Re: [PATCH] prctl,x86 Add PR_[GET|SET]_CPUID for controlling the CPUID instruction.

[Andy Lutomirski]

On Sep 12, 2016 10:57 AM, "Jann Horn" <jann@xxxxxxxxx> wrote:
>
> On Mon, Sep 12, 2016 at 09:56:11AM -0700, Andy Lutomirski wrote:
> > On Sep 11, 2016 5:29 PM, "Kyle Huey" <me@xxxxxxxxxxxx> wrote:
> > >
> > > rr (http://rr-project.org/), a userspace record-and-replay reverse-
> > > execution debugger, would like to trap and emulate the CPUID instruction.
> > > This would allow us to a) mask away certain hardware features that rr does
> > > not support (e.g. RDRAND) and b) enable trace portability across machines
> > > by providing constant results.
> > >
> > > Intel supports faulting on the CPUID instruction in newer processors. Bit
> > > 31 of MSR_PLATFORM_INFO advertises support for this feature. It is
> > > documented in detail in Section 2.3.2 of
> > > http://www.intel.com/content/dam/www/public/us/en/documents/application-notes/virtualization-technology-flexmigration-application-note.pdf.
> [...]
> > If this bit is preserved on fork(), then no_new_privs must be checked
> > (or it must be cleared on "unsafe" exec, but that's nasty).
>
> I think you mean "preserved on execve()"?

Indeed.

So it should have defined and tested behavior on fork() and execve().
Maybe fork() should preserve the flag after all.

--Andy