On 3/14/24 07:26, Anton Altaparmakov wrote:
> /* image of the saved processor state */
> struct saved_context {
> - /*
> - * On x86_32, all segment registers except gs are saved at kernel
> - * entry in pt_regs.
> - */
> - u16 gs;
> unsigned long cr0, cr2, cr3, cr4;
> u64 misc_enable;
> struct saved_msrs saved_msrs;
> @@ -27,6 +22,11 @@ struct saved_context {
> unsigned long tr;
> unsigned long safety;
> unsigned long return_address;
> + /*
> + * On x86_32, all segment registers except gs are saved at kernel
> + * entry in pt_regs.
> + */
> + u16 gs;
> bool misc_enable_saved;
> } __attribute__((packed));
Isn't this just kinda poking at the symptoms? This seems to be
basically the exact same bug as b0b592cf08, just with a different source
of unaligned structure members.
There's nothing to keep folks from reintroducing these kinds of issues
and evidently no way to detect when they happen without lengthy reproducers.
