Does #Meltdown bypass segment limit? To be specific, is e.g. Linux 2.0 on 32-bit x86 vulnerable? If not, maybe consider http://wiki.osdev.org/X86-64#Segmentation_in_Long_Mode …
I think you need a segment with no limit because the TLS ABI uses negative (i.e. huge) offsets from %gs.
-
-
Arguably Linux 2.0 can't even run programs with the TLS ABI, but musl can support it with modify_ldt; other issues like lack of *64 syscalls end up being the show-stopper.
-
Of course, I didn't literally suggest use of Linux 2.0 along with a modern libc. It was to be specific about the use of segment limits.
End of conversation
New conversation -
-
-
that works also with small segment limits, implemented that myself once....
-
You mean (with GS being a 64-bit segment?) there's no check for the resulting address (after wraparound) being below base?
-
I would have to look things up to be sure, but IIRC it just wraps around. I think they just truncate the upper unused bits (which should be equivalent to a modulo).
-
but take that guess with care, I haven't touched the code I wrote there in a very long time...
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.