| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 26 Mar 2018 21:11:48 -0700
From: Dave Hansen <dave.hansen@...el.com>
To: Ram Pai <linuxram@...ibm.com>,
Dave Hansen <dave.hansen@...ux.intel.com>
Cc: linux-kernel@...r.kernel.org, linux-mm@...ck.org,
tglx@...utronix.de, mpe@...erman.id.au, mingo@...nel.org,
akpm@...ux-foundation.org, shuah@...nel.org
Subject: Re: [PATCH 1/9] x86, pkeys: do not special case protection key 0
On 03/26/2018 07:27 PM, Ram Pai wrote:
>> This is a bit nicer than what Ram proposed because it is simpler
>> and removes special-casing for pkey 0. On the other hand, it does
>> allow applciations to pkey_free() pkey-0, but that's just a silly
>> thing to do, so we are not going to protect against it.
> The more I think about this, the more I feel we are opening up a can
> of worms. I am ok with a bad application, shooting itself in its feet.
> But I am worried about all the bug reports and support requests we
> will encounter when applications inadvertently shoot themselves
> and blame it on the kernel.
>
> a warning in dmesg logs indicating a free-of-pkey-0 can help deflect
> the blame from the kernel.
I think it's OK to leave it. A legit, very careful app could decide not
to use pkey 0. It might even be fun to write that in the selftests for
sheer entertainment value.
Although, it _could_ be a bit more debuggable than it is now. A
tracepoint that dumps out the pkey that got faulted on along with the
PKRU value at fault time might be nice to have. That's mildly difficult
to do from outside the app.
Powered by blists - more mailing lists