Re: Re: [PATCH v12 00/18] Enable FSGSBASE instructions

From: Jarkko Sakkinen
Date: Wed May 27 2020 - 04:31:35 EST

Next message: Jon Hunter: "Re: [PATCH 4.4 00/65] 4.4.225-rc1 review"
Previous message: Naresh Kamboju: "Re: [PATCH 4.19 00/81] 4.19.125-rc1 review"
In reply to: Richard Weinberger: "Re: [PATCH v12 00/18] Enable FSGSBASE instructions"
Next in thread: Don Porter: "Re: [PATCH v12 00/18] Enable FSGSBASE instructions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, 2020-05-24 at 12:45 -0700, hpa@xxxxxxxxx wrote:
> On a related topic (needless to say, this should never have happened
> and is being raised at the highest levels inside Intel):
>
> There are legitimate reasons to write a root-hole module, the main one
> being able to test security features like SMAP. I have requested
> before a TAINT flag specifically for this purpose, because
> TAINT_CRAP is nowhere near explicit enough, and is also used for
> staging drivers. Call it TAINT_TOXIC or TAINT_ROOTHOLE; it should
> always be accompanied with a CRIT level alert.

Are these flags easy to bump into in the first place for a person with
no prior familarity with the kernel?

/Jarkko

Next message: Jon Hunter: "Re: [PATCH 4.4 00/65] 4.4.225-rc1 review"
Previous message: Naresh Kamboju: "Re: [PATCH 4.19 00/81] 4.19.125-rc1 review"
In reply to: Richard Weinberger: "Re: [PATCH v12 00/18] Enable FSGSBASE instructions"
Next in thread: Don Porter: "Re: [PATCH v12 00/18] Enable FSGSBASE instructions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]