lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Tue, 10 Nov 2009 23:21:40 +0100
From:	Willy Tarreau <>
To:	"H. Peter Anvin" <>
Cc:	Pavel Machek <>, Avi Kivity <>,
	Alan Cox <>,
	Matteo Croce <>,
	Sven-Haegar Koch <>,
	Ingo Molnar <>,
Subject: Re: i686 quirk for AMD Geode

On Tue, Nov 10, 2009 at 02:15:55PM -0800, H. Peter Anvin wrote:
> I immediately note that you have absolutely no check on the code
> segment, either in terms of code segment limits or even that we're in
> the right mode.  Furthermore, you read user space -- code in user space
> is still user space -- without get_user().

Yes I remember about that one now. HCH told me about it.

> We also need NX protection
> to be honoured, and the various special subtleties of the x86
> instruction format (15-byte limit, for example) to be preserved: they
> aren't just there randomly, but are there to protect against specific
> failures.


> *THIS* is the kind of complexity that makes me think that having a
> single source for all interpretation done in the kernel is the preferred
> option.

I understand, your point. We just need to check when it becomes overkill
to use a full-blown emulator of 3 instructions and a few "simple" rules.


To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at

Powered by blists - more mailing lists