Re: 2nd Linux kernel patch to remove stack exec
Tue, 15 Apr 1997 14:20:59 -0300 (GMT)


> But what's to say the retf needs to GPF? Can it not change segments
> back to HUGE_CS at the same time? Should be trivial since it is already
> modifying the stack to get to the retf insn.

True. The worst thing is that this problem remains even without the GPF
handler stuff, but the problem is with keeping both descriptors in the GDT.
So, congratulations, you have found a real problem, compared to all the
false alarm stuff that we see in most messages posted on the subject (like
about sending a signal).

I can think of two solutions for this now, possible other ones are welcome:
-- make HUGE_CS have a lower DPL (more privileged);
-- move user descriptors to the LDTs, seems like the Right Thing to do, but
requires a bit too many changes to the existing code; this would also allow
making the data segments non-executable for some processes.

I used the first solution for now, running that right now, as usual. Moved
HUGE_CS to DPL=2 (only privilege levels 0 and 3 were used earlier), and also
had to create a new descriptor for stack, with DPL=2.

I got 100+ messages on the subject in my mailbox right now, I'll be answering
them later today (personally, not to the list), got other stuff to do now.
But I considered answering your message now, since it's the only one with
really new stuff in it. :)

Solar Designer