From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932142AbbCWM1A (ORCPT ); Mon, 23 Mar 2015 08:27:00 -0400 Received: from terminus.zytor.com ([198.137.202.10]:41511 "EHLO terminus.zytor.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752144AbbCWM05 (ORCPT ); Mon, 23 Mar 2015 08:26:57 -0400 Date: Mon, 23 Mar 2015 05:26:31 -0700 From: tip-bot for Andy Lutomirski Message-ID: Cc: torvalds@linux-foundation.org, mingo@kernel.org, hpa@zytor.com, spender@grsecurity.net, linux-kernel@vger.kernel.org, luto@kernel.org, dvlasenk@redhat.com, tglx@linutronix.de, bp@alien8.de Reply-To: hpa@zytor.com, spender@grsecurity.net, torvalds@linux-foundation.org, mingo@kernel.org, bp@alien8.de, linux-kernel@vger.kernel.org, tglx@linutronix.de, luto@kernel.org, dvlasenk@redhat.com In-Reply-To: <202c56ca63823c338af8e2e54948dbe222da6343.1426728647.git.luto@kernel.org> References: <202c56ca63823c338af8e2e54948dbe222da6343.1426728647.git.luto@kernel.org> To: linux-tip-commits@vger.kernel.org Subject: [tip:x86/asm] x86/asm/entry: Add user_mode_ignore_vm86() Git-Commit-ID: a67e7277d01ccfd39b0db5a198c2643cc19dd79c X-Mailer: tip-git-log-daemon Robot-ID: Robot-Unsubscribe: Contact to get blacklisted from these emails MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=UTF-8 Content-Disposition: inline Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Commit-ID: a67e7277d01ccfd39b0db5a198c2643cc19dd79c Gitweb: http://git.kernel.org/tip/a67e7277d01ccfd39b0db5a198c2643cc19dd79c Author: Andy Lutomirski AuthorDate: Wed, 18 Mar 2015 18:33:29 -0700 Committer: Ingo Molnar CommitDate: Mon, 23 Mar 2015 11:13:36 +0100 x86/asm/entry: Add user_mode_ignore_vm86() user_mode() is dangerous and user_mode_vm() has a confusing name. Add user_mode_ignore_vm86() (equivalent to current user_mode()). We'll change the small number of legitimate users of user_mode() to user_mode_ignore_vm86(). Inspired by grsec, although this works rather differently. Signed-off-by: Andy Lutomirski Cc: Borislav Petkov Cc: Brad Spengler Cc: Denys Vlasenko Cc: H. Peter Anvin Cc: Linus Torvalds Cc: Thomas Gleixner Link: http://lkml.kernel.org/r/202c56ca63823c338af8e2e54948dbe222da6343.1426728647.git.luto@kernel.org Signed-off-by: Ingo Molnar --- arch/x86/include/asm/ptrace.h | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/arch/x86/include/asm/ptrace.h b/arch/x86/include/asm/ptrace.h index 83b874d..4a040f0 100644 --- a/arch/x86/include/asm/ptrace.h +++ b/arch/x86/include/asm/ptrace.h @@ -121,6 +121,23 @@ static inline int user_mode_vm(struct pt_regs *regs) #endif } +/* + * This is the fastest way to check whether regs come from user space. + * It is unsafe if regs might come from vm86 mode, though -- in vm86 + * mode, all bits of CS and SS are completely under the user's control. + * The CPU considers vm86 mode to be CPL 3 regardless of CS and SS. + * + * Do NOT use this function unless you have already ruled out the + * possibility that regs came from vm86 mode. + * + * We check for RPL != 0 instead of RPL == 3 because we don't use rings + * 1 or 2 and this is more efficient. + */ +static inline int user_mode_ignore_vm86(struct pt_regs *regs) +{ + return (regs->cs & SEGMENT_RPL_MASK) != 0; +} + static inline int v8086_mode(struct pt_regs *regs) { #ifdef CONFIG_X86_32