Bug 821463
Summary: | SEP CPU flag is disabled on Intel 64 bit when exec_shield is on | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Orit Wasserman <owasserm> |
Component: | kernel | Assignee: | Larry Woodman <lwoodman> |
Status: | CLOSED ERRATA | QA Contact: | Petr Beňas <pbenas> |
Severity: | high | Docs Contact: | |
Priority: | unspecified | ||
Version: | 6.3 | CC: | arozansk, ehabkost, hhuang, juzhang, kzhang, pbenas, pbonzini, pmatouse, pstehlik, tburke |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | kernel-2.6.32-315.el6 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2013-02-21 06:12:47 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 821741 |
Description
Orit Wasserman
2012-05-14 15:02:21 UTC
What is really the effect of the bug? The kernel only uses X86_FEATURE_SEP in 32-bit mode. In 64-bit mode, sysenter/sysexit are assumed to be present on all Intel CPUs. arch/x86/kernel/cpu/intel.c: #ifdef CONFIG_X86_64 set_cpu_cap(c, X86_FEATURE_SYSENTER32); #endif arch/x86/vdso/vdso32-setup.c #ifdef CONFIG_X86_64 #define vdso32_sysenter() (boot_cpu_has(X86_FEATURE_SYSENTER32)) #define vdso32_syscall() (boot_cpu_has(X86_FEATURE_SYSCALL32)) ... #else /* CONFIG_X86_32 */ #define vdso32_sysenter() (boot_cpu_has(X86_FEATURE_SEP)) #define vdso32_syscall() (0) #endif I suppose this only affects virtualization of 32-bit guests with -cpu host, where the guest would have to fallback to int $0x80? Sorry but I dont understand what the problem is here. In RHEL5 we have: ---------------------------------------------------------------- if (exec_shield != 0) { #ifdef CONFIG_HIGHMEM64G /* NX implies PAE */ if (!test_bit(X86_FEATURE_NX, c->x86_capability)) #endif clear_bit(X86_FEATURE_SEP, c->x86_capability); } ---------------------------------------------------------------- In RHEL6 we have: ---------------------------------------------------------------- if (exec_shield != 0) { #ifdef CONFIG_X86_PAE if (!test_cpu_cap(c, X86_FEATURE_NX)) #endif clear_cpu_cap(c, X86_FEATURE_SEP); } ---------------------------------------------------------------- In RHEL5 CONFIG_HIGHMEM64G is set in x86 only and in RHEL6 CONFIG_X86_PAE is set in x86 only. So the functionality should be the same for x86 & x86_64 in both cases, no? Larry > In RHEL5 CONFIG_HIGHMEM64G is set in x86 only and in RHEL6 CONFIG_X86_PAE is > set in x86 only. So the functionality should be the same for x86 & x86_64 in > both cases, no? The snippet you quoted for RHEL5 is not compiled for x86_64, only i386. See comment 2. So the whole RHEL6 snipit should be this so we only do this for x86?: ---------------------------------------------------------------- #ifdef CONFIG_X86_PAE if (exec_shield != 0) { if (!test_cpu_cap(c, X86_FEATURE_NX)) clear_cpu_cap(c, X86_FEATURE_SEP); } #endif ---------------------------------------------------------------- Larry Yes, that should do it. This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux release for currently deployed products. This request is not yet committed for inclusion in a release. Patch(es) available on kernel-2.6.32-315.el6 Reproduced in 2.6.32-313.el6.x86_64 and verified in 2.6.32-314.el6.x86_64. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHSA-2013-0496.html |