Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751099AbdDACSs convert rfc822-to-8bit (ORCPT ); Fri, 31 Mar 2017 22:18:48 -0400 Received: from mail.kernel.org ([198.145.29.136]:39706 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750769AbdDACSr (ORCPT ); Fri, 31 Mar 2017 22:18:47 -0400 MIME-Version: 1.0 In-Reply-To: <6010f93e-ce0a-9476-b2fa-041dbf6c8f75@list.ru> References: <20170308003254.27833-1-ricardo.neri-calderon@linux.intel.com> <79ba0fff-4c01-2bfa-06cb-5cfc98dd710c@list.ru> <997ba581-ecfa-b773-a48e-85b92a439836@list.ru> <1489022122.131264.33.camel@ranerica-desktop> <63231222-5b42-c8c9-02f0-0afbe702d8b5@list.ru> <1489190396.131264.47.camel@ranerica-desktop> <6331deea-e9b0-fcfe-b75d-8100f37a615a@list.ru> <1490658399.2647.14.camel@ranerica-desktop> <1490762284.2647.24.camel@ranerica-desktop> <2a9c7bfd-e85c-2673-d3b5-906fe7dd8db4@list.ru> <1490850848.2647.28.camel@ranerica-desktop> <3f1f1632-ae64-34f7-70ef-d4f8091cd5c1@list.ru> <1490924035.2647.35.camel@ranerica-desktop> <87vaqppmc1.fsf@winehq.org> <6010f93e-ce0a-9476-b2fa-041dbf6c8f75@list.ru> From: Andy Lutomirski Date: Fri, 31 Mar 2017 19:18:18 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [v6 PATCH 00/21] x86: Enable User-Mode Instruction Prevention To: Stas Sergeev Cc: Alexandre Julliard , Ricardo Neri , Ingo Molnar , Thomas Gleixner , "H. Peter Anvin" , Andy Lutomirski , Borislav Petkov , Peter Zijlstra , Andrew Morton , Brian Gerst , Chris Metcalf , Dave Hansen , Paolo Bonzini , Masami Hiramatsu , Huang Rui , Jiri Slaby , Jonathan Corbet , "Michael S. Tsirkin" , Paul Gortmaker , Vlastimil Babka , Chen Yucong , Fenghua Yu , "Ravi V. Shankar" , Shuah Khan , "linux-kernel@vger.kernel.org" , X86 ML , linux-msdos@vger.kernel.org, wine-devel@winehq.org Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8BIT Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 546 Lines: 15 On Fri, Mar 31, 2017 at 2:26 PM, Stas Sergeev wrote: > 31.03.2017 17:11, Alexandre Julliard пишет: >> >> In fact it would be nice to be able to make sidt/sgdt/etc. segfault >> too. I know a new syscall is a pain, > > Maybe arch_prctl() then? I still like my idea of a generic mechanism to turn off backwards-compatibility things. After all, hardened programs should turn off UMIP fixups entirely. They should also turn off vsyscall emulation entirely, and I see no reason that these mechanisms should be different. --Andy