From: Stas Sergeev <stsp@list.ru>
To: Andy Lutomirski <luto@amacapital.net>
Cc: Ricardo Neri <ricardo.neri-calderon@linux.intel.com>,
Ingo Molnar <mingo@redhat.com>,
Thomas Gleixner <tglx@linutronix.de>,
"H. Peter Anvin" <hpa@zytor.com>,
Andy Lutomirski <luto@kernel.org>, Borislav Petkov <bp@suse.de>,
Peter Zijlstra <peterz@infradead.org>,
Andrew Morton <akpm@linux-foundation.org>,
Brian Gerst <brgerst@gmail.com>,
Chris Metcalf <cmetcalf@mellanox.com>,
Dave Hansen <dave.hansen@linux.intel.com>,
Paolo Bonzini <pbonzini@redhat.com>,
Liang Z Li <liang.z.li@intel.com>,
Masami Hiramatsu <mhiramat@kernel.org>,
Huang Rui <ray.huang@amd.com>, Jiri Slaby <jslaby@suse.cz>,
Jonathan Corbet <corbet@lwn.net>,
"Michael S. Tsirkin" <mst@redhat.com>,
Paul Gortmaker <paul.gortmaker@windriver.com>,
Vlastimil Babka <vbabka@suse.cz>, Chen Yucong <slaoub@gmail.com>,
Alexandre Julliard <julliard@winehq.org>,
Fenghua Yu <fenghua.yu@intel.com>,
"Ravi V. Shankar" <ravi.v.shankar@intel.com>,
Shuah Khan <shuah@kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
X86 ML <x86@kernel.org>,
linux-msdos@vger.kernel.org, wine-devel@winehq.org
Subject: Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention
Date: Wed, 8 Mar 2017 19:29:31 +0300 [thread overview]
Message-ID: <997ba581-ecfa-b773-a48e-85b92a439836@list.ru> (raw)
In-Reply-To: <CALCETrX4D13Q4LRxGrQzXQCWvaRpq7sG0ws8CpB_bM4rKQ4W_A@mail.gmail.com>
08.03.2017 19:06, Andy Lutomirski пишет:
> On Wed, Mar 8, 2017 at 6:08 AM, Stas Sergeev <stsp@list.ru> wrote:
>> 08.03.2017 03:32, Ricardo Neri пишет:
>>> These are the instructions covered by UMIP:
>>> * SGDT - Store Global Descriptor Table
>>> * SIDT - Store Interrupt Descriptor Table
>>> * SLDT - Store Local Descriptor Table
>>> * SMSW - Store Machine Status Word
>>> * STR - Store Task Register
>>>
>>> This patchset initially treated tasks running in virtual-8086 mode as a
>>> special case. However, I received clarification that DOSEMU[8] does not
>>> support applications that use these instructions.
> Can you remind me what was special about it? It looks like you still
> emulate them in v8086 mode.
Indeed, sorry, I meant prot mode here. :)
So I wonder what was cited to be special about v86.
>> Yes, this is the case.
>> But at least in the past there was an attempt to
>> support SLDT as it is used by an ancient pharlap
>> DOS extender (currently unsupported by dosemu1/2).
>> So how difficult would it be to add an optional
>> possibility of delivering such SIGSEGV to userspace
>> so that the kernel's dummy emulation can be overridden?
>> It doesn't need to be a matter of this particular
>> patch set, i.e. this proposal should not trigger a
>> v7 resend of all 21 patches. :) But it would be useful
>> for the future development of dosemu2.
> What I'd actually like to see is a totally separate patchset that adds
> an inheritable (but reset on exec) per-task mask of legacy
> compatibility features to disable. Maybe:
>
> sys_adjust_compat_mask(int op, int word, u32 mask);
No no, since I meant prot mode, this is not what I need.
I would never need to disable UMIP as to allow the
prot mode apps to do SLDT. Instead it would be good
to have an ability to provide a replacement for the dummy
emulation that is currently being proposed for kernel.
