| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4C3DC949.8040801@redhat.com> Date: Wed, 14 Jul 2010 17:27:21 +0300 From: Avi Kivity <avi@...hat.com> To: Xiao Guangrong <xiaoguangrong@...fujitsu.com> CC: LKML <linux-kernel@...r.kernel.org>, KVM list <kvm@...r.kernel.org>, Marcelo Tosatti <mtosatti@...hat.com> Subject: Re: [PATCH 1/4] KVM: MMU: fix forgot reserved bits check in speculative path On 07/14/2010 04:24 PM, Xiao Guangrong wrote: > > Avi Kivity wrote: > > >>> + >>> + if (!!is_pae(vcpu) != sp->role.cr4_pae || >>> + is_nx(vcpu) != sp->role.nxe) >>> + continue; >>> + >>> >>> >> Do we also need to check cr0.wp? I think so. >> > I think it's not too bad since we just decrease the access right, for example, > we mark the mapping readonly for cr0.wp=0's page, the later write-access will > cause #PF, and the read-access is OK. > If current cr0.wp=0 and sp->role.cr0_wp=1, that's fine, but the other way round can relax permissions too much, marking a kernel page writeable. -- I have a truly marvellous patch that fixes the bug which this signature is too narrow to contain. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists