diff options
author | Andy Lutomirski <luto@kernel.org> | 2015-03-19 04:33:29 +0300 |
---|---|---|
committer | Ingo Molnar <mingo@kernel.org> | 2015-03-23 13:13:36 +0300 |
commit | a67e7277d01ccfd39b0db5a198c2643cc19dd79c (patch) | |
tree | 01425f65fe45e24354747dfb11f6b47b7309e6dd /arch/x86/include/asm/ptrace.h | |
parent | e4518ab90f63cd5bea3ddc15341162debc34442b (diff) | |
download | linux-a67e7277d01ccfd39b0db5a198c2643cc19dd79c.tar.xz |
x86/asm/entry: Add user_mode_ignore_vm86()
user_mode() is dangerous and user_mode_vm() has a confusing name.
Add user_mode_ignore_vm86() (equivalent to current user_mode()).
We'll change the small number of legitimate users of user_mode()
to user_mode_ignore_vm86().
Inspired by grsec, although this works rather differently.
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brad Spengler <spender@grsecurity.net>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/202c56ca63823c338af8e2e54948dbe222da6343.1426728647.git.luto@kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Diffstat (limited to 'arch/x86/include/asm/ptrace.h')
-rw-r--r-- | arch/x86/include/asm/ptrace.h | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/arch/x86/include/asm/ptrace.h b/arch/x86/include/asm/ptrace.h index 83b874da2762..4a040f0078f2 100644 --- a/arch/x86/include/asm/ptrace.h +++ b/arch/x86/include/asm/ptrace.h @@ -121,6 +121,23 @@ static inline int user_mode_vm(struct pt_regs *regs) #endif } +/* + * This is the fastest way to check whether regs come from user space. + * It is unsafe if regs might come from vm86 mode, though -- in vm86 + * mode, all bits of CS and SS are completely under the user's control. + * The CPU considers vm86 mode to be CPL 3 regardless of CS and SS. + * + * Do NOT use this function unless you have already ruled out the + * possibility that regs came from vm86 mode. + * + * We check for RPL != 0 instead of RPL == 3 because we don't use rings + * 1 or 2 and this is more efficient. + */ +static inline int user_mode_ignore_vm86(struct pt_regs *regs) +{ + return (regs->cs & SEGMENT_RPL_MASK) != 0; +} + static inline int v8086_mode(struct pt_regs *regs) { #ifdef CONFIG_X86_32 |