On Tue, 2013-06-04 at 11:15 -0700, H. Peter Anvin wrote:
> On 06/03/2013 04:53 PM, Steven Rostedt wrote:
> >
> > This way we wont be opening up any easy root holes where if a process
> > finds a way to modify some arbitrary kernel memory, we can prevent it
> > from modifying the current_idt_descr_ptr and have a nice way to exploit
> > the IDT. Sure, one can argue that if they can modify arbitrary kernel
> > memory, we may already be lost, but lets not make it easier for them
> > than need be.
> >
>
> I don't like current_idt_descr_ptr if we can avoid it. It is a direct
> proxy for reading and writing the original IDT, in other words, it
> really hasn't really addressed the issue.
>
> What I'm thinking we really should have is a function that returns the
> IDT that we currently should be using, based on the current state. If
> that state is, say, tracing on/off and NMI on/off, then that can be
> indicated by bits in a state vector.
The NMI on/off may be a bit trickier, as it is also a debug state as
well. When we go into a nested debug or NMI state we use the same IDT.
>
> The point is that the IDT address itself should not be mutable state if
> it can be at all avoided.
Hmm, maybe we can do it. Have two counters, a debug_idt_ctr and a
trace_idt_ctr, then have a function that basically does this:
if (this_cpu_read(debug_idt_ctr))
load_idt(&nmi_idt_descr); /* probably should rename to
debug_idt_descr) */
else if (trace_idt_ctr)
load_idt(&trace_idt_descr);
else
load_idt(&idt_descr);
Then all modifications of the idt would call this function.
-- Steve
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