All is needed for this, is just to deliver a SIGSEGV.
WARNING: multiple messages have this Message-ID (diff)
From: Stas Sergeev <stsp@list.ru>
To: Andy Lutomirski <luto@amacapital.net>
Cc: Ricardo Neri <ricardo.neri-calderon@linux.intel.com>,
Ingo Molnar <mingo@redhat.com>,
Thomas Gleixner <tglx@linutronix.de>,
"H. Peter Anvin" <hpa@zytor.com>,
Andy Lutomirski <luto@kernel.org>, Borislav Petkov <bp@suse.de>,
Peter Zijlstra <peterz@infradead.org>,
Andrew Morton <akpm@linux-foundation.org>,
Brian Gerst <brgerst@gmail.com>,
Chris Metcalf <cmetcalf@mellanox.com>,
Dave Hansen <dave.hansen@linux.intel.com>,
Paolo Bonzini <pbonzini@redhat.com>,
Liang Z Li <liang.z.li@intel.com>,
Masami Hiramatsu <mhiramat@kernel.org>,
Huang Rui <ray.huang@amd.com>, Jiri Slaby <jslaby@suse.cz>,
Jonathan Corbet <corbet@lwn.net>,
"Michael S. Tsirkin" <mst@redhat.com>,
Paul Gortmaker <paul.gortmaker@windriver.com>,
Vlastimil Babka <vbabka@suse.cz>
Subject: Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention
Date: Wed, 8 Mar 2017 19:29:31 +0300 [thread overview]
Message-ID: <997ba581-ecfa-b773-a48e-85b92a439836@list.ru> (raw)
In-Reply-To: <CALCETrX4D13Q4LRxGrQzXQCWvaRpq7sG0ws8CpB_bM4rKQ4W_A@mail.gmail.com>
08.03.2017 19:06, Andy Lutomirski пишет:
> On Wed, Mar 8, 2017 at 6:08 AM, Stas Sergeev <stsp@list.ru> wrote:
>> 08.03.2017 03:32, Ricardo Neri пишет:
>>> These are the instructions covered by UMIP:
>>> * SGDT - Store Global Descriptor Table
>>> * SIDT - Store Interrupt Descriptor Table
>>> * SLDT - Store Local Descriptor Table
>>> * SMSW - Store Machine Status Word
>>> * STR - Store Task Register
>>>
>>> This patchset initially treated tasks running in virtual-8086 mode as a
>>> special case. However, I received clarification that DOSEMU[8] does not
>>> support applications that use these instructions.
> Can you remind me what was special about it? It looks like you still
> emulate them in v8086 mode.
Indeed, sorry, I meant prot mode here. :)
So I wonder what was cited to be special about v86.
>> Yes, this is the case.
>> But at least in the past there was an attempt to
>> support SLDT as it is used by an ancient pharlap
>> DOS extender (currently unsupported by dosemu1/2).
>> So how difficult would it be to add an optional
>> possibility of delivering such SIGSEGV to userspace
>> so that the kernel's dummy emulation can be overridden?
>> It doesn't need to be a matter of this particular
>> patch set, i.e. this proposal should not trigger a
>> v7 resend of all 21 patches. :) But it would be useful
>> for the future development of dosemu2.
> What I'd actually like to see is a totally separate patchset that adds
> an inheritable (but reset on exec) per-task mask of legacy
> compatibility features to disable. Maybe:
>
> sys_adjust_compat_mask(int op, int word, u32 mask);
No no, since I meant prot mode, this is not what I need.
I would never need to disable UMIP as to allow the
prot mode apps to do SLDT. Instead it would be good
to have an ability to provide a replacement for the dummy
emulation that is currently being proposed for kernel.
