Re: [PATCH 0/4] x86: enable User-Mode Instruction Prevention

From: Peter Zijlstra
Date: Tue Nov 08 2016 - 08:16:19 EST

Next message: Daniel Vetter: "Re: [PATCH v7 0/3] drm: add explict fencing"
Previous message: Ivan Khoronzhuk: "[PATCH] net: ethernet: ti: davinci_cpdma: free memory while channel destroy"
In reply to: Ricardo Neri: "Re: [PATCH 2/4] x86: Prepare vm86 tasks to handle User-Mode Instruction Prevention"
Next in thread: Andy Lutomirski: "Re: [PATCH 0/4] x86: enable User-Mode Instruction Prevention"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Nov 07, 2016 at 10:12:09PM -0800, Ricardo Neri wrote:
> There is a caveat, however. Certain applications running in virtual-8086
> mode, such as DOSEMU[1] and Wine[2], want to utilize the SGDT, SIDT and
> SLDT instructions for legitimate reasons. In order to keep such
> applications working, UMIP must be disabled/enabled when entering/exiting
> virtual-8086 mode.

Would it not be better to emulate these instructions for them? What way
we can verify they're not malicious.

Next message: Daniel Vetter: "Re: [PATCH v7 0/3] drm: add explict fencing"
Previous message: Ivan Khoronzhuk: "[PATCH] net: ethernet: ti: davinci_cpdma: free memory while channel destroy"
In reply to: Ricardo Neri: "Re: [PATCH 2/4] x86: Prepare vm86 tasks to handle User-Mode Instruction Prevention"
Next in thread: Andy Lutomirski: "Re: [PATCH 0/4] x86: enable User-Mode Instruction Prevention"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]