On Tue, 2016-11-08 at 07:34 -0800, Andy Lutomirski wrote: > > Would it not be better to emulate these instructions for them? What > way > > we can verify they're not malicious. > > Forget malice -- if they are really needed for some silly vm86-using > program, let's trap them and emulate them so they return dummy values. > > Also, keep in mind that vm86 is already effectively gated behind a > sysctl for non-root. I think the default should be that, if root has > enabled vm86, it should work.
Then should I keep UMIP enabled by default and still provide an option to disable it via a kernel parameter? Also, a third option, umip=novm86 would "disable" UMIP in vm86 tasks. Under the new approach (of emulating the impacted instructions), this option, a #GP fault would still be generated but the actual values of GDT/LDT/IDT/MSW would be passed to user space. Does this make sense? Thanks and BR, Ricardo
