Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753752AbdLNVWu (ORCPT ); Thu, 14 Dec 2017 16:22:50 -0500 Received: from mail.kernel.org ([198.145.29.99]:33534 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753657AbdLNVWp (ORCPT ); Thu, 14 Dec 2017 16:22:45 -0500 DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org AF6E1218DC Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=luto@kernel.org X-Google-Smtp-Source: ACJfBotNBU84RRe7VazfjXjt9joZrdsm3wGG28mbfuDEh5ZeSipTEoUtzGN5gFfUk+jDZyTBwOz2/huyJMDLiAawZWU= MIME-Version: 1.0 In-Reply-To: References: <20171214112726.742649793@infradead.org> <20171214113851.647809433@infradead.org> From: Andy Lutomirski Date: Thu, 14 Dec 2017 13:22:23 -0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v2 11/17] selftests/x86/ldt_gdt: Prepare for access bit forced To: Linus Torvalds Cc: Andy Lutomirski , Peter Zijlstra , "linux-kernel@vger.kernel.org" , Thomas Gleixner , X86 ML , Dave Hansen , Borislav Petkov , Greg KH , Kees Cook , Hugh Dickins , Brian Gerst , Josh Poimboeuf , Denys Vlasenko , Boris Ostrovsky , Juergen Gross , David Laight , Eduardo Valentin , "Liguori, Anthony" , Will Deacon , "linux-mm@kvack.org" , "Kirill A. Shutemov" , Dan Williams Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1054 Lines: 25 On Thu, Dec 14, 2017 at 11:43 AM, Linus Torvalds wrote: > On Thu, Dec 14, 2017 at 8:20 AM, Andy Lutomirski wrote: >> >> If this turns out to need reverting because it breaks Wine or >> something, we're really going to regret it. > > I really don't see that as very likely. We already play other (much > more fundamental) games with segments. > I dunno. Maybe Wine or DOSEMU apps expect to be able to create a non-accessed segment and then read out the accessed bit using LAR or modify_ldt() later. > But I do agree that it would be good to consider this "turn LDT > read-only" a separate series just in case. Which kind of kills the whole thing. There's no way the idea of putting the LDT in a VMA is okay if it's RW. You just get the kernel to put_user() a call gate into it and it's game over. I have a competing patch that just aliases the LDT high up in kernel land and shares it in the user tables. I like a lot of the cleanups in this series, but I don't like the actual LDT-in-a-VMA part.