Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention

From: Andy Lutomirski
Date: Fri Mar 31 2017 - 22:19:02 EST

Next message: simran singhal: "[PATCH] staging: iio: light: constify attribute_group structures"
Previous message: okaya: "Re: [RFC 1/8] Introduce Peer-to-Peer memory (p2pmem) device"
In reply to: Stas Sergeev: "Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Mar 31, 2017 at 2:26 PM, Stas Sergeev <stsp@xxxxxxx> wrote:
> 31.03.2017 17:11, Alexandre Julliard ÐÐÑÐÑ:
>>
>> In fact it would be nice to be able to make sidt/sgdt/etc. segfault
>> too. I know a new syscall is a pain,
>
> Maybe arch_prctl() then?

I still like my idea of a generic mechanism to turn off
backwards-compatibility things. After all, hardened programs should
turn off UMIP fixups entirely. They should also turn off vsyscall
emulation entirely, and I see no reason that these mechanisms should
be different.

--Andy

Next message: simran singhal: "[PATCH] staging: iio: light: constify attribute_group structures"
Previous message: okaya: "Re: [RFC 1/8] Introduce Peer-to-Peer memory (p2pmem) device"
In reply to: Stas Sergeev: "Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]