On 12/08/2019 08:32, Jan Beulich wrote: > On 09.08.2019 12:40, Jan Beulich wrote: >> There is plenty more cleanup which can be done in the future. As we are >> 64-bit, there is no need for load_TR() to keep the TSS in sync >> between the two >> GDTs, which means it can drop all sgdt/lgdt instructions. > > I'm trying to figure what exactly you mean here. Are you suggesting > we run with a TSS selector loaded whose descriptor's busy bit is > clear? I agree this shouldn't cause issues in the 64-bit world, but > it would still not feel right.
At a minimum, all the sgdt/lgdt can disappear because we're (AFAICT) always on the native per-cpu GDT at this point. (If not, I'm sure we can arrange to be.) As for running without a valid GDT reference, the CPU will function fine, and it is a defence-in-depth strategy against Meltdown, seeing as an attacker can no longer do sgdt; str to locate the TSS and find RSP0. > Question is why they've retained the avail/busy distinction in the > first place. Easier than making any changes. ~Andrew _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
