Received: by 2002:a05:7412:361b:b0:f9:2edb:3e4d with SMTP id ie27csp45182rdb; Sun, 17 Dec 2023 13:41:22 -0800 (PST) X-Google-Smtp-Source: AGHT+IE/UhJ5JbdKQjNjxwQqzFl8B68GmleoJhBNbpfhzVZ0Kf+uaQwRJ4fJoCGHbUrFBM3RYcgn X-Received: by 2002:a05:620a:3708:b0:77f:b47e:d93a with SMTP id de8-20020a05620a370800b0077fb47ed93amr6151035qkb.33.1702849281951; Sun, 17 Dec 2023 13:41:21 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1702849281; cv=none; d=google.com; s=arc-20160816; b=yBYuk6U+eAbh0Vg4k6ERtl3XCagAT1vh9FMRJP2Wd0hVC49Fs199SYP8xnAGx5q4R8 T3P3t7bLJ1AvE7pQiZ0sH1nSnG/McGFgIjgszzBmhBs1jHctJ2tgPTcxfytF1AH3/nl4 HnJXAwHz49L6g/E3NUhh9/guL1rKd6V3Gdxbq3N6i9LM0/Fw2ANB8QYh1HRzLrhOL+I7 qd49ThVaAmP3j+kqvjyaeUBk0twmNj4AAKt/COTSPbV6rcfrA4h8o/Y0g73OYW91h4pk TdwB6eY1NoHXFWxE94FNmvcXfWmt3vH4ABleigYzQCT0kBoMst8qyDWmAn+rV/tMsWvl fvfQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:list-unsubscribe:list-subscribe:list-id:precedence :dkim-signature; bh=c/yvbsSjMKGQvv3uw5Bh6Dq/DFlsTHYL/+Ws2+BkUR0=; fh=yDB5wqtGCp38KzgJ4Fw1pldBNstK8erjC6pAtK2K9hk=; b=QYt5GjJZgpPWPVX6oDPBfYgidbUgwkGBxfVnMFLqwhJP4DHJP6iINKJ2QjXIeEV21D u3Ue/CSJ8sYkv2UZz55A1Ah4dvSPKC8EXsJfb/1m/sz0fom0QUIIi3RQWDzpj9k8/CoP Yu+n78C19PoKxbKfoaZioCfVfE07JVCIfHSukgPtiorLw+JuETmgRjfVlSpe9D7lNYkp Csoho10EwrUI/OpIFNCS1CkK6W5cjQDHsVE+jbJT/qPCxvE7m9JcMvlNyk4O1c/ojCPy O70/OB6hP4nPJ4VFTpmv6ZArF5KExVefpjGr+AmmsRBQd+V+jmfpdGNH16BGxK8BMtbz KCZw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=google header.b=Dec3LUzO; spf=pass (google.com: domain of linux-kernel+bounces-2828-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-2828-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id g6-20020a05620a108600b0077896ff4c24si21717847qkk.585.2023.12.17.13.41.21 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 17 Dec 2023 13:41:21 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-2828-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=google header.b=Dec3LUzO; spf=pass (google.com: domain of linux-kernel+bounces-2828-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-2828-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id B1AA61C20F45 for ; Sun, 17 Dec 2023 21:41:21 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 4A6F148CDC; Sun, 17 Dec 2023 21:41:17 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b="Dec3LUzO" X-Original-To: linux-kernel@vger.kernel.org Received: from mail-wm1-f50.google.com (mail-wm1-f50.google.com [209.85.128.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9A9EE487A4 for ; Sun, 17 Dec 2023 21:41:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linuxfoundation.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linuxfoundation.org Received: by mail-wm1-f50.google.com with SMTP id 5b1f17b1804b1-40b5155e154so29858195e9.3 for ; Sun, 17 Dec 2023 13:41:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linuxfoundation.org; s=google; t=1702849272; x=1703454072; darn=vger.kernel.