lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Sun, 17 Dec 2017 16:24:37 +0100
From:   Ingo Molnar <mingo@...nel.org>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
Cc:     linux-kernel@...r.kernel.org, Thomas Gleixner <tglx@...utronix.de>,
        Peter Zijlstra <a.p.zijlstra@...llo.nl>,
        "H. Peter Anvin" <hpa@...or.com>, Dave Hansen <dave@...1.net>,
        Borislav Petkov <bp@...en8.de>,
        Andy Lutomirski <luto@...nel.org>,
        Andrew Morton <akpm@...ux-foundation.org>
Subject: [RFC GIT PULL] Page Table Isolation (PTI), x86 syscall entry code
 changes

Linus,

Please pull the latest WIP.x86-pti.entry-for-linus git tree from:

   git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git WIP.x86-pti.entry-for-linus

   # HEAD: 6cbd2171e89b13377261d15e64384df60ecb530e x86/cpufeatures: Make CPU bugs sticky

The main changes here are Andy Lutomirski's changes to switch the x86-64 entry 
code to use the 'per CPU entry trampoline stack'. This, besides helping fix KASLR 
leaks (the pending Page Table Isolation (PTI) work), also robustifies the x86 
entry code.

 Thanks,

	Ingo

------------------>
Andy Lutomirski (21):
      x86/unwinder/orc: Dont bail on stack overflow
      x86/irq: Remove an old outdated comment about context tracking races
      x86/irq/64: Print the offending IP in the stack overflow warning
      x86/entry/64: Allocate and enable the SYSENTER stack
      x86/dumpstack: Add get_stack_info() support for the SYSENTER stack
      x86/entry/gdt: Put per-CPU GDT remaps in ascending order
      x86/mm/fixmap: Generalize the GDT fixmap mechanism, introduce struct cpu_entry_area
      x86/kasan/64: Teach KASAN about the cpu_entry_area
      x86/entry: Fix assumptions that the HW TSS is at the beginning of cpu_tss
      x86/dumpstack: Handle stack overflow on all stacks
      x86/entry: Move SYSENTER_stack to the beginning of struct tss_struct
      x86/entry: Remap the TSS into the CPU entry area
      x86/entry/64: Separate cpu_current_top_of_stack from TSS.sp0
      x86/espfix/64: Stop assuming that pt_regs is on the entry stack
      x86/entry/64: Use a per-CPU trampoline stack for IDT entries
      x86/entry/64: Return to userspace from the trampoline stack
      x86/entry/64: Create a per-CPU SYSCALL entry trampoline
      x86/entry/64: Move the IST stacks into struct cpu_entry_area
      x86/entry/64: Remove the SYSENTER stack canary
      x86/entry: Clean up the SYSENTER_stack code
      x86/entry/64: Make cpu_entry_area.tss read-only

Boris Ostrovsky (1):
      x86/entry/64/paravirt: Use paravirt-safe macro to access eflags

Josh Poimboeuf (1):
      x86/unwinder: Handle stack overflows more gracefully

Thomas Gleixner (3):
      x86/paravirt: Dont patch flush_tlb_single
      x86/paravirt: Provide a way to check for hypervisors
      x86/cpufeatures: Make CPU bugs sticky

 arch/x86/entry/entry_32.S           |   6 +-
 arch/x86/entry/entry_64.S           | 189 +++++++++++++++++++++++++++++++-----
 arch/x86/entry/entry_64_compat.S    |   7 +-
 arch/x86/include/asm/cpufeature.h   |   2 +
 arch/x86/include/asm/desc.h         |  11 +--
 arch/x86/include/asm/fixmap.h       |  68 ++++++++++++-
 arch/x86/include/asm/hypervisor.h   |  25 +++--
 arch/x86/include/asm/irqflags.h     |   3 +
 arch/x86/include/asm/kdebug.h       |   1 +
 arch/x86/include/asm/paravirt.h     |   9 ++
 arch/x86/include/asm/processor.h    |  59 ++++++-----
 arch/x86/include/asm/stacktrace.h   |   3 +
 arch/x86/include/asm/switch_to.h    |   8 +-
 arch/x86/include/asm/thread_info.h  |   2 +-
 arch/x86/include/asm/traps.h        |   1 -
 arch/x86/include/asm/unwind.h       |   7 ++
 arch/x86/kernel/asm-offsets.c       |   6 ++
 arch/x86/kernel/asm-offsets_32.c    |   9 +-
 arch/x86/kernel/asm-offsets_64.c    |   4 +
 arch/x86/kernel/cpu/common.c        | 170 +++++++++++++++++++++++---------
 arch/x86/kernel/doublefault.c       |  36 ++++---
 arch/x86/kernel/dumpstack.c         |  74 +++++++++++---
 arch/x86/kernel/dumpstack_32.c      |   6 ++
 arch/x86/kernel/dumpstack_64.c      |   6 ++
 arch/x86/kernel/ioport.c            |   2 +-
 arch/x86/kernel/irq.c               |  12 ---
 arch/x86/kernel/irq_64.c            |   4 +-
 arch/x86/kernel/paravirt_patch_64.c |   2 -
 arch/x86/kernel/process.c           |  19 ++--
 arch/x86/kernel/process_32.c        |   2 +-
 arch/x86/kernel/process_64.c        |  14 +--
 arch/x86/kernel/traps.c             |  69 +++++++------
 arch/x86/kernel/unwind_orc.c        |  88 +++++++----------
 arch/x86/kernel/vmlinux.lds.S       |   9 ++
 arch/x86/kvm/vmx.c                  |   2 +-
 arch/x86/lib/delay.c                |   4 +-
 arch/x86/mm/kasan_init_64.c         |  18 +++-
 arch/x86/power/cpu.c                |  16 +--
 arch/x86/xen/enlighten_pv.c         |   2 +-
 arch/x86/xen/mmu_pv.c               |   2 +-
 40 files changed, 691 insertions(+), 286 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