Re: [patch] i386: remove IOPL check on task switch

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Linus Torvalds wrote:
On Sat, 4 Nov 2006, Zachary Amsden wrote:
Ok, checking shows Linus put it back to stop NT leakage.  This is correct, but
unlikely.  Would be nice to avoid it unless absolutely necessary.  Perhaps xor
eflags old and new and only set_system_eflags() if non-ALU bits have changed.

Not just NT. AC also leaked, and caused crashes in other programs (Wine) that didn't expect AC to be set and did unaligned accesses.

Yes, AC, NT, IOPL, ID are bad to leak. DF / TF / RF are impossible to leak by privilege contract. SF, ZF, PF, OF, CF can be clobbered.

VM / VIF / VIP are dealt with in separate switch paths (although I have witnessed a VIF leak once from a userspace process that managed to get VIF set). These can't even be set with popf, and require iret to fix.

But 99% of the time, only SF / ZF / PF / OF / CF will be different, so you can avoid the popf.

Zach
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux