| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <4ACDEC070200007800018B57@vpn.id2.novell.com> Date: Thu, 08 Oct 2009 12:41:27 +0100 From: "Jan Beulich" <JBeulich@...ell.com> To: "Pavel Machek" <pavel@....cz> Cc: <mingo@...e.hu>, <tglx@...utronix.de>, <linux-kernel@...r.kernel.org>, <hpa@...or.com> Subject: Re: [PATCH] x86-64: don't leak kernel register values to 32-bit processes >>> Pavel Machek <pavel@....cz> 07.10.09 11:44 >>> >How can userspace "temporarily switch itself" to 64bit mode? By just determining (or guessing) the 64-bit user mode CS value, and far- jumping/calling to an address with this CS as the selector. >Such ability would lead to very interesting behaviour on 32-bit >kernel, I'd say... That won't work - you have to have a 64-bit kernel: EFER.LME and the L bit of some user mode code segment descriptor must be set (or settable). Consequently a 64-bit kernel could, if it wanted to, make it impossible for user mode code to do such switching (and an example of this, where security requires it, is 64-bit Xen disallowing 32-bit para-virtual guests [kernel or user mode] to switch themselves into 64-bit mode). Jan -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists