Re: [GIT PULL] x86 fixes

From: Andy Lutomirski
Date: Fri Aug 14 2015 - 15:14:42 EST

Next message: Sven Joachim: "Re: CVE-2015-1805 and 3.14-longterm?"
Previous message: Alexander Kuleshov: "Re: [PATCH] mm/memblock: validate the creation of debugfs files"
In reply to: Linus Torvalds: "Re: [GIT PULL] x86 fixes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Aug 14, 2015 at 11:57 AM, Linus Torvalds
<torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
> On Fri, Aug 14, 2015 at 11:46 AM, Andy Lutomirski <luto@xxxxxxxxxxxxxx> wrote:
>>
>> I think it's only slightly broken.
>>
>> This bit:
>>
>> if ((FPU_CS & 4) != 4) { /* Must be in the LDT */
>> /* Can only handle segmented addressing via the LDT
>> for now, and it must be 16 bit */
>> printk("FPU emulator: Unsupported addressing mode\n");
>> math_abort(FPU_info, SIGILL);
>> }
>>
>> code_descriptor = FPU_get_ldt_descriptor(FPU_CS);
>>
>> is buggy, but no buggier than the old code.
>
> That code seems fine to me (and explicitly errors out when it's not in
> the LDT). FPU_CS is actually the CS selector value.
>
> So testing that for being in the LDT by checking bit #2, and then
> using FPU_get_ldt_descriptor() on it actually seems *correct*.
>

By "buggy" I meant that it aborted if it was in the GDT but wasn't
flat. This'll break if anyone does an emulated FP op on TLS data.

--Andy
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Sven Joachim: "Re: CVE-2015-1805 and 3.14-longterm?"
Previous message: Alexander Kuleshov: "Re: [PATCH] mm/memblock: validate the creation of debugfs files"
In reply to: Linus Torvalds: "Re: [GIT PULL] x86 fixes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]