All is needed for this, is just to deliver a SIGSEGV.
next prev parent reply other threads:[~2017-03-08 22:20 UTC|newest]
Thread overview: 222+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-03-08 0:32 [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention Ricardo Neri
2017-03-08 0:32 ` Ricardo Neri
2017-03-08 0:32 ` [v6 PATCH 01/21] x86/mpx: Use signed variables to compute effective addresses Ricardo Neri
2017-03-08 0:32 ` Ricardo Neri
2017-04-11 21:56 ` Borislav Petkov
2017-04-11 21:56 ` Borislav Petkov
2017-04-26 1:40 ` Ricardo Neri
2017-04-26 1:40 ` Ricardo Neri
2017-03-08 0:32 ` [v6 PATCH 02/21] x86/mpx: Do not use SIB index if index points to R/ESP Ricardo Neri
2017-03-08 0:32 ` Ricardo Neri
2017-04-11 11:31 ` Borislav Petkov
2017-04-11 11:31 ` Borislav Petkov
2017-04-26 1:39 ` Ricardo Neri
2017-04-26 1:39 ` Ricardo Neri
2017-03-08 0:32 ` [v6 PATCH 03/21] x86/mpx: Do not use R/EBP as base in the SIB byte with Mod = 0 Ricardo Neri
2017-03-08 0:32 ` Ricardo Neri
2017-04-11 22:08 ` Borislav Petkov
2017-04-11 22:08 ` Borislav Petkov
2017-04-26 2:04 ` Ricardo Neri
2017-04-26 2:04 ` Ricardo Neri
2017-04-26 8:05 ` Borislav Petkov
2017-04-26 8:05 ` Borislav Petkov
2017-04-27 22:49 ` Ricardo Neri
2017-04-27 22:49 ` Ricardo Neri
2017-03-08 0:32 ` [v6 PATCH 04/21] x86/mpx, x86/insn: Relocate insn util functions to a new insn-kernel Ricardo Neri
2017-03-08 0:32 ` Ricardo Neri
2017-04-12 10:03 ` Borislav Petkov
2017-04-12 10:03 ` Borislav Petkov
2017-04-26 2:05 ` Ricardo Neri
2017-04-26 2:05 ` Ricardo Neri
2017-03-08 0:32 ` [v6 PATCH 05/21] x86/insn-eval: Add utility functions to get register offsets Ricardo Neri
2017-03-08 0:32 ` Ricardo Neri
2017-04-12 16:28 ` Borislav Petkov
2017-04-12 16:28 ` Borislav Petkov
2017-04-26 18:13 ` Ricardo Neri
2017-04-26 18:13 ` Ricardo Neri
2017-04-28 10:40 ` Borislav Petkov
2017-04-28 10:40 ` Borislav Petkov
2017-03-08 0:32 ` [v6 PATCH 06/21] x86/insn-eval: Add utility functions to get segment selector Ricardo Neri
2017-03-08 0:32 ` Ricardo Neri
2017-04-18 9:42 ` Borislav Petkov
2017-04-18 9:42 ` Borislav Petkov
2017-04-26 20:44 ` Ricardo Neri
2017-04-26 20:44 ` Ricardo Neri
2017-04-26 20:47 ` Ricardo Neri
2017-04-26 20:47 ` Ricardo Neri
2017-04-30 17:15 ` Borislav Petkov
2017-04-30 17:15 ` Borislav Petkov
2017-05-05 18:31 ` Ricardo Neri
2017-05-05 18:31 ` Ricardo Neri
2017-03-08 0:32 ` [v6 PATCH 07/21] x86/insn-eval: Add utility function to get segment descriptor Ricardo Neri
2017-03-08 0:32 ` Ricardo Neri
2017-04-19 10:26 ` Borislav Petkov
