x86 User-Mode Instruction Prevention and winehq
Neri, Ricardo
ricardo.neri at intel.com
Tue Nov 15 22:09:33 CST 2016
Hi All,
I am working on implementing support for a new feature in the Linux
kernel named User-Mode Instruction Prevention that will be present in
upcoming Intel processors. In a nutshell, if this feature is present and
enabled, a general protection fault will happen if any of the following
instructions is executed with CPL > 0.
* SGDT - Store Global Descriptor Table
* SIDT - Store Interrupt Descriptor Table
* SLDT - Store Local Descriptor Table
* SMSW - Store Machine Status Word
* STR - Store Task Register
The goal of this feature is to prevent user space applications to read
the resources mentioned above. For instance, a user-space application
could easily read the descriptor tables and use that to instrument an
attack.
I am aware that maybe wine (or applications using wine) might want to
use some of these instructions. For instance, wine might want to use the
sgdt instruction to emulate the VxD driver model.
Currently the proposed implementation is as follows:
If running in protected mode, always propagate the GP fault to the user
space via a sigsegv. If running in vm86 mode, trap the GP fault within
the kernel and give the userspace fake values for the aforementioned
resources (most likely zeros).
Also, UMIP will be able to be disabled via a kernel command-line
parameter at boot.
I would like to inquire about the current use of these instructions and
whether it would be catastrophic for wine to lose access to them.
Your feedback will be greatly appreciated. You can see the original
patch post here [1].
http://www.spinics.net/lists/kernel/msg2377725.html
Thanks and BR,
Ricardo
More information about the wine-devel
mailing list