| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 14 Apr 2009 19:14:12 +0300 From: Avi Kivity <avi@...hat.com> To: "H. Peter Anvin" <hpa@...or.com> CC: Glauber Costa <glommer@...hat.com>, kvm@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] deal with interrupt shadow state for emulated instruction H. Peter Anvin wrote: > Avi Kivity wrote: > >> The comment about repeating 'mov ss' in the manual has that wonderful >> word in it, May. That means we're perfectly allowed to ignore it and >> just set the flag unconditionally. >> >> > > Realistically, though, this should only be done for a limited number of > sequential instructions. > > Why? Do you see a guest filling all of memory with 'mov ss' and expecting to break out of it via an interrupt? >> I doubt we'll ever see a repeated 'mov ss', once is more than enough. >> > > True enough, except maliciously. > Why do we care? The guest can only harm itself, and if it wants to disable interrupts, it would be a lot easier for it to run a plain 'cli'. I guess it would be a problem if we emulated 'mov ss' for ordinary userspace or vm86 mode, but we don't. -- I have a truly marvellous patch that fixes the bug which this signature is too narrow to contain. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists