Re: [PATCH v7 20/26] x86/cpufeature: Add User-Mode Instruction Prevention definitions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Sat, 2017-05-06 at 11:04 +0200, Paolo Bonzini wrote:
> 
> 
> On 05/05/2017 20:17, Ricardo Neri wrote:
> > User-Mode Instruction Prevention is a security feature present in
> new
> > Intel processors that, when set, prevents the execution of a subset
> of
> > instructions if such instructions are executed in user mode (CPL >
> 0).
> > Attempting to execute such instructions causes a general protection
> > exception.
> > 
> > The subset of instructions comprises:
> > 
> >  * SGDT - Store Global Descriptor Table
> >  * SIDT - Store Interrupt Descriptor Table
> >  * SLDT - Store Local Descriptor Table
> >  * SMSW - Store Machine Status Word
> >  * STR  - Store Task Register
> > 
> > This feature is also added to the list of disabled-features to allow
> > a cleaner handling of build-time configuration.
> > 
> > Cc: Andy Lutomirski <luto@xxxxxxxxxx>
> > Cc: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
> > Cc: H. Peter Anvin <hpa@xxxxxxxxx>
> > Cc: Borislav Petkov <bp@xxxxxxx>
> > Cc: Brian Gerst <brgerst@xxxxxxxxx>
> > Cc: Chen Yucong <slaoub@xxxxxxxxx>
> > Cc: Chris Metcalf <cmetcalf@xxxxxxxxxxxx>
> > Cc: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>
> > Cc: Fenghua Yu <fenghua.yu@xxxxxxxxx>
> > Cc: Huang Rui <ray.huang@xxxxxxx>
> > Cc: Jiri Slaby <jslaby@xxxxxxx>
> > Cc: Jonathan Corbet <corbet@xxxxxxx>
> > Cc: Michael S. Tsirkin <mst@xxxxxxxxxx>
> > Cc: Paul Gortmaker <paul.gortmaker@xxxxxxxxxxxxx>
> > Cc: Peter Zijlstra <peterz@xxxxxxxxxxxxx>
> > Cc: Ravi V. Shankar <ravi.v.shankar@xxxxxxxxx>
> > Cc: Shuah Khan <shuah@xxxxxxxxxx>
> > Cc: Vlastimil Babka <vbabka@xxxxxxx>
> > Cc: Tony Luck <tony.luck@xxxxxxxxx>
> > Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx>
> > Cc: Liang Z. Li <liang.z.li@xxxxxxxxx>
> > Cc: Alexandre Julliard <julliard@xxxxxxxxxx>
> > Cc: Stas Sergeev <stsp@xxxxxxx>
> > Cc: x86@xxxxxxxxxx
> > Cc: linux-msdos@xxxxxxxxxxxxxxx
> > 
> > Signed-off-by: Ricardo Neri <ricardo.neri-calderon@xxxxxxxxxxxxxxx>
> 
> Would it be possible to have this patch in a topic branch for KVM's
> consumption?
> 
I have put a branch here with this single patch:

https://github.com/ricardon/tip.git rneri/umip_for_kvm

This is based on Linux v4.11. Please let me know if this works for your
or you'd prefer it to be based on a different branch/commit/repo.

Thanks and BR,
Ricardo

--
To unsubscribe from this list: send the line "unsubscribe linux-msdos" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Console]     [Linux Audio]     [Linux for Hams]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite Camping]     [Yosemite Hiking]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Samba]     [Linux Media]     [Fedora Users]

  Powered by Linux