From: Nick Alcock <nix@xxxxxxxxxxxxx> Date: Fri, 27 May 2016 22:44:56 +0100 > Good move. Segfaulting the process is fine! :) Any process that does > this sort of thing is clearly either terminally buggy, written by an > idiot who doesn't know what he's doing (i.e. my original patch) or > malicious. These all deserve SEGVs. > > (I still don't understand why this leads to spurious TLB faults, though. > Filling the userland CPU registers with garbage is bad, but should still > be reasonably harmless to the kernel, surely?) I'm trying to figure out the same thing myself. Even the unaligned stack pointer should be gracefully handled by the kernel, so I think it has to be some other element of the register state restore sequence. The one area that deserves auditing is %tstate. This is a privileged register which we treat partially as non-privileged. Specifically we allow the user to modify the condition codes and the %asi register which is encoded into here. But I just went over that a few times. We are really careful to mask and only change those specific fields. I'll keep plugging away at this and also play with your patches to reproduce the bug. -- To unsubscribe from this list: send the line "unsubscribe sparclinux" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