2017-04-19 10:26 ` Borislav Petkov
2017-04-26 21:51 ` Ricardo Neri
2017-04-26 21:51 ` Ricardo Neri
2017-05-04 11:02 ` Borislav Petkov
2017-05-04 11:02 ` Borislav Petkov
2017-05-12 2:13 ` Ricardo Neri
2017-05-12 2:13 ` Ricardo Neri
2017-05-15 17:27 ` Borislav Petkov
2017-05-15 17:27 ` Borislav Petkov
2017-03-08 0:32 ` [v6 PATCH 08/21] x86/insn-eval: Add utility function to get segment descriptor base address Ricardo Neri
2017-03-08 0:32 ` Ricardo Neri
2017-04-20 8:25 ` Borislav Petkov
2017-04-20 8:25 ` Borislav Petkov
2017-04-26 22:37 ` Ricardo Neri
2017-04-26 22:37 ` Ricardo Neri
2017-05-05 17:19 ` Borislav Petkov
2017-05-05 17:19 ` Borislav Petkov
2017-05-12 2:09 ` Ricardo Neri
2017-05-12 2:09 ` Ricardo Neri
2017-04-26 22:52 ` Ricardo Neri
2017-04-26 22:52 ` Ricardo Neri
2017-05-05 17:28 ` Borislav Petkov
2017-05-05 17:28 ` Borislav Petkov
2017-05-12 2:06 ` Ricardo Neri
2017-05-12 2:06 ` Ricardo Neri
2017-03-08 0:32 ` [v6 PATCH 09/21] x86/insn-eval: Add functions to get default operand and address sizes Ricardo Neri
2017-03-08 0:32 ` Ricardo Neri
2017-04-20 13:06 ` Borislav Petkov
2017-04-20 13:06 ` Borislav Petkov
2017-04-27 1:07 ` Ricardo Neri
2017-04-27 1:07 ` Ricardo Neri
2017-03-08 0:32 ` [v6 PATCH 10/21] x86/insn-eval: Do not use R/EBP as base if mod in ModRM is zero Ricardo Neri
2017-03-08 0:32 ` Ricardo Neri
2017-04-21 10:52 ` Borislav Petkov
2017-04-21 10:52 ` Borislav Petkov
2017-04-27 1:29 ` Ricardo Neri
2017-04-27 1:29 ` Ricardo Neri
2017-05-07 17:20 ` Borislav Petkov
2017-05-07 17:20 ` Borislav Petkov
2017-05-12 1:57 ` Ricardo Neri
2017-05-12 1:57 ` Ricardo Neri
2017-03-08 0:32 ` [v6 PATCH 11/21] insn/eval: Incorporate segment base in address computation Ricardo Neri
2017-03-08 0:32 ` Ricardo Neri
2017-04-21 14:55 ` Borislav Petkov
2017-04-21 14:55 ` Borislav Petkov
2017-04-27 1:31 ` Ricardo Neri
2017-04-27 1:31 ` Ricardo Neri
2017-03-08 0:32 ` [v6 PATCH 12/21] x86/insn: Support both signed 32-bit and 64-bit effective addresses Ricardo Neri
2017-03-08 0:32 ` Ricardo Neri
2017-04-25 13:51 ` Borislav Petkov
2017-04-25 13:51 ` Borislav Petkov
2017-04-27 3:33 ` Ricardo Neri
2017-04-27 3:33 ` Ricardo Neri
2017-05-08 11:42 ` Borislav Petkov
2017-05-08 11:42 ` Borislav Petkov
2017-05-12 1:55 ` Ricardo Neri
2017-05-12 1:55 ` Ricardo Neri
2017-03-08 0:32 ` [v6 PATCH 13/21] x86/insn-eval: Add support to resolve 16-bit addressing encodings Ricardo Neri
2017-03-08 0:32 ` Ricardo Neri
2017-03-08 0:32 ` [v6 PATCH 14/21] x86/insn-eval: Add wrapper function for 16-bit and 32-bit address encodings Ricardo Neri
