Actually, Miguel Angel Rodriguez Jodar <rodriguj@DRAGO.FIE.US.ES>
forwarded a message (originally from Jim Brooks <jim@jimbrooks.org>)
to BUGTRAQ about this possible solution.
What Jim Brooks had discovered was that, if the IDT gate descriptor
for the invalid opcode exception had been cached (by first executing a
"legitimate" invalid opcode), then the F0 0F C7 C8 would not cause a
hang.
Miguel pointed out that, because the internal cache could be locked,
this cached gate descriptor could be made permanent, at a horrible
performance penalty.
HOWEVER, if Jim Brooks is right in his explanation, then we're talking
about a cached gate descriptor, which has nothing to do with the
"internal cache" we normally talk about; the descriptor is cached
elsewhere.
If, as I assume (and I am clueless), the Pentium has a dedicated cache
for a single IDT gate descriptor, then it might be possible to work
around the bug by executing an invalid opcode (to recache the invalid
opcode descriptor) whenever the "last used IDT descriptor" might have
changed.
That is, it might be possible to finish off every interrupt handler by
executing (and handling) an illegal opcode. Presumably this would have
to be done back out in user space, to prevent a double fault. We
would suffer a performance penalty, but it might be worth it.
Any comments on workability from folks with a clue?
Kevin <buhr@stat.wisc.edu>