Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Stas Sergeev <stsp@xxxxxxx>
Subject: Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention
From: Andy Lutomirski <luto@xxxxxxxxxx>
Date: Fri, 31 Mar 2017 19:18:18 -0700
Cc: Alexandre Julliard <julliard@xxxxxxxxxx>, Ricardo Neri <ricardo.neri-calderon@xxxxxxxxxxxxxxx>, Ingo Molnar <mingo@xxxxxxxxxx>, Thomas Gleixner <tglx@xxxxxxxxxxxxx>, "H. Peter Anvin" <hpa@xxxxxxxxx>, Andy Lutomirski <luto@xxxxxxxxxx>, Borislav Petkov <bp@xxxxxxx>, Peter Zijlstra <peterz@xxxxxxxxxxxxx>, Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>, Brian Gerst <brgerst@xxxxxxxxx>, Chris Metcalf <cmetcalf@xxxxxxxxxxxx>, Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>, Paolo Bonzini <pbonzini@xxxxxxxxxx>, Masami Hiramatsu <mhiramat@xxxxxxxxxx>, Huang Rui <ray.huang@xxxxxxx>, Jiri Slaby <jslaby@xxxxxxx>, Jonathan Corbet <corbet@xxxxxxx>, "Michael S. Tsirkin" <mst@xxxxxxxxxx>, Paul Gortmaker <paul.gortmaker@xxxxxxxxxxxxx>, Vlastimil Babka <vbabka@xxxxxxx>, Chen Yucong <slaoub@xxxxxxxxx>, Fenghua Yu <fenghua.yu@xxxxxxxxx>, "Ravi V. Shankar" <ravi.v.shankar@xxxxxxxxx>, Shuah Khan <shuah@xxxxxxxxxx>, "linux-kernel@xxxxxxxxxxxxxxx" <linux-kernel@xxxxxxxxxxxxxxx>, X86 ML <x86@xxxxxxxxxx>, linux-msdos@xxxxxxxxxxxxxxx, wine-devel@xxxxxxxxxx
In-reply-to: <6010f93e-ce0a-9476-b2fa-041dbf6c8f75@list.ru>
List-id: <linux-msdos.vger.kernel.org>
References: <20170308003254.27833-1-ricardo.neri-calderon@linux.intel.com> <79ba0fff-4c01-2bfa-06cb-5cfc98dd710c@list.ru> <CALCETrX4D13Q4LRxGrQzXQCWvaRpq7sG0ws8CpB_bM4rKQ4W_A@mail.gmail.com> <997ba581-ecfa-b773-a48e-85b92a439836@list.ru> <CALCETrX87_RyEscDLLscNaE33=FEpzW0JVphZaWoJSBL5VhN0w@mail.gmail.com> <1489022122.131264.33.camel@ranerica-desktop> <a9043b85-e44c-4070-1ecc-75f653539423@list.ru> <CALCETrXNRHyB2NhpVAzgEh+UBFYD+uFrVJioFPwiO+dqQ9E1ww@mail.gmail.com> <63231222-5b42-c8c9-02f0-0afbe702d8b5@list.ru> <1489190396.131264.47.camel@ranerica-desktop> <6331deea-e9b0-fcfe-b75d-8100f37a615a@list.ru> <1490658399.2647.14.camel@ranerica-desktop> <cc490254-9c0b-e55e-6228-ad5e1f365123@list.ru> <1490762284.2647.24.camel@ranerica-desktop> <2a9c7bfd-e85c-2673-d3b5-906fe7dd8db4@list.ru> <1490850848.2647.28.camel@ranerica-desktop> <3f1f1632-ae64-34f7-70ef-d4f8091cd5c1@list.ru> <1490924035.2647.35.camel@ranerica-desktop> <87vaqppmc1.fsf@winehq.org> <6010f93e-ce0a-9476-b2fa-041dbf6c8f75@list.ru>
Sender: linux-msdos-owner@xxxxxxxxxxxxxxx

On Fri, Mar 31, 2017 at 2:26 PM, Stas Sergeev <stsp@xxxxxxx> wrote:
> 31.03.2017 17:11, Alexandre Julliard пишет:
>>
>> In fact it would be nice to be able to make sidt/sgdt/etc. segfault
>> too. I know a new syscall is a pain,
>
> Maybe arch_prctl() then?

I still like my idea of a generic mechanism to turn off
backwards-compatibility things.  After all, hardened programs should
turn off UMIP fixups entirely.  They should also turn off vsyscall
emulation entirely, and I see no reason that these mechanisms should
be different.

--Andy
--
To unsubscribe from this list: send the line "unsubscribe linux-msdos" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

References:
- [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention
  - From: Ricardo Neri
- Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention
  - From: Stas Sergeev
- Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention
  - From: Andy Lutomirski
- Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention
  - From: Stas Sergeev
- Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention
  - From: Andy Lutomirski
- Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention
  - From: Ricardo Neri
- Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention
  - From: Stas Sergeev
- Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention
  - From: Andy Lutomirski
- Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention
  - From: Stas Sergeev
- Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention
  - From: Ricardo Neri
- Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention
  - From: Stas Sergeev
- Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention
  - From: Ricardo Neri
- Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention
  - From: Stas Sergeev
- Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention
  - From: Ricardo Neri
- Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention
  - From: Stas Sergeev
- Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention
  - From: Ricardo Neri
- Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention
  - From: Stas Sergeev
- Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention
  - From: Ricardo Neri
- Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention
  - From: Alexandre Julliard
- Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention
  - From: Stas Sergeev

Prev by Date: Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention
Next by Date: Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention
Previous by thread: Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention
Next by thread: Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention
Index(es):
- Date
- Thread

[Index of Archives] [Linux Console] [Linux Audio] [Linux for Hams] [Kernel Newbies] [Security] [Netfilter] [Bugtraq] [Yosemite Camping] [Yosemite Hiking] [MIPS Linux] [ARM Linux] [Linux RAID] [Samba] [Linux Media] [Fedora Users]