From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754550AbaDMDDH (ORCPT ); Sat, 12 Apr 2014 23:03:07 -0400 Received: from terminus.zytor.com ([198.137.202.10]:59311 "EHLO mail.zytor.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753862AbaDMDDE (ORCPT ); Sat, 12 Apr 2014 23:03:04 -0400 User-Agent: K-9 Mail for Android In-Reply-To: <87lhvahr7z.fsf@tassilo.jf.intel.com> References: <6f5f98f2-aa96-433f-9ee8-5ba216624957@email.android.com> <20140412193541.GA30697@pd.tnic> <21a22ace-fbc3-4f97-a277-9cdf4f2253eb@email.android.com> <5349BD3F.6000402@zytor.com> <87lhvahr7z.fsf@tassilo.jf.intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=UTF-8 Subject: Re: [tip:x86/urgent] x86-64, modify_ldt: Ban 16-bit segments on 64-bit kernels From: "H. Peter Anvin" Date: Sat, 12 Apr 2014 20:02:15 -0700 To: Andi Kleen CC: Linus Torvalds , Borislav Petkov , Brian Gerst , Ingo Molnar , Linux Kernel Mailing List , Thomas Gleixner , stable , "H. Peter Anvin" Message-ID: <79a0dc9e-632c-415d-95b0-4b7c8ccec736@email.android.com> Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org It leaks security sensitive information to userspace and corrupts the upper half of ESP because it lacks the equivalent of the espfix workaround. On April 12, 2014 7:56:48 PM PDT, Andi Kleen wrote: >"H. Peter Anvin" writes: >> >> But yes, we can make it configurable, but the default should almost >> certainly be off. > >Why? Either it works or it doesn't. > >If it works it doesn't make any sense to have a sysctl. > >-Andi -- Sent from my mobile phone. Please pardon brevity and lack of formatting.