segment limits don't work in 64-bit mode for CS and DS, also ES iirc, but FS and GS can have limits (which is convenient for small TLS segments).
but if you use 32 bit segments on a 64-bit OS, prefetch and also #meltdown probably won't work from that process anymore.
and use a second GDT, or something like that, because on normal Linux, any 32-bit process can just IRET to 64-bit mode - there is a 64-bit user code segment in the GDT, and ring 3 can switch to any ring 3 code segment
-
-
Good point. Reminds me of my use of ring 2 for running userspace code with exec stack on Linux 2.0, so that ring 3 code wouldn't easily switch to there. But I'm not exactly happy about introducing this hack for 64-bit mode userspace code just so that 32-bit can't switch to there.
-
btw: Xen PV has something similar - if a 32-bit PV guest could switch to 64-bit mode, there'd be security issues, so they switch the GDT on context switch between VMs
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.