On Thu, Feb 25, 2016 at 1:30 PM, Linus Torvalds <torva...@linux-foundation.org> wrote: > On Thu, Feb 25, 2016 at 10:20 AM, Andy Lutomirski <l...@amacapital.net> wrote: >> >> Ideally we'd fix this up and restore flags on sysexit. At least >> failing to restore arithmetic flags isn't an info leak because the >> exit code clobbers them with entirely predictable data. I doubt >> anyone cares all that much if we clobber AC. > > As long as the "clobber AC" is purely about clearing it, it's probably fine. > > Although there may be programs that set AC in order to actually get > notified about alignment issues (perhaps for portability reasons, > perhaps for small performance reasons). Clearing it will make those > programs still work, but they lose the checking. > >> I wrote a test for NT and the test fails for a different reason: our >> TF handling appears broken as well. (Our sysenter TF handling is >> *crap*, but it seems to work on 64-bit kernels at least.) > > TF should be entirely immaterial for system calls. Why would we care? > We need it for correct handling of real traps, but not for the system > call case afaik. Returning with TF clear is the right thing, since > we're not returning *to* the system call instruction, but the > instruction after. > >> My personal preference would be to add the missing popf. > > I don't mind adding the popf, but it won't help for iopl. Only iret > restores iopl, if I recall correctly (but maybe I don't, and I'm too > lazy to take the 30 seconds to look it up). > > Linus
According to the SDM, popf will change IOPL only at CPL0, which is why Xen (which runs at CPL1 on 32-bit) has a paravirt hook for it. -- Brian Gerst
