Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Thu, 14 Nov 2002 14:11:20 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Thu, 14 Nov 2002 14:11:19 -0500 Received: from neon-gw-l3.transmeta.com ([63.209.4.196]:43269 "EHLO neon-gw.transmeta.com") by vger.kernel.org with ESMTP id ; Thu, 14 Nov 2002 14:11:18 -0500 Date: Thu, 14 Nov 2002 11:17:47 -0800 (PST) From: Linus Torvalds To: Andrea Arcangeli cc: Alan Cox , Christoph Hellwig , Leif Sawyer , Kernel Mailing List , Marcelo Tosatti Subject: Re: FW: i386 Linux kernel DoS In-Reply-To: <20021114190014.GQ31697@dualathlon.random> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1591 Lines: 40 On Thu, 14 Nov 2002, Andrea Arcangeli wrote: > > actually TF should cleared implicitly in the do_debug or it could get > the single step trap before you can clear TF explicitly in the entry.S. But that's fine. Getting a single step trap in the kernel is not a problem: the trap will clear TF/NT on the "recursive" kernel entry, and on the recursive "iret" nothing bad will happen. Remember: what is on the _stack_ doesn't matter. The only thing that matters is what is actually in the EFLAGS register itself. > but it's certainly zerocost to clear it explicitly there too just to > remeber it's one of the bits not cleared implicitly in hardware when > entering via lcall. However in 2.5 it seems the clear_TF in do_debug is > still missing. No, do_debug() already does /* Mask out spurious TF errors due to lazy TF clearing */ if (condition & DR_STEP) { if ((regs->xcs & 3) == 0) goto clear_TF; which will make sure that we only get _one_ of these spurious (and harmless) TF traps if somebody tries to mess with us. So that is correct (and your patch is _not_ correct - it's not right checking what the EIP value is, since it doesn't matter. In fact, I think you could quite validly have "big" EIP values in user space by just creating interesting code segments). Linus - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/