| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 17 Jun 2016 21:29:07 -0700 From: Andy Lutomirski <luto@...capital.net> To: Dave Hansen <dave@...1.net> Cc: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, X86 ML <x86@...nel.org>, Dave Hansen <dave.hansen@...ux.intel.com>, stable <stable@...r.kernel.org> Subject: Re: [PATCH] x86: fux duplicated X86_BUG(9) macro On Fri, Jun 17, 2016 at 5:15 PM, Dave Hansen <dave@...1.net> wrote: > > Now sending with actual stable@ address... > > -- > > From: Dave Hansen <dave.hansen@...ux.intel.com> > > cpufeatures.h currently defines X86_BUG(9) twice on 32-bit: Acked-by: Andy Lutomirski <luto@...nel.org> # who is suitably embarrassed That being said, you or Ingo should consider fixing the typo in $SUBJECT. > > #define X86_BUG_NULL_SEG X86_BUG(9) /* Nulling a selector preserves the base */ > ... > #ifdef CONFIG_X86_32 > #define X86_BUG_ESPFIX X86_BUG(9) /* "" IRET to 16-bit SS corrupts ESP/RSP high bits */ > #endif > > I think what happened was that this added the X86_BUG_ESPFIX, but > in an #ifdef below most of the bugs: > > [58a5aac5] x86/entry/32: Introduce and use X86_BUG_ESPFIX instead of paravirt_enabled > > Then this came along and added X86_BUG_NULL_SEG, but collided > with the earlier one that did the bug below the main block > defining all the X86_BUG()s. > > [7a5d6704] x86/cpu: Probe the behavior of nulling out a segment at boot time > > Signed-off-by: Dave Hansen <dave.hansen@...ux.intel.com> > Cc: Andy Lutomirski <luto@...capital.net> > Cc: stable@...r.kernel.org > --- > > b/arch/x86/include/asm/cpufeatures.h | 6 ++---- > 1 file changed, 2 insertions(+), 4 deletions(-) > > diff -puN arch/x86/include/asm/cpufeatures.h~fix-x86-bugs-macros arch/x86/include/asm/cpufeatures.h > --- a/arch/x86/include/asm/cpufeatures.h~fix-x86-bugs-macros 2016-06-17 17:10:30.978602807 -0700 > +++ b/arch/x86/include/asm/cpufeatures.h 2016-06-17 17:10:30.982602989 -0700 > @@ -301,10 +301,6 @@ > #define X86_BUG_FXSAVE_LEAK X86_BUG(6) /* FXSAVE leaks FOP/FIP/FOP */ > #define X86_BUG_CLFLUSH_MONITOR X86_BUG(7) /* AAI65, CLFLUSH required before MONITOR */ > #define X86_BUG_SYSRET_SS_ATTRS X86_BUG(8) /* SYSRET doesn't fix up SS attrs */ > -#define X86_BUG_NULL_SEG X86_BUG(9) /* Nulling a selector preserves the base */ > -#define X86_BUG_SWAPGS_FENCE X86_BUG(10) /* SWAPGS without input dep on GS */ > - > - > #ifdef CONFIG_X86_32 > /* > * 64-bit kernels don't use X86_BUG_ESPFIX. Make the define conditional > @@ -312,5 +308,7 @@ > */ > #define X86_BUG_ESPFIX X86_BUG(9) /* "" IRET to 16-bit SS corrupts ESP/RSP high bits */ > #endif > +#define X86_BUG_NULL_SEG X86_BUG(10) /* Nulling a selector preserves the base */ > +#define X86_BUG_SWAPGS_FENCE X86_BUG(11) /* SWAPGS without input dep on GS */ > > #endif /* _ASM_X86_CPUFEATURES_H */ > _ -- Andy Lutomirski AMA Capital Management, LLC
Powered by blists - more mailing lists