x86 User-Mode Instruction Prevention and winehq

Alexandre Julliard julliard at winehq.org
Fri Nov 18 15:23:54 CST 2016

"Neri, Ricardo" <ricardo.neri at intel.com> writes:

> On Fri, 2016-11-18 at 14:16 -0600, Alexandre Julliard wrote:
>> "Neri, Ricardo" <ricardo.neri at intel.com> writes:
>> > Thanks for the feedback. The consensus in the kernel mailing list is to
>> > catch the gp fault within the kernel and give the userspace fake values
>> > for the GDT, LDT, IDT and the MSW (I don't think there are vm86 apps
>> > that use the task register, are they?). This is because the goal of the
>> > feature is to hide these tables from the user space. Would this be a
>> > problem?
>> That sort of depends on what fake values you are returning. Currently we
>> rely on SIDT returning a non-accessible address, in order to catch the
>> resulting memory accesses and fake the IDT contents.
> I see. Would a null address suffice? That would be non-accessible.

That wouldn't work, because we'd have no way of knowing that this was an
attempted IDT access and not a normal null pointer. We rely on SIDT
returning a unique address that we can recognize once we get an access
violation fault for it.

It seems to me that in general, forwarding the fault to user-mode would
be a more useful behavior than emulating it. Maybe it could be made
opt-in somehow to avoid breaking existing apps.

Alexandre Julliard
julliard at winehq.org

More information about the wine-devel mailing list