirski <luto@xxxxxxxxxxxxxx>, "Luis R . Rodriguez" <mcgrof@xxxxxxxxxx>, Paolo Bonzini <pbonzini@xxxxxxxxxx>, Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>, Tim Chen <tim.c.chen@xxxxxxxxxxxxxxx>
- Delivery-date: Tue, 14 Mar 2017 21:04:54 +0000
- List-id: Xen developer discussion <xen-devel.lists.xen.org>
On Tue 2017-03-14 10:05:08, Thomas Garnier wrote:
> This patch makes the GDT remapped pages read-only to prevent corruption.
> This change is done only on 64-bit.
>
> The native_load_tr_desc function was adapted to correctly handle a
> read-only GDT. The LTR instruction always writes to the GDT TSS entry.
> This generates a page fault if the GDT is read-only. This change checks
> if the current GDT is a remap and swap GDTs as needed. This function was
> tested by booting multiple machines and checking hibernation works
> properly.
>
> KVM SVM and VMX were adapted to use the writeable GDT. On VMX, the
> per-cpu variable was removed for functions to fetch the original GDT.
> Instead of reloading the previous GDT, VMX will reload the fixmap GDT as
> expected. For testing, VMs were started and restored on multiple
> configurations.
>
> Signed-off-by: Thomas Garnier <thgarnie@xxxxxxxxxx>
Can we get the same change for 32-bit, too? Growing differences
between 32 and 64 bit are a bit of a problem...
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures)
http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
Attachment:
signature.asc
Description: Digital signature
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel
|