On Fri, Mar 31, 2017 at 2:26 PM, Stas Sergeev <s...@list.ru> wrote: > 31.03.2017 17:11, Alexandre Julliard пишет: >> >> In fact it would be nice to be able to make sidt/sgdt/etc. segfault >> too. I know a new syscall is a pain, > > Maybe arch_prctl() then?
I still like my idea of a generic mechanism to turn off backwards-compatibility things. After all, hardened programs should turn off UMIP fixups entirely. They should also turn off vsyscall emulation entirely, and I see no reason that these mechanisms should be different. --Andy
