Re: [tip:x86/mpx] x86/insn-eval: Add utility function to get segment descriptor

[Borislav Petkov]

On Tue, Dec 05, 2017 at 06:48:44PM +0100, Peter Zijlstra wrote:
> This is broken right? You unlock and then return @desc, which afaict can
> at that point get freed by free_ldt_struct().
> 
> Something like the below ought to cure; although its not entirely
> pretty either.

Right.

Or, instead of introducing all the locking, we could also not do
anything because all that code runs inside fixup_umip_exception() so the
desc will be valid there.

But, if other code is going to use those functions - and I believe
that's the idea - otherwise they wouldn't be in arch/x86/lib/ - we
should convert all those functions to return directly the desc field
which is requested by the respective caller.

I.e., get_desc() will be called by a wrapper which returns desc base or
desc limit or whatever...

In the case where desc has been freed, it should return error, of
course.

How doed that sound?

-- 
Regards/Gruss,
    Boris.

SUSE Linux GmbH, GF: Felix ImendÃrffer, Jane Smithard, Graham Norton, HRB 21284 (AG NÃrnberg)
--