2017-03-08 0:32 ` Ricardo Neri
2017-03-08 0:32 ` [v6 PATCH 15/21] x86/mm: Relocate page fault error codes to traps.h Ricardo Neri
2017-03-08 0:32 ` Ricardo Neri
2017-03-08 16:08 ` Andy Lutomirski
2017-03-08 16:08 ` Andy Lutomirski
2017-03-08 0:32 ` [v6 PATCH 16/21] x86/cpufeature: Add User-Mode Instruction Prevention definitions Ricardo Neri
2017-03-08 0:32 ` Ricardo Neri
2017-03-08 0:32 ` [v6 PATCH 17/21] x86: Add emulation code for UMIP instructions Ricardo Neri
2017-03-08 0:32 ` Ricardo Neri
2017-03-08 0:32 ` [v6 PATCH 18/21] x86/umip: Force a page fault when unable to copy emulated result to user Ricardo Neri
2017-03-08 0:32 ` Ricardo Neri
2017-03-08 0:32 ` [v6 PATCH 19/21] x86/traps: Fixup general protection faults caused by UMIP Ricardo Neri
2017-03-08 0:32 ` Ricardo Neri
2017-03-08 15:54 ` Andy Lutomirski
2017-03-08 15:54 ` Andy Lutomirski
2017-03-08 0:32 ` [v6 PATCH 20/21] x86: Enable User-Mode Instruction Prevention Ricardo Neri
2017-03-08 0:32 ` Ricardo Neri
2017-03-08 0:32 ` [v6 PATCH 21/21] selftests/x86: Add tests for " Ricardo Neri
2017-03-08 0:32 ` Ricardo Neri
2017-03-08 15:56 ` Andy Lutomirski
2017-03-08 15:56 ` Andy Lutomirski
2017-03-10 23:38 ` Ricardo Neri
2017-03-10 23:38 ` Ricardo Neri
2017-03-08 14:08 ` [v6 PATCH 00/21] x86: Enable " Stas Sergeev
2017-03-08 14:08 ` Stas Sergeev
2017-03-08 16:06 ` Andy Lutomirski
2017-03-08 16:06 ` Andy Lutomirski
2017-03-08 16:29 ` Stas Sergeev [this message]
2017-03-08 16:29 ` Stas Sergeev
2017-03-08 16:46 ` Andy Lutomirski
2017-03-08 16:46 ` Andy Lutomirski
2017-03-08 16:53 ` Stas Sergeev
2017-03-08 16:53 ` Stas Sergeev
2017-03-09 1:11 ` Ricardo Neri
2017-03-09 1:11 ` Ricardo Neri
2017-03-09 22:05 ` Stas Sergeev
2017-03-09 22:05 ` Stas Sergeev
2017-03-10 2:41 ` Andy Lutomirski
2017-03-10 2:41 ` Andy Lutomirski
2017-03-10 10:30 ` Stas Sergeev
2017-03-10 10:30 ` Stas Sergeev
2017-03-10 21:04 ` Andy Lutomirski
2017-03-10 21:04 ` Andy Lutomirski
2017-03-10 21:37 ` Stas Sergeev
2017-03-10 21:37 ` Stas Sergeev
2017-03-09 1:15 ` Ricardo Neri
2017-03-09 1:15 ` Ricardo Neri
2017-03-09 22:10 ` Stas Sergeev
2017-03-09 22:10 ` Stas Sergeev
2017-03-10 2:39 ` Andy Lutomirski
2017-03-10 2:39 ` Andy Lutomirski
2017-03-10 11:33 ` Stas Sergeev
2017-03-10 11:33 ` Stas Sergeev
2017-03-10 14:17 ` Andy Lutomirski
2017-03-10 14:17 ` Andy Lutomirski
2017-03-11 1:22 ` Ricardo Neri
2017-03-11 1:22 ` Ricardo Neri
2017-03-10 23:59 ` Ricardo Neri
2017-03-10 23:59 ` Ricardo Neri
2017-03-13 21:25 ` Stas Sergeev
2017-03-13 21:25 ` Stas Sergeev
