From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1753139AbbC0Nst (ORCPT <rfc822;w@1wt.eu>);
	Fri, 27 Mar 2015 09:48:49 -0400
Received: from mx1.redhat.com ([209.132.183.28]:40153 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1752930AbbC0Nsp (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Fri, 27 Mar 2015 09:48:45 -0400
Message-ID: <55155F9E.3030605@redhat.com>
Date: Fri, 27 Mar 2015 14:48:14 +0100
From: Denys Vlasenko <dvlasenk@redhat.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: Andy Lutomirski <luto@amacapital.net>, Ingo Molnar <mingo@kernel.org>
CC: "H. Peter Anvin" <hpa@zytor.com>, Brad Spengler <spender@grsecurity.net>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Borislav Petkov <bp@alien8.de>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        Andrew Lutomirski <luto@kernel.org>,
        "linux-tip-commits@vger.kernel.org" 
	<linux-tip-commits@vger.kernel.org>
Subject: Re: [tip:x86/asm] x86/asm/entry: Add user_mode_ignore_vm86()
References: <202c56ca63823c338af8e2e54948dbe222da6343.1426728647.git.luto@kernel.org> <tip-a67e7277d01ccfd39b0db5a198c2643cc19dd79c@git.kernel.org> <CALCETrWZfcRhHogkTC--9aRGOuXuOYuvNdQfrCj0cK3+eNW4jA@mail.gmail.com> <20150324194402.GA27598@gmail.com> <CALCETrU4r1F99BzTS68MeYN0p6v+qem5_LnC+2H4GVztrSu+Zg@mail.gmail.com>
In-Reply-To: <CALCETrU4r1F99BzTS68MeYN0p6v+qem5_LnC+2H4GVztrSu+Zg@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 03/24/2015 08:46 PM, Andy Lutomirski wrote:
> On Tue, Mar 24, 2015 at 12:44 PM, Ingo Molnar <mingo@kernel.org> wrote:
>>
>> * Andy Lutomirski <luto@amacapital.net> wrote:
>>
>>> On Mon, Mar 23, 2015 at 5:26 AM, tip-bot for Andy Lutomirski
>>> <tipbot@zytor.com> wrote:
>>>> Commit-ID:  a67e7277d01ccfd39b0db5a198c2643cc19dd79c
>>>> Gitweb:     http://git.kernel.org/tip/a67e7277d01ccfd39b0db5a198c2643cc19dd79c
>>>> Author:     Andy Lutomirski <luto@kernel.org>
>>>> AuthorDate: Wed, 18 Mar 2015 18:33:29 -0700
>>>> Committer:  Ingo Molnar <mingo@kernel.org>
>>>> CommitDate: Mon, 23 Mar 2015 11:13:36 +0100
>>>>
>>>> x86/asm/entry: Add user_mode_ignore_vm86()
>>>>
>>>> user_mode() is dangerous and user_mode_vm() has a confusing name.
>>>>
>>>> Add user_mode_ignore_vm86() (equivalent to current user_mode()).
>>>> We'll change the small number of legitimate users of user_mode()
>>>> to user_mode_ignore_vm86().
>>>>
>>>> Inspired by grsec, although this works rather differently.
>>>
>>> Ingo, does this mean that you changed your mind or do you still want
>>> a patch to delete user_mode_ignore_vm86 and just use user_mode
>>> everywhere instead?
>>
>> Would be still nice to have it as an add on patch, if you agree with
>> my arguments.
> 
> Given that there are only a very small number of callers left and
> they're all Obviously Correct (tm), I'm not too worried about it.
> Maybe if we kill off __copy_to_user, I'll be inspired to kill off
> user_mode_ignore_vm86 as well :)


I was looking at the code involving this function and it looks
like a much better name for user_mode_ignore_vm86() would be
user_mode_cs().

Every time we use it, we check vm8086 mode just before it:

perf_event.c

        if (regs->flags & X86_VM_MASK)
                return 0x10 * regs->cs;

        if (user_mode_ignore_vm86(regs) && regs->cs != __USER_CS)
                return get_segment_base(regs->cs);


traps.c (three similar instances):

        if (v8086_mode(regs)) {
...
                goto exit;
        }
        if (user_mode_ignore_vm86(regs))...


"_ignore_vm86" part doesn't quite work as an explanation.
user_mode_cs() would immediately tell me "do we have a user's cs?"