lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 5 Mar 2018 17:44:48 +0100
From:   Joerg Roedel <joro@...tes.org>
To:     Brian Gerst <brgerst@...il.com>
Cc:     Linus Torvalds <torvalds@...ux-foundation.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...nel.org>, Peter Anvin <hpa@...or.com>,
        the arch/x86 maintainers <x86@...nel.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        linux-mm <linux-mm@...ck.org>,
        Andrew Lutomirski <luto@...nel.org>,
        Dave Hansen <dave.hansen@...el.com>,
        Josh Poimboeuf <jpoimboe@...hat.com>,
        Jürgen Groß <jgross@...e.com>,
        Peter Zijlstra <peterz@...radead.org>,
        Borislav Petkov <bp@...en8.de>, Jiri Kosina <jkosina@...e.cz>,
        Boris Ostrovsky <boris.ostrovsky@...cle.com>,
        David Laight <David.Laight@...lab.com>,
        Denys Vlasenko <dvlasenk@...hat.com>,
        Eduardo Valentin <eduval@...zon.com>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Will Deacon <will.deacon@....com>,
        "Liguori, Anthony" <aliguori@...zon.com>,
        Daniel Gruss <daniel.gruss@...k.tugraz.at>,
        Hugh Dickins <hughd@...gle.com>,
        Kees Cook <keescook@...gle.com>,
        Andrea Arcangeli <aarcange@...hat.com>,
        Waiman Long <llong@...hat.com>, Pavel Machek <pavel@....cz>,
        Joerg Roedel <jroedel@...e.de>
Subject: Re: [PATCH 07/34] x86/entry/32: Restore segments before int registers

On Mon, Mar 05, 2018 at 09:51:29AM -0500, Brian Gerst wrote:
> For the IRET fault case you will still need to catch it in the
> exception code.  See the 64-bit code (.Lerror_bad_iret) for example.
> For 32-bit, you could just expand that check to cover the whole exit
> prologue after the CR3 switch, including the data segment loads.

I had a look at the 64 bit code and the exception-in-kernel case seems
to be handled differently than on 32 bit. The 64 bit entry code has
checks for certain kinds of errors like iret exceptions.

On 32 bit this is implemented via the standard exception tables which
get an entry for every EIP that might fault (usually segment loading
operations, but also iret).

So, unless I am missing something, all the exception entry code has to
do is to remember the stack and the cr3 with which it was entered (if
entered from kernel mode) and restore those before iret. And this is
what I implemented in v3 of this patch-set.


Regards,

	Joerg

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