From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Message-ID: <54C88BB5.3010100@huawei.com> Date: Wed, 28 Jan 2015 15:11:49 +0800 From: Zefan Li MIME-Version: 1.0 To: Willy Tarreau CC: , , , Andy Lutomirski , "Konrad Rzeszutek Wilk" , Linus Torvalds , "security@kernel.org" , Ingo Molnar Subject: Re: [PATCH 3.4 177/177] x86/tls: Validate TLS entries to protect espfix References: <1422418050-12581-1-git-send-email-lizf@kernel.org> <1422418236-12852-268-git-send-email-lizf@kernel.org> <20150128065115.GA9007@1wt.eu> In-Reply-To: <20150128065115.GA9007@1wt.eu> Content-Type: text/plain; charset="ISO-8859-1" Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: On 2015/1/28 14:51, Willy Tarreau wrote: > Hi Li, > > On Wed, Jan 28, 2015 at 12:10:35PM +0800, lizf@kernel.org wrote: >> From: Andy Lutomirski >> >> 3.4.106-rc1 review patch. If anyone has any objections, please let me know. >> >> ------------------ >> >> >> commit 41bdc78544b8a93a9c6814b8bbbfef966272abbe upstream. >> >> Installing a 16-bit RW data segment into the GDT defeats espfix. >> AFAICT this will not affect glibc, Wine, or dosemu at all. >> >> Signed-off-by: Andy Lutomirski >> Acked-by: H. Peter Anvin >> Cc: Konrad Rzeszutek Wilk >> Cc: Linus Torvalds >> Cc: security@kernel.org >> Cc: Willy Tarreau >> Signed-off-by: Ingo Molnar >> Signed-off-by: Zefan Li > > This patch has introduced a few minor regressions for which Andy has > provided fixes already pending in latest stable previews, so maybe it > could make sense to either pick them as well or delay all of them for > another round. Greg has queued them in his latest preview if you are > interested (eg: 19/32 and 20/32 for 3.10.67) : > > - e30ab18 ("x86, tls, ldt: Stop checking lm in LDT_empty") > - 3669ef9 ("x86, tls: Interpret an all-zero struct user_desc as "no segment"") > I think I'll queue them for this release. Thanks!