lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 9 Nov 2017 14:23:29 -0800
From:   Ram Pai <linuxram@...ibm.com>
To:     Florian Weimer <fw@...eb.enyo.de>
Cc:     mpe@...erman.id.au, mingo@...hat.com, akpm@...ux-foundation.org,
        corbet@....net, arnd@...db.de, linux-arch@...r.kernel.org,
        ebiederm@...ssion.com, linux-doc@...r.kernel.org, x86@...nel.org,
        dave.hansen@...el.com, linux-kernel@...r.kernel.org,
        mhocko@...nel.org, linux-mm@...ck.org, paulus@...ba.org,
        aneesh.kumar@...ux.vnet.ibm.com, linux-kselftest@...r.kernel.org,
        bauerman@...ux.vnet.ibm.com, linuxppc-dev@...ts.ozlabs.org,
        khandual@...ux.vnet.ibm.com
Subject: Re: [PATCH v9 00/51] powerpc, mm: Memory Protection Keys

On Mon, Nov 06, 2017 at 05:22:18PM -0800, Ram Pai wrote:
> On Mon, Nov 06, 2017 at 10:28:41PM +0100, Florian Weimer wrote:
> > * Ram Pai:
> > 
> > > Testing:
> > > -------
> > > This patch series has passed all the protection key
> > > tests available in the selftest directory.The
> > > tests are updated to work on both x86 and powerpc.
> > > The selftests have passed on x86 and powerpc hardware.
> > 
....snip....

> > What about siglongjmp from a signal handler?
> 
> On powerpc there is some relief.  the permissions on a key can be
> modified from anywhere, including from the signal handler, and the
> effect will be immediate.  You dont have to wait till the
> signal handler returns for the key permissions to be restore.
> 
> also after return from the sigsetjmp();
> possibly caused by siglongjmp(), the program can restore the permission
> on any key.
> 
> Atleast that is my theory. Can you give me a testcase; if you have one
> handy.
> 
> > 
> >   <https://sourceware.org/bugzilla/show_bug.cgi?id=22396>
> > 

reading through the bug report, you mention that the following
"The application may not be able to save and restore the protection bits
for all keys because the kernel API does not actually specify that the
set of keys is a small, fixed set."

What exact kernel API do you need? This patch set exposes the total
number of keys and  max keys,  through sysfs.
https://marc.info/?l=linux-kernel&m=150995950219669&w=2

Is this sufficient? or do you need something else?

RP

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