Skip to content

Restructure GDT. Add sysenter support #290

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
wipawel merged 6 commits into from
Aug 30, 2023
Merged

Restructure GDT. Add sysenter support #290

wipawel merged 6 commits into from
Aug 30, 2023

Conversation

@sktt
Copy link
Contributor

@sktt sktt commented Aug 27, 2023

Based on #284. Request for comments on this.

In particular the GDT bit that had to be reworked a bit. Also, whether and how we should give the option to use sysenter instead of syscall.

@sktt sktt requested a review from a team as a code owner August 27, 2023 22:31
@wipawel wipawel added feature New feature or request bugfix This fixes a bug Severity: high Very important bug - fix ASAP Priority: 4 Nice-to-have feature labels Aug 28, 2023
minipli-oss
minipli-oss reviewed Aug 28, 2023
View reviewed changes
minipli-oss
minipli-oss reviewed Aug 28, 2023
View reviewed changes
minipli-oss
minipli-oss reviewed Aug 28, 2023
View reviewed changes
minipli-oss
minipli-oss reviewed Aug 28, 2023
View reviewed changes
minipli-oss
minipli-oss reviewed Aug 28, 2023
View reviewed changes
minipli-oss
minipli-oss reviewed Aug 28, 2023
View reviewed changes
minipli-oss
minipli-oss requested changes Aug 28, 2023
View reviewed changes
Copy link
Contributor

@minipli-oss minipli-oss left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks a lot for doing this cleanup! The comments in segment.h are especially helpful, I think!

Can you please rebase your branch, as some of the depending commits got merged?

@sktt sktt force-pushed the sysenter branch 4 times, most recently from ca0212e to 9dbf6c3 Compare August 28, 2023 13:27
wipawel
wipawel requested changes Aug 28, 2023
View reviewed changes
minipli-oss
minipli-oss requested changes Aug 28, 2023
View reviewed changes
@sktt sktt force-pushed the sysenter branch 7 times, most recently from b60cec7 to 9f8e9c2 Compare August 29, 2023 09:45
wipawel
wipawel requested changes Aug 29, 2023
View reviewed changes
@sktt sktt force-pushed the sysenter branch 2 times, most recently from 9bb61f9 to 2305a69 Compare August 30, 2023 10:47
sktt and others added 3 commits August 30, 2023 12:49
@sktt
entry: syscall_handler_entry save/restore all regs
eeecf75 
This allows us to use syscall from inline asm without clobbering all
callee-clobbered registers. Saving/restoring all registers also prevents
"leaking" kernel register values into userland.

Signed-off-by: Johannes Wikner <johannes.wikner@gmail.com>
@sktt
segment: restructure and document GDT selectors
3817186 
The GDT entries needed to be re-organized to support sysexit. While
doing so, better document why they exist in the first place, and their
particular order.

Rename __KERN_{CS,DS}16 -> __RMODE_{CS,DS}16 to clearly indicate that
these entries only exist in the real mode GDT.

Omit entries that are unused in i386 or unused for a particular gdt.

Signed-off-by: Johannes Wikner <johannes.wikner@gmail.com>
@sktt
usermode: adjust MSR_STAR.user_cs
6796609 
user_cs should point to USER_CS32 so that correct %cs and %ss are set
upon sysret and sysretq.

This fixes a subtle bug which where branches using %cs (e.g., intra-mode
iret) would crash after a syscall.

Signed-off-by: Johannes Wikner <johannes.wikner@gmail.com>
sktt and others added 3 commits August 30, 2023 12:56
@sktt
entry, usermode: add sysenter handler
e78424e 
Introduces the necessary MSRs, and sets them to handle sysenter and
sysexits. Add macro to choose approriate instruction depending on build.

When adding compatibility mode support, we need to use either sysexit or
sysexitq depending on what usermode is executing. Same for sysret and
sysretq.

Signed-off-by: Johannes Wikner <johannes.wikner@gmail.com>
@sktt
usermode: add sysenter and syscall_mode selection
ec322c4 
To give usermode the option to choose sysenter instead of syscall, we
expose syscall_mode(enum syscall_mode), which is by default using
syscall.

Signed-off-by: Johannes Wikner <johannes.wikner@gmail.com>
@sktt
usermode: support int 80h syscalls
22cd3a1 
From usermode's perspective it works the same as syscall.

Signed-off-by: Johannes Wikner <johannes.wikner@gmail.com>
Signed-off-by: Pawel Wieczorkiewicz <wipawel@grsecurity.net>
minipli-oss
minipli-oss approved these changes Aug 30, 2023
View reviewed changes
Copy link
Contributor

@minipli-oss minipli-oss left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks a lot, Johannes!

@wipawel wipawel merged commit 7c3c942 into KernelTestFramework:mainline Aug 30, 2023
@sktt sktt changed the title Sysenter Restructure GDT. Add sysenter support Nov 8, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wipawel wipawel wipawel approved these changes

@minipli-oss minipli-oss minipli-oss approved these changes

Assignees

@wipawel wipawel

@minipli-oss minipli-oss

Labels

bugfix This fixes a bug feature New feature or request Priority: 4 Nice-to-have feature Severity: high Very important bug - fix ASAP

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@sktt @wipawel @minipli-oss