From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754608AbcKJIxD (ORCPT ); Thu, 10 Nov 2016 03:53:03 -0500 Received: from smtp42.i.mail.ru ([94.100.177.102]:36750 "EHLO smtp42.i.mail.ru" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752760AbcKJIxA (ORCPT ); Thu, 10 Nov 2016 03:53:00 -0500 Subject: Re: [PATCH 0/4] x86: enable User-Mode Instruction Prevention To: Ricardo Neri , Andy Lutomirski References: <1478585533-19406-1-git-send-email-ricardo.neri-calderon@linux.intel.com> <20161108131600.GF3117@twins.programming.kicks-ass.net> <1478665889.2533.8.camel@ranerica-desktop> <1478760361.2551.21.camel@ranerica-desktop> Cc: Peter Zijlstra , Ingo Molnar , Thomas Gleixner , "H. Peter Anvin" , "linux-kernel@vger.kernel.org" , X86 ML , "linux-doc@vger.kernel.org" , Andy Lutomirski , Andrew Morton , Borislav Petkov , Brian Gerst , Chen Yucong , Chris Metcalf , Dave Hansen , Fenghua Yu , Huang Rui , Jiri Slaby , Jonathan Corbet , "Michael S . Tsirkin" , Paul Gortmaker , "Ravi V . Shankar" , Vlastimil Babka , Shuah Khan , linux-msdos@vger.kernel.org From: Stas Sergeev Message-ID: Date: Thu, 10 Nov 2016 11:52:27 +0300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0 MIME-Version: 1.0 In-Reply-To: <1478760361.2551.21.camel@ranerica-desktop> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Authentication-Results: smtp42.i.mail.ru; auth=pass smtp.auth=stsp@list.ru smtp.mailfrom=stsp@list.ru X-E1FCDC63: A175A3C97515CEC3D2D16639ECEF62D74C6784DEA8096F07 X-E1FCDC64: B649B4776E4580AB45821A7A6DE0F64746C43E09F4250DA1541E34F3BF10FBF4 X-Mailru-Sender: CD12F6D16A91A659C71BA12F480A5E3EFDDF64869902C3CE3EA33352FFC90524CCC3FDFDBB716E77C5C7FD16981B76AE X-Mras: OK Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi! I don't know the context of that discussion, so I'll only comment on the dosemu part. 10.11.2016 09:46, Ricardo Neri пишет: > I took a closer look at the dosemu code. It appears that it does not > purposely utilize SGDT to obtain the descriptor table while in vm86. It > does use SGDT (in protected mode) to emulate certain functionality such > as the Virtual xxx Driver. In such a case, UMIP needs to be disabled. > However, this code seems to be disabled [1]. Indeed. The code you've found, was copied from wine, because dosemu supports windows-3.1. But sgdt is in win32s part that is disabled in dosemu. It is however enabled in wine, or at least it was when I ported the VxD code from there. So you may want to ask wine devs if they still use sgdt and vm86. In dosemu, if we ever enable win32s support, we won't rely on sgdt. In fact, when some prot mode program under dosemu uses GDT selectors, in a fault handler we replace them with LDT selectors. > dosemu includes an i386 > emulator that in some cases uses the actual instructions of the host > system. In dosemu2 code, the places you've found, now contain this: error("SGDT not implemented\n"); If we ever support SGDT, we'll use some emulation/fake values. So overall, dosemu is not going to willingly use sgdt in any near future. But the programs running under vm86 or in prot mode may do so. This is very uncommon though, especially under dosemu, because it supports only a "polite" programs - those that work under win95's dos prompt. No one would get sufficiently hurt if sgdt under vm86 will somehow change from its current behaviour. You can ask wine people for their sgdt use in win32s subsystem. From mboxrd@z Thu Jan 1 00:00:00 1970 From: Stas Sergeev Subject: Re: [PATCH 0/4] x86: enable User-Mode Instruction Prevention Date: Thu, 10 Nov 2016 11:52:27 +0300 Message-ID: References: <1478585533-19406-1-git-send-email-ricardo.neri-calderon@linux.intel.com> <20161108131600.GF3117@twins.programming.kicks-ass.net> <1478665889.2533.8.camel@ranerica-desktop> <1478760361.2551.21.camel@ranerica-desktop> Mime-Version: 1.0 Content-Transfer-Encoding: 8bit Return-path: DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=list.ru; s=mail; h=Content-Transfer-Encoding:Content-Type:In-Reply-To:MIME-Version:Date:Message-ID:From:Cc:References:To:Subject; bh=6AW8P+jZg1F/2oFyW1svi2WshWl9lOKus7aPx1crCj4=; b=UjJFWihRx1yBFC67gS6O2zXKoha6ruIipPeElQ6qJNVTKw3+GhD6prFVCNCclBgdMO7aLO0hRoU0lSjcYvZLXHG98ECaM71xPx+q6k/R4TMWaWsaQ4lg2rcbM8YUOU35CpayICgMPf5VM5RbqByc4+5dzIQ+AsQo2zr6Ox6tTI8=; In-Reply-To: <1478760361.2551.21.camel@ranerica-desktop> Sender: linux-kernel-owner@vger.kernel.org List-ID: Content-Type: text/plain; charset="utf-8"; format="flowed" To: Ricardo Neri , Andy Lutomirski Cc: Peter Zijlstra , Ingo Molnar , Thomas Gleixner , "H. Peter Anvin" , "linux-kernel@vger.kernel.org" , X86 ML , "linux-doc@vger.kernel.org" , Andy Lutomirski , Andrew Morton , Borislav Petkov , Brian Gerst , Chen Yucong , Chris Metcalf , Dave Hansen , Fenghua Yu , Huang Rui , Jiri Slaby , Jonathan Corbet , "Michael S . Tsirkin" , Paul Gortmaker Hi! I don't know the context of that discussion, so I'll only comment on the dosemu part. 10.11.2016 09:46, Ricardo Neri пишет: > I took a closer look at the dosemu code. It appears that it does not > purposely utilize SGDT to obtain the descriptor table while in vm86. It > does use SGDT (in protected mode) to emulate certain functionality such > as the Virtual xxx Driver. In such a case, UMIP needs to be disabled. > However, this code seems to be disabled [1]. Indeed. The code you've found, was copied from wine, because dosemu supports windows-3.1. But sgdt is in win32s part that is disabled in dosemu. It is however enabled in wine, or at least it was when I ported the VxD code from there. So you may want to ask wine devs if they still use sgdt and vm86. In dosemu, if we ever enable win32s support, we won't rely on sgdt. In fact, when some prot mode program under dosemu uses GDT selectors, in a fault handler we replace them with LDT selectors. > dosemu includes an i386 > emulator that in some cases uses the actual instructions of the host > system. In dosemu2 code, the places you've found, now contain this: error("SGDT not implemented\n"); If we ever support SGDT, we'll use some emulation/fake values. So overall, dosemu is not going to willingly use sgdt in any near future. But the programs running under vm86 or in prot mode may do so. This is very uncommon though, especially under dosemu, because it supports only a "polite" programs - those that work under win95's dos prompt. No one would get sufficiently hurt if sgdt under vm86 will somehow change from its current behaviour. You can ask wine people for their sgdt use in win32s subsystem.