> > > + asm volatile("xorq %%mm0, %%mm0;
> > > + xorq %%mm1, %%mm1;
> > > + xorq %%mm2, %%mm2;
> > > + xorq %%mm3, %%mm3;
> > > + xorq %%mm4, %%mm4;
> > > + xorq %%mm5, %%mm5;
> > > + xorq %%mm6, %%mm6;
> > > + xorq %%mm7, %%mm7");
> >
> > This mean the mmx isn't really backwards compatible and that's
> > potentially a problem for all the legacy x86 multiuser operative
> > systems. That's an hardware design bug, not a software problem. In
> > short running a 2.[02] kernel on a MMX capable CPU isn't secure, the
> > same potentially applies to windows NT and other unix, no matter of SSE.
>
> Why is that not backwards compatible? I've never heard of anywhere that
> specifies that the starting value in the mmx registers will be anything of
> consequence? Also, even though register space is (possibly) shared with
> the FP register stack, clearing out the MMX registers does not actually
> harm the FP register stack since the fninit already blows the stack away,
> which forces the application to load fp data before it can use the fpu
> again.
It introduces security hole: Unrelated tasks now have your top secret
value you stored in one of your registers.
Pavel
-- Casualities in World Trade Center: ~3k dead inside the building, cryptography in U.S.A. and free speech in Czech Republic. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/