| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20091110222140.GG26633@1wt.eu> Date: Tue, 10 Nov 2009 23:21:40 +0100 From: Willy Tarreau <w@....eu> To: "H. Peter Anvin" <hpa@...or.com> Cc: Pavel Machek <pavel@....cz>, Avi Kivity <avi@...hat.com>, Alan Cox <alan@...rguk.ukuu.org.uk>, Matteo Croce <technoboy85@...il.com>, Sven-Haegar Koch <haegar@...net.de>, Ingo Molnar <mingo@...e.hu>, linux-kernel@...r.kernel.org Subject: Re: i686 quirk for AMD Geode On Tue, Nov 10, 2009 at 02:15:55PM -0800, H. Peter Anvin wrote: > I immediately note that you have absolutely no check on the code > segment, either in terms of code segment limits or even that we're in > the right mode. Furthermore, you read user space -- code in user space > is still user space -- without get_user(). Yes I remember about that one now. HCH told me about it. > We also need NX protection > to be honoured, and the various special subtleties of the x86 > instruction format (15-byte limit, for example) to be preserved: they > aren't just there randomly, but are there to protect against specific > failures. OK. > *THIS* is the kind of complexity that makes me think that having a > single source for all interpretation done in the kernel is the preferred > option. I understand, your point. We just need to check when it becomes overkill to use a full-blown emulator of 3 instructions and a few "simple" rules. Willy -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists