Lines Matching +full:3 +full:base +full:- +full:x
1 // SPDX-License-Identifier: GPL-2.0-only
4 * Copyright (c) 2014-2016 Andy Lutomirski
32 # error This test is 64-bit only
74 segv_addr = (unsigned long)si->si_addr; in sigsegv()
76 ctx->uc_mcontext.gregs[REG_RIP] += 4; /* Skip the faulting mov */ in sigsegv()
131 /* Use a constant-length instruction here. */ in read_base()
161 unsigned long base; in check_gs_value() local
164 printf("[RUN]\tARCH_SET_GS to 0x%lx\n", value); in check_gs_value()
169 base = read_base(GS); in check_gs_value()
170 if (base == value) { in check_gs_value()
171 printf("[OK]\tGSBASE was set as expected (selector 0x%hx)\n", in check_gs_value()
175 printf("[FAIL]\tGSBASE was not as expected: got 0x%lx (selector 0x%hx)\n", in check_gs_value()
176 base, sel); in check_gs_value()
179 if (syscall(SYS_arch_prctl, ARCH_GET_GS, &base) != 0) in check_gs_value()
181 if (base == value) { in check_gs_value()
182 printf("[OK]\tARCH_GET_GS worked as expected (selector 0x%hx)\n", in check_gs_value()
186 printf("[FAIL]\tARCH_GET_GS was not as expected: got 0x%lx (selector 0x%hx)\n", in check_gs_value()
187 base, sel); in check_gs_value()
193 unsigned long base, arch_base; in mov_0_gs() local
195 …printf("[RUN]\tARCH_SET_GS to 0x%lx then mov 0 to %%gs%s\n", initial_base, schedule ? " and schedu… in mov_0_gs()
203 base = read_base(GS); in mov_0_gs()
206 if (base == arch_base) { in mov_0_gs()
207 printf("[OK]\tGSBASE is 0x%lx\n", base); in mov_0_gs()
210 printf("[FAIL]\tGSBASE changed to 0x%lx but kernel reports 0x%lx\n", base, arch_base); in mov_0_gs()
241 printf("\tother thread: ARCH_SET_GS(0x%lx)%s -- sel is 0x%hx\n", in do_remote_base()
245 static __thread int set_thread_area_entry_number = -1;
264 .contents = 0, /* Data, grow-up */ in load_gs()
280 MAP_PRIVATE | MAP_ANONYMOUS | MAP_32BIT, -1, 0); in load_gs()
283 low_desc->entry_number = set_thread_area_entry_number; in load_gs()
285 /* 32-bit set_thread_area */ in load_gs()
295 printf("[NOTE]\tcould not create a segment -- test won't do anything\n"); in load_gs()
301 unsigned short gs = (unsigned short)((desc.entry_number << 3) | 0x3); in load_gs()
307 void test_wrbase(unsigned short index, unsigned long base) in test_wrbase() argument
312 printf("[RUN]\tGS = 0x%hx, GSBASE = 0x%lx\n", index, base); in test_wrbase()
315 wrgsbase(base); in test_wrbase()
326 if (newindex == index && newbase == base) { in test_wrbase()
327 printf("[OK]\tIndex and base were preserved\n"); in test_wrbase()
329 printf("[FAIL]\tAfter switch, GS = 0x%hx and GSBASE = 0x%lx\n", in test_wrbase()
340 if (ftx == 3) in threadproc()
366 unsigned long base; in set_gs_and_switch_to() local
375 printf("[RUN]\tARCH_SET_GS(0x%lx)%s, then schedule to 0x%lx\n", in set_gs_and_switch_to()
378 printf("\tBefore schedule, set selector to 0x%hx\n", force_sel); in set_gs_and_switch_to()
396 * of 1, 2, or 3 back to 0 due to IRET being defective. in set_gs_and_switch_to()
410 base = read_base(GS); in set_gs_and_switch_to()
411 if (base == local && sel_pre_sched == sel_post_sched) { in set_gs_and_switch_to()
412 printf("[OK]\tGS/BASE remained 0x%hx/0x%lx\n", in set_gs_and_switch_to()
414 } else if (base == local && sel_pre_sched >= 1 && sel_pre_sched <= 3 && in set_gs_and_switch_to()
417 * IRET is misdesigned and will squash selectors 1, 2, or 3 in set_gs_and_switch_to()
420 printf("[OK]\tGS/BASE changed from 0x%hx/0x%lx to 0x%hx/0x%lx because IRET is defective\n", in set_gs_and_switch_to()
421 sel_pre_sched, local, sel_post_sched, base); in set_gs_and_switch_to()
424 printf("[FAIL]\tGS/BASE changed from 0x%hx/0x%lx to 0x%hx/0x%lx\n", in set_gs_and_switch_to()
425 sel_pre_sched, local, sel_post_sched, base); in set_gs_and_switch_to()
431 unsigned long base; in test_unexpected_base() local
443 base = read_base(GS); in test_unexpected_base()
444 if (base == 0) { in test_unexpected_base()
448 printf("[FAIL]\tGSBASE changed to 0x%lx\n", base); in test_unexpected_base()
479 unsigned long base; in test_ptrace_write_gs_read_base() local
483 /* Read the initial base. It should be 1. */ in test_ptrace_write_gs_read_base()
484 base = ptrace(PTRACE_PEEKUSER, child, base_offset, NULL); in test_ptrace_write_gs_read_base()
485 if (base == 1) { in test_ptrace_write_gs_read_base()
489 printf("[FAIL]\tGSBASE started at 0x%lx\n", base); in test_ptrace_write_gs_read_base()
498 /* And read the base. */ in test_ptrace_write_gs_read_base()
499 base = ptrace(PTRACE_PEEKUSER, child, base_offset, NULL); in test_ptrace_write_gs_read_base()
501 if (base == 0 || base == 1) { in test_ptrace_write_gs_read_base()
502 printf("[OK]\tGSBASE reads as 0x%lx with invalid GS\n", base); in test_ptrace_write_gs_read_base()
505 printf("[FAIL]\tGSBASE=0x%lx (should be 0 or 1)\n", base); in test_ptrace_write_gs_read_base()
539 unsigned long gs, base; in test_ptrace_write_gsbase() local
555 base = ptrace(PTRACE_PEEKUSER, child, base_offset, NULL); in test_ptrace_write_gsbase()
558 * In a non-FSGSBASE system, the nonzero selector will load in test_ptrace_write_gsbase()
569 * base would zero the selector. On newer kernels, in test_ptrace_write_gsbase()
570 * this behavior has changed -- poking the base in test_ptrace_write_gsbase()
571 * changes only the base and, if FSGSBASE is not in test_ptrace_write_gsbase()
577 } else if (have_fsgsbase && (base != 0xFF)) { in test_ptrace_write_gsbase()
579 printf("[FAIL]\tGSBASE changed to %lx\n", base); in test_ptrace_write_gsbase()
581 printf("[OK]\tGS remained 0x%hx", *shared_scratch); in test_ptrace_write_gsbase()
600 MAP_ANONYMOUS | MAP_SHARED, -1, 0); in main()
677 ftx = 3; /* Kill the thread. */ in main()