[PATCH] x86: Preserve iopl on fork and execve

[PATCH] x86: Preserve iopl on fork and execve

[Alex Henrie]

Signed-off-by: Alex Henrie <alexhenrie24@gmail.com>
Suggested-by: Doug Johnson <dougvj@dougvj.net>
---
 arch/x86/kernel/process_32.c | 2 +-
 arch/x86/kernel/process_64.c | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/arch/x86/kernel/process_32.c b/arch/x86/kernel/process_32.c
index 8ed2106..86bfe7c 100644
--- a/arch/x86/kernel/process_32.c
+++ b/arch/x86/kernel/process_32.c
@@ -205,7 +205,7 @@ start_thread(struct pt_regs *regs, unsigned long new_ip, unsigned long new_sp)
 	regs->cs		= __USER_CS;
 	regs->ip		= new_ip;
 	regs->sp		= new_sp;
-	regs->flags		= X86_EFLAGS_IF;
+	regs->flags		|= X86_EFLAGS_IF;
 	force_iret();
 }
 EXPORT_SYMBOL_GPL(start_thread);
diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c
index ddfdbf7..fc22e5d 100644
--- a/arch/x86/kernel/process_64.c
+++ b/arch/x86/kernel/process_64.c
@@ -238,7 +238,7 @@ start_thread_common(struct pt_regs *regs, unsigned long new_ip,
 	regs->sp		= new_sp;
 	regs->cs		= _cs;
 	regs->ss		= _ss;
-	regs->flags		= X86_EFLAGS_IF;
+	regs->flags		|= X86_EFLAGS_IF;
 	force_iret();
 }
 
-- 
2.4.0

Re: [PATCH] x86: Preserve iopl on fork and execve

[H. Peter Anvin]

On 05/11/2015 01:49 PM, Alex Henrie wrote:
> Signed-off-by: Alex Henrie <alexhenrie24@gmail.com>
> Suggested-by: Doug Johnson <dougvj@dougvj.net>
> ---
>  arch/x86/kernel/process_32.c | 2 +-
>  arch/x86/kernel/process_64.c | 2 +-
>  2 files changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/arch/x86/kernel/process_32.c b/arch/x86/kernel/process_32.c
> index 8ed2106..86bfe7c 100644
> --- a/arch/x86/kernel/process_32.c
> +++ b/arch/x86/kernel/process_32.c
> @@ -205,7 +205,7 @@ start_thread(struct pt_regs *regs, unsigned long new_ip, unsigned long new_sp)
>  	regs->cs		= __USER_CS;
>  	regs->ip		= new_ip;
>  	regs->sp		= new_sp;
> -	regs->flags		= X86_EFLAGS_IF;
> +	regs->flags		|= X86_EFLAGS_IF;
>  	force_iret();
>  }
>  EXPORT_SYMBOL_GPL(start_thread);
> diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c
> index ddfdbf7..fc22e5d 100644
> --- a/arch/x86/kernel/process_64.c
> +++ b/arch/x86/kernel/process_64.c
> @@ -238,7 +238,7 @@ start_thread_common(struct pt_regs *regs, unsigned long new_ip,
>  	regs->sp		= new_sp;
>  	regs->cs		= _cs;
>  	regs->ss		= _ss;
> -	regs->flags		= X86_EFLAGS_IF;
> +	regs->flags		|= X86_EFLAGS_IF;
>  	force_iret();
>  }
>  

This would seem to preserve a whole bunch of other flags that should not
be leaked between processes, such as DF or TF.

	-hpa

Re: [PATCH] x86: Preserve iopl on fork and execve

[One Thousand Gnomes]

On Mon, 11 May 2015 14:49:58 -0600
Alex Henrie <alexhenrie24@gmail.com> wrote:

> Signed-off-by: Alex Henrie <alexhenrie24@gmail.com>
> Suggested-by: Doug Johnson <dougvj@dougvj.net>
> ---
>  arch/x86/kernel/process_32.c | 2 +-
>  arch/x86/kernel/process_64.c | 2 +-
>  2 files changed, 2 insertions(+), 2 deletions(-)

This strikes me as insane.

Existing iopl using code does not expect to accidentally pass the keys to
the empire to any helper apps it spawns. We wouldn't add a new feature
that suddenely gave root to tasks forked from a process that was
expecting the rights to be dropped, so we certainly shouldn't add iopl
on this way.

(I agree the behaviour you suggest was probably preferable, it's just 25
years too late to correct that one)

Yes it makes using iopl harder, but if anything that is good. You really
really must know what you are doing to use iopl, and its really something
only hideous things like legacy PC BIOS flash tools should be touching
and even then very very carefully having used mlockall and while making
no syscalls or page faults with interrupts off.

Alan