lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 08 Nov 2016 20:26:03 -0800 From: Ricardo Neri <ricardo.neri-calderon@...ux.intel.com> To: Thomas Gleixner <tglx@...utronix.de> Cc: Andy Lutomirski <luto@...capital.net>, Peter Zijlstra <peterz@...radead.org>, Ingo Molnar <mingo@...nel.org>, "H. Peter Anvin" <hpa@...or.com>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, X86 ML <x86@...nel.org>, "linux-doc@...r.kernel.org" <linux-doc@...r.kernel.org>, Andy Lutomirski <luto@...nel.org>, Andrew Morton <akpm@...ux-foundation.org>, Borislav Petkov <bp@...e.de>, Brian Gerst <brgerst@...il.com>, Chen Yucong <slaoub@...il.com>, Chris Metcalf <cmetcalf@...lanox.com>, Dave Hansen <dave.hansen@...ux.intel.com>, Fenghua Yu <fenghua.yu@...el.com>, Huang Rui <ray.huang@....com>, Jiri Slaby <jslaby@...e.cz>, Jonathan Corbet <corbet@....net>, "Michael S . Tsirkin" <mst@...hat.com>, Paul Gortmaker <paul.gortmaker@...driver.com>, "Ravi V . Shankar" <ravi.v.shankar@...el.com>, Vlastimil Babka <vbabka@...e.cz>, Shuah Khan <shuah@...nel.org> Subject: Re: [PATCH 0/4] x86: enable User-Mode Instruction Prevention On Tue, 2016-11-08 at 17:52 +0100, Thomas Gleixner wrote: > On Tue, 8 Nov 2016, Andy Lutomirski wrote: > > On Tue, Nov 8, 2016 at 5:16 AM, Peter Zijlstra <peterz@...radead.org> wrote: > > > On Mon, Nov 07, 2016 at 10:12:09PM -0800, Ricardo Neri wrote: > > >> There is a caveat, however. Certain applications running in virtual-8086 > > >> mode, such as DOSEMU[1] and Wine[2], want to utilize the SGDT, SIDT and > > >> SLDT instructions for legitimate reasons. In order to keep such > > >> applications working, UMIP must be disabled/enabled when entering/exiting > > >> virtual-8086 mode. > > > > > > Would it not be better to emulate these instructions for them? What way > > > we can verify they're not malicious. > > > > Forget malice -- if they are really needed for some silly vm86-using > > program, let's trap them and emulate them so they return dummy values. > > handle_vm86_fault() already does instruction emulation, so adding the few > bits there is the right thing to do. Then we just can enable UMIP > unconditionally and be done with it. Ah. I didn't think about that. It make sense to me. I will rework this series with this approach. > > Thanks, > > tglx
Powered by blists - more mailing lists