Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S966464AbcKKEPD (ORCPT ); Thu, 10 Nov 2016 23:15:03 -0500 Received: from mga03.intel.com ([134.134.136.65]:22919 "EHLO mga03.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S965482AbcKKEPA (ORCPT ); Thu, 10 Nov 2016 23:15:00 -0500 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.31,620,1473145200"; d="scan'208";a="1058133740" Message-ID: <1478837698.2542.9.camel@ranerica-desktop> Subject: Re: [PATCH 0/4] x86: enable User-Mode Instruction Prevention From: Ricardo Neri To: Stas Sergeev Cc: Andy Lutomirski , Peter Zijlstra , Ingo Molnar , Thomas Gleixner , "H. Peter Anvin" , "linux-kernel@vger.kernel.org" , X86 ML , "linux-doc@vger.kernel.org" , Andy Lutomirski , Andrew Morton , Borislav Petkov , Brian Gerst , Chen Yucong , Chris Metcalf , Dave Hansen , Fenghua Yu , Huang Rui , Jiri Slaby , Jonathan Corbet , "Michael S . Tsirkin" , Paul Gortmaker , "Ravi V . Shankar" , Vlastimil Babka , Shuah Khan , linux-msdos@vger.kernel.org Date: Thu, 10 Nov 2016 20:14:58 -0800 In-Reply-To: References: <1478585533-19406-1-git-send-email-ricardo.neri-calderon@linux.intel.com> <20161108131600.GF3117@twins.programming.kicks-ass.net> <1478665889.2533.8.camel@ranerica-desktop> <1478760361.2551.21.camel@ranerica-desktop> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.10.4-0ubuntu2 Mime-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2321 Lines: 54 On Thu, 2016-11-10 at 11:52 +0300, Stas Sergeev wrote: > Hi! > > I don't know the context of that discussion, so I'll only > comment on the dosemu part. I'm sorry! I will cc you and the linux-msdos list in my v2. > > 10.11.2016 09:46, Ricardo Neri пишет: > > I took a closer look at the dosemu code. It appears that it does not > > purposely utilize SGDT to obtain the descriptor table while in vm86. It > > does use SGDT (in protected mode) to emulate certain functionality such > > as the Virtual xxx Driver. In such a case, UMIP needs to be disabled. > > However, this code seems to be disabled [1]. > Indeed. > The code you've found, was copied from wine, because > dosemu supports windows-3.1. But sgdt is in win32s part > that is disabled in dosemu. It is however enabled in wine, or > at least it was when I ported the VxD code from there. So you > may want to ask wine devs if they still use sgdt and vm86. > In dosemu, if we ever enable win32s support, we won't rely > on sgdt. In fact, when some prot mode program under dosemu > uses GDT selectors, in a fault handler we replace them with > LDT selectors. Actually, the SLDT instruction is also impacted by this feature. This feature, will cause a GP fault if the instructions SGDT, SLDT, SIDT, SMSW or STR are executed with CPL > 0. Would this be a problem for dosemu? The proposal now is to trap this GPU fault and give fake value for these tables. > > > dosemu includes an i386 > > emulator that in some cases uses the actual instructions of the host > > system. > In dosemu2 code, the places you've found, now contain this: > error("SGDT not implemented\n"); > If we ever support SGDT, we'll use some emulation/fake values. > > So overall, dosemu is not going to willingly use sgdt in any > near future. But the programs running under vm86 or in prot mode > may do so. This is very uncommon though, especially under dosemu, > because it supports only a "polite" programs - those that work > under win95's dos prompt. No one would get sufficiently hurt if > sgdt under vm86 will somehow change from its current behaviour. This is good news. This means that we could go ahead and give a fake pointer to the GDT and the other impacted tables? > > You can ask wine people for their sgdt use in win32s subsystem. Will do. Thanks and BR, Ricardo