On Wed, May 01, 2019 at 12:03:52PM -0700, Linus Torvalds wrote:
On Wed, May 1, 2019 at 6:11 AM Peter Zijlstra peterz@infradead.org wrote:
Here goes, compile tested only...
Ugh, two different threads. This has the same bug (same source) as the one Steven posted:
This is what Steve started from; lets continue in the other thread.
--- a/arch/x86/entry/entry_32.S +++ b/arch/x86/entry/entry_32.S @@ -1479,6 +1479,13 @@ ENTRY(int3) ASM_CLAC pushl $-1 # mark this as an int
testl $SEGMENT_RPL_MASK, PT_CS(%esp)
jnz .Lfrom_usermode_no_gap
.rept 6
pushl 5*4(%esp)
.endr
+.Lfrom_usermode_no_gap:
This will corrupt things horribly if you still use vm86 mode. Checking CS RPL is simply not correct.
I'll go fix; I never really understood that vm86 crud and I cobbled this 32bit thing together based on the 64bit version (that Josh did a while ago).