Re: [PATCH 7/8] x86: Add documentation for rd/wr fs/gs base

[Andy Lutomirski]

On Fri, Apr 10, 2015 at 1:46 PM, Andi Kleen <ak@xxxxxxxxxxxxxxx> wrote:
>> If user code programs fs != 0 and fsbase != whatever is implied by fs
>> and the GDT/LDT, what happens?
>
> We load the value from the LDT/GDT.
>
>> There's already a minor buglet in that
>> area without wrfsbase, but fixing it would be a big performance hit
>> because we don't have rdfsbase and rdgsbase to read the state
>> efficiently.  (Specifically, if we have gs == 0, gsbase == 0, but
>> *saved* gsbase != 0, then we corrupt gsbase on context switch.)
>>
>> But, with the new instructions, we can do it simply, efficiently, and
>> correctly in all cases.  Let's do so.
>
> We would need an instruction to write the index without changing the base.
> That's not what the new instructions do.

I think it's as simple as:

if (has fancy new feature) {
  prev->fsindex = [read fs];
  prev->fsbase = rdfsbase();
  prev->gsindex = [read gs];
  prev->gsbase = [read gsbase];

  load_fs(next->fsindex);
  wrfsbase(next->fsbase);
  write_gs_base_and_index(next->gsindex, next->gsbase);
} else {
  do the old mess;
}

Hmm.  This may need a bit of thought wrt ptrace.  We also need to
consider what happens in the event that the selector load fails.
Presumably we fall back to base == 0.

(Note: no matter what we do here, we at least need to think about
ptrace.  I would argue that poking a nonzero value into fs or gs from
ptrace should zero the saved base register, even on old hardware.
Presumably changing from nonzero to zero should also zero it.)

--Andy
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/