From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-io0-f200.google.com (mail-io0-f200.google.com [209.85.223.200]) by kanga.kvack.org (Postfix) with ESMTP id 347966B025E for ; Tue, 12 Dec 2017 14:05:25 -0500 (EST) Received: by mail-io0-f200.google.com with SMTP id u42so76501ioi.19 for ; Tue, 12 Dec 2017 11:05:25 -0800 (PST) Received: from mail-sor-f41.google.com (mail-sor-f41.google.com. [209.85.220.41]) by mx.google.com with SMTPS id i138sor151468ite.17.2017.12.12.11.05.24 for (Google Transport Security); Tue, 12 Dec 2017 11:05:24 -0800 (PST) MIME-Version: 1.0 In-Reply-To: <20171212173334.176469949@linutronix.de> References: <20171212173221.496222173@linutronix.de> <20171212173334.176469949@linutronix.de> From: Linus Torvalds Date: Tue, 12 Dec 2017 11:05:23 -0800 Message-ID: Subject: Re: [patch 11/16] x86/ldt: Force access bit for CS/SS Content-Type: text/plain; charset="UTF-8" Sender: owner-linux-mm@kvack.org List-ID: To: Thomas Gleixner Cc: LKML , the arch/x86 maintainers , Andy Lutomirsky , Peter Zijlstra , Dave Hansen , Borislav Petkov , Greg KH , Kees Cook , Hugh Dickins , Brian Gerst , Josh Poimboeuf , Denys Vlasenko , Boris Ostrovsky , Juergen Gross , David Laight , Eduardo Valentin , "Liguori, Anthony" , Will Deacon , linux-mm On Tue, Dec 12, 2017 at 9:32 AM, Thomas Gleixner wrote: > > There is one exception; IRET will immediately load CS/SS and unrecoverably > #GP. To avoid this issue access the LDT descriptors used by CS/SS before > the IRET to userspace. Ok, so the other patch made me nervous, this just makes me go "Hell no!". This is exactly the kind of "now we get traps in random microcode places that have never been tested" kind of thing that I was talking about. Why is the iret exception unrecoverable anyway? Does anybody even know? Linus -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@kvack.org. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: email@kvack.org