| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 31 May 2017 06:56:51 -0700
From: Andy Lutomirski <luto@...nel.org>
To: Yuhong Bao <YuhongBao_386@...mail.com>
Cc: "kirill.shutemov@...ux.intel.com" <kirill.shutemov@...ux.intel.com>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"luto@...nel.org" <luto@...nel.org>
Subject: Re: espfix and 5-level paging
On Sat, May 27, 2017 at 2:30 PM, Yuhong Bao <YuhongBao_386@...mail.com> wrote:
> I don't like espfix of course, and would probably manually fix it to N in the kernel config unless I really had to run buggy DPMI apps.
> Win8 decided to just disable NTVDM by default instead.
> ________________________________________
> From: Yuhong Bao
> Sent: Saturday, May 13, 2017 2:39:59 AM
> To: kirill.shutemov@...ux.intel.com; linux-kernel@...r.kernel.org
> Subject: espfix and 5-level paging
>
> Instead of porting espfix to 5-level paging, why not fix the IRET instruction?
> It probably should not require even a CR4 flag to enable.
I have no context here. It would be great if Intel and/or AMD were to
fix IRET. Meanwhile, we can work around it in the kernel, which we do
if MODIFY_LDT is on and configured to allow 16-bit segments. If you
don't want 16-bit segments, you can turn them off.
(This has nothing to do with buggy DPMI apps. It affects pretty much
all 16-bit code.)
Powered by blists - more mailing lists