| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 07 Mar 2023 16:52:01 +1100
From: Benjamin Gray <bgray@...ux.ibm.com>
To: Nicholas Piggin <npiggin@...il.com>, linuxppc-dev@...ts.ozlabs.org
Cc: ajd@...ux.ibm.com, linux-kernel@...r.kernel.org,
linux-hardening@...r.kernel.org, cmr@...escreens.de
Subject: Re: [RFC PATCH 13/13] Documentation: Document PowerPC kernel DEXCR
interface
On Tue, 2023-03-07 at 15:40 +1000, Nicholas Piggin wrote:
> Might need a bit more time and discussion on the API. Interestingly
> because the hashchk aspect is architectural, we may not be able to
> necessarily sanely enable that, because if it was disabled to start
> out with, our callchain up to the prctl call I think would have no
> return hashes set so we'd immediately fail on our first return.
I assumed it could eventually be supported in whatever startup wrapper
programs are built with, so either as one of the first things before
any calls, or the compiler could skip putting hash instructions in the
wrapper altogether. The ELF file itself might even be able to request
bits be enabled, so the kernel would start the process correctly.
As it is inherited, it's also possible for a wrapper program to set a
specific DEXCR before a child runs. E.g.,
fork();
prctl(...NPHIE...);
exec();
I hadn't thought of the prctl call itself causing an unbalanced hashchk
when it returns, but that should be solvable with an inline syscall.
Powered by blists - more mailing lists