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=c/yvbsSjMKGQvv3uw5Bh6Dq/DFlsTHYL/+Ws2+BkUR0=; b=Dec3LUzOKNq2Q0a/K8vC4E4x1Jc/1j0UK8pHSKyICHgkGT2iBaOiNozYZ8LnKiSW0l oZDqgWJ0riboC/tAphikqmK/KJaMt3kBfN5R2mbyhKFAbptIhy06ENvTkEdVI125RS4T YzhLot4h4fjqUvSTcmLKUa/9J4pXdMUEhk+pc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1702849272; x=1703454072; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=c/yvbsSjMKGQvv3uw5Bh6Dq/DFlsTHYL/+Ws2+BkUR0=; b=WfPUb6o3RIa1qXaIVRDXXyWrwmpXAMH1kT0PDMScSYH8D0X9uOc+saKF43DZNQ4wTm a/KlQvYwbCdLmlQHwlTVmOnHT88mJvoncZqhyXBN4ZkhOby+Y/Ax6IDIgci6JtVVd1tl FLT0K29Og2T0E21TWv9ErEpdp8Z7hLqGBwvGqyEWkfYCuMCNKb7H5DRHJlcooPhYKmyi ndhEoPI1cRZffEgaKCIMWho8fX9CrEtXzFTPzcNDVMmTy54G5RgP/7LFLjrScg+qbB44 ppuNS3089jLLHreymhgW1pZMP/uJIEUXRNiwW4fIztxyUN1XGRk8HNmJiwkKoPxg9W3g fsNw== X-Gm-Message-State: AOJu0YzthqUghHauzITZ5DmmTMMcKLj5RQTDtpfcUUBKXy2CoXN7FiIE MJ2JCN3Rd4iJeCZ/ICLGYRGez3gh26R+J42XUiMux63U X-Received: by 2002:a05:600c:1f1a:b0:40c:314a:42e with SMTP id bd26-20020a05600c1f1a00b0040c314a042emr7409155wmb.246.1702849272697; Sun, 17 Dec 2023 13:41:12 -0800 (PST) Received: from mail-wm1-f48.google.com (mail-wm1-f48.google.com. [209.85.128.48]) by smtp.gmail.com with ESMTPSA id lm11-20020a17090718cb00b00a1cf3fce937sm13366077ejc.162.2023.12.17.13.41.11 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sun, 17 Dec 2023 13:41:11 -0800 (PST) Received: by mail-wm1-f48.google.com with SMTP id 5b1f17b1804b1-40c31f18274so30135335e9.0 for ; Sun, 17 Dec 2023 13:41:11 -0800 (PST) X-Received: by 2002:a05:600c:21c7:b0:40c:31ec:eaf with SMTP id x7-20020a05600c21c700b0040c31ec0eafmr7398457wmj.205.1702849271236; Sun, 17 Dec 2023 13:41:11 -0800 (PST) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <20231213163443.70490-1-brgerst@gmail.com> <20231213163443.70490-4-brgerst@gmail.com> In-Reply-To: From: Linus Torvalds Date: Sun, 17 Dec 2023 13:40:53 -0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH 3/3] x86/sigreturn: Reject system segements To: "H. Peter Anvin" Cc: Brian Gerst , linux-kernel@vger.kernel.org, x86@kernel.org, Ingo Molnar , Thomas Gleixner , Borislav Petkov , Peter Zijlstra , Michal Luczaj Content-Type: text/plain; charset="UTF-8" On Sun, 17 Dec 2023 at 13:08, H. Peter Anvin wrote: > > On December 13, 2023 10:54:00 AM PST, Linus Torvalds wrote: ]> >Side note: the SS/CS checks could be stricter than the usual selector tests. > > > >In particular, normal segments can be Null segments. But CS/SS must not be. > > > >Also, since you're now checking the validity, maybe we shouldn't do > >the "force cpl3" any more, and just make it an error to try to load a > >non-cpl3 segment at sigreturn.. > > > >That forcing was literally just because we weren't checking it for sanity... > > > > Linus > > Not to mention that changing a null descriptor to 3 is wrong. I don't think it is. All of 0-3 are "Null selectors". The RPL of the selector simply doesn't matter when the index is zero, afaik. But we obviously only do this for CS/SS, which can't be (any kind of) Null selector and iret will GP on them regardless of the RPL in the selector. Linus