2017-03-27 23:46 ` Ricardo Neri
2017-03-27 23:46 ` Ricardo Neri
2017-03-28 9:38 ` Stas Sergeev
2017-03-28 9:38 ` Stas Sergeev
2017-03-29 4:38 ` Ricardo Neri
2017-03-29 4:38 ` Ricardo Neri
2017-03-29 20:55 ` Stas Sergeev
2017-03-29 20:55 ` Stas Sergeev
2017-03-30 5:14 ` Ricardo Neri
2017-03-30 5:14 ` Ricardo Neri
2017-03-30 10:10 ` Stas Sergeev
2017-03-30 10:10 ` Stas Sergeev
2017-03-31 1:33 ` Ricardo Neri
2017-03-31 1:33 ` Ricardo Neri
2017-03-31 14:11 ` Alexandre Julliard
2017-03-31 14:11 ` Alexandre Julliard
2017-03-31 21:26 ` Stas Sergeev
2017-03-31 21:26 ` Stas Sergeev
2017-04-01 2:18 ` Andy Lutomirski
2017-04-01 2:18 ` Andy Lutomirski
2017-04-04 2:02 ` Ricardo Neri
2017-04-04 2:02 ` Ricardo Neri
2017-04-04 6:08 ` Alexandre Julliard
2017-04-04 6:08 ` Alexandre Julliard
2017-04-01 13:08 ` Stas Sergeev
2017-04-01 13:08 ` Stas Sergeev
2017-04-01 17:49 ` H. Peter Anvin
2017-04-01 17:49 ` H. Peter Anvin
2017-04-02 15:52 ` Andy Lutomirski
2017-04-04 9:59 ` Stas Sergeev
2017-04-04 2:05 ` Ricardo Neri
2017-04-04 2:05 ` Ricardo Neri
2017-04-04 8:03 ` Stas Sergeev
2017-04-04 8:03 ` Stas Sergeev
2017-03-10 23:58 ` Ricardo Neri
2017-03-10 23:58 ` Ricardo Neri
2017-03-09 0:46 ` Ricardo Neri
2017-03-09 0:46 ` Ricardo Neri
2017-03-09 22:01 ` Stas Sergeev
2017-03-09 22:01 ` Stas Sergeev
2017-03-10 23:47 ` Ricardo Neri
2017-03-10 23:47 ` Ricardo Neri
2017-03-10 23:58 ` Stas Sergeev
2017-03-10 23:58 ` Stas Sergeev
2017-03-11 0:13 ` Ricardo Neri
2017-03-11 0:13 ` Ricardo Neri
2017-03-08 16:07 ` Andy Lutomirski
2017-03-08 16:07 ` Andy Lutomirski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=997ba581-ecfa-b773-a48e-85b92a439836@list.ru \
--to=stsp@list.ru \
--cc=akpm@linux-foundation.org \
--cc=bp@suse.de \
--cc=brgerst@gmail.com \
--cc=cmetcalf@mellanox.com \
--cc=corbet@lwn.net \
--cc=dave.hansen@linux.intel.com \
--cc=fenghua.yu@intel.com \
--cc=hpa@zytor.com \
--cc=jslaby@suse.cz \
--cc=julliard@winehq.org \
--cc=liang.z.li@intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-msdos@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=luto@kernel.org \
--cc=mhiramat@kernel.org \
--cc=mingo@redhat.com \
--cc=mst@redhat.com \
--cc=paul.gortmaker@windriver.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=ravi.v.shankar@intel.com \
--cc=ray.huang@amd.com \
--cc=ricardo.neri-calderon@linux.intel.com \
--cc=shuah@kernel.org \
--cc=slaoub@gmail.com \
--cc=tglx@linutronix.de \
--cc=vbabka@suse.cz \
--cc=wine-devel@winehq.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.