lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 29 Apr 2016 16:12:52 -0700
From:	Yu-cheng Yu <yu-cheng.yu@...el.com>
To:	Dave Hansen <dave.hansen@...ux.intel.com>
Cc:	x86@...nel.org, "H. Peter Anvin" <hpa@...or.com>,
	Thomas Gleixner <tglx@...utronix.de>,
	Ingo Molnar <mingo@...hat.com>, linux-kernel@...r.kernel.org,
	Andy Lutomirski <luto@...nel.org>,
	Borislav Petkov <bp@...e.de>,
	Sai Praneeth Prakhya <sai.praneeth.prakhya@...el.com>,
	"Ravi V. Shankar" <ravi.v.shankar@...el.com>,
	Fenghua Yu <fenghua.yu@...el.com>
Subject: Re: [PATCH v4 10/10] x86/xsaves: Re-enable XSAVES

On Fri, Apr 29, 2016 at 01:32:15PM -0700, Dave Hansen wrote:
> The reason I haven't acked this patch is that I want to be _sure_ that
> we've audited all of the call paths that access the XSAVE buffer to
> ensure that they can all either handle the XSAVES format *or* don't care
> for whatever reason.
> 
> Could you share the steps that you've taken to assure yourself that all
> of the call paths are handled and we don't have more bugs?
> 

We tested for signal, ptrace, context switch, avx, and mpx.  We also run
these tests with your audit patch to detect any format mis-match.
That said, I cannot be sure there are no more bugs.  As you said, we want
to get this feature tested in the field and find potential issues early.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