| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 21 Jul 2016 15:26:44 -0700 From: Dave Hansen <dave.hansen@...ux.intel.com> To: "H. Peter Anvin" <hpa@...or.com>, Andy Lutomirski <luto@...capital.net> Cc: X86 ML <x86@...nel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org> Subject: Re: Minor PKRU bug? On 07/21/2016 02:48 PM, H. Peter Anvin wrote: >> >I like it, except that reading just a single byte is a bit silly. >> >OTOH, that's what the current code needs and I see no fundamental >> >reason to change it until there's a real user. >>> > The thing is that we can't actually test this, since there is no > machine on which this code path will ever execute. That concerns me > a bit. I rigged the is_prefetch() check to return true on an instruction that I know causes a sigbus. If I run without protection keys, this setup sits in a never-ending fault loop, which is the behavior that we want from *real* prefetch instructions. But, if I have that instruction be marked execute-only by pkeys, is_prefetch() returns false and the app gets the sigbus, and it *looks* like it came from the (fake) prefetch instruction, which isn't what we want. It's not exactly a real-world test, but it did convince me that the code is doing the right thing.
Powered by blists - more mailing lists