On Thu, Oct 26, 2017 at 02:55:13PM +0200, Borislav Petkov wrote: > On Thu, Oct 26, 2017 at 02:02:02AM -0700, Andy Lutomirski wrote: > > I'm assuming that UMIP_REPORTED_CR0 will never change. If CR0 gets a > > new field that we set some day, then I assume that CR0_STATE would add > > that bit but UMIP_REPORTED_CR0 would not. > > Yeah, let's do that when it is actually needed. Thanks Andy! I reasoned that for UMIP could report CR0_STATE a value that is already revealed in the source code. Thus, if CR0 ever changes at run time, an attacker could only see what is set programmatically. BR, Ricardo -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>
