Re: [PATCH RFC v2 0/6] x86: Disabling PTI in compatibility mode

From: Nadav Amit
Date: Thu Feb 15 2018 - 19:25:40 EST

Next message: Bjorn Helgaas: "Re: [PATCH] pci: quirk: adding Ampere vendor id to ACS quirk list"
Previous message: Cong Wang: "Re: KASAN: use-after-free Read in sit_tunnel_xmit"
In reply to: Dave Hansen: "Re: [PATCH RFC v2 0/6] x86: Disabling PTI in compatibility mode"
Next in thread: Dave Hansen: "Re: [PATCH RFC v2 0/6] x86: Disabling PTI in compatibility mode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx> wrote:

> On 02/15/2018 08:35 AM, Nadav Amit wrote:
>> I removed the PTI disabling while SMEP is unsupported, although I
>> must admit I did not fully understand why it is required.
>
> Do you mean you don't fully understand how PTI gives SMEP-like behavior
> on non-SMEP hardware?

No. I understand how it provide SMEP-like behavior, and I understand the value
of SMEP by itself.

However, I do not understand why SMEP-like protection is required to protect
processes that run in compatibility-mode from Meltdown/Spectre attacks. As
far as I understand, the process should not be able to manipulate the kernel
to execute code in the low 4GB.

Next message: Bjorn Helgaas: "Re: [PATCH] pci: quirk: adding Ampere vendor id to ACS quirk list"
Previous message: Cong Wang: "Re: KASAN: use-after-free Read in sit_tunnel_xmit"
In reply to: Dave Hansen: "Re: [PATCH RFC v2 0/6] x86: Disabling PTI in compatibility mode"
Next in thread: Dave Hansen: "Re: [PATCH RFC v2 0/6] x86: Disabling PTI in compatibility mode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]