| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 19 Jul 2011 09:13:39 -0400 From: Andy Lutomirski <luto@....EDU> To: x86@...nel.org Cc: linux-kernel@...r.kernel.org, Andy Lutomirski <luto@....edu> Subject: [PATCH] x86: Set TPR to block external interrupts 0-31 If an external interrupt with vector 0-31 comes in, we are likely to do the wrong thing, since we'll think it's a trap from the CPU. Depending on which vector it is, we could get even more confused, because some traps push an error code but traps do not, so we will corrupt the stack on return. We can reduce the chance that we get such an interrupt from a rogue or malfunctioning device by changing the APIC's TPR. This is not known to fix any real bugs, but it should not hurt and it's has no performance cost. It is inspired by, but much less aggressive than this patch from Xen: http://xenbits.xen.org/hg/staging/xen-4.0-testing.hg/rev/b85a9e58ec3a Signed-off-by: Andy Lutomirski <luto@....edu> --- The original paper is here and is rather interesting: http://www.invisiblethingslab.com/resources/2011/Software%20Attacks%20on%20Intel%20VT-d.pdf This patch *does not* prevent most of the interesting attacks in that paper, and the fancy mitigation tricks that Xen added seem silly. They don't address all of the attacks, and they slow down interrupt processing. But this particular part should be free and seems like a potentially worthwhile change to improve resistance to dumb bugs. arch/x86/kernel/apic/apic.c | 8 +++----- 1 files changed, 3 insertions(+), 5 deletions(-) diff --git a/arch/x86/kernel/apic/apic.c b/arch/x86/kernel/apic/apic.c index b9338b8..125e2b2 100644 --- a/arch/x86/kernel/apic/apic.c +++ b/arch/x86/kernel/apic/apic.c @@ -1252,12 +1252,10 @@ void __cpuinit setup_local_APIC(void) #endif /* - * Set Task Priority to 'accept all'. We never change this - * later on. + * Set Task Priority to 'accept all external vectors'. We never + * change this later on. */ - value = apic_read(APIC_TASKPRI); - value &= ~APIC_TPRI_MASK; - apic_write(APIC_TASKPRI, value); + apic_write(APIC_TASKPRI, (FIRST_EXTERNAL_VECTOR & 0xF0) - 0x10); /* * After a crash, we no longer service the interrupts and a pending -- 1.7.6 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists