lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1379708486.12705.131.camel@dhcp-128-237.ams.redhat.com>
Date:	Fri, 20 Sep 2013 22:21:26 +0200
From:	Bart Kuivenhoven <bemk@...hat.com>
To:	Matt Fleming <matt@...sole-pimps.org>
Cc:	matt.fleming@...el.com, hpa@...or.com, tglx@...utronix.de,
	mingo@...hat.com, x86@...nel.org, linux-efi@...r.kernel.org,
	linux-kernel@...r.kernel.org, jcm@...hat.com, msalter@...hat.com
Subject: Re: [PATCH] x86 efi: bugfix interrupt disabling sequence

On Fri, 2013-09-20 at 16:28 +0100, Matt Fleming wrote:
> On Wed, 18 Sep, at 07:28:53PM, Bart Kuivenhoven wrote:
> > The problem in efi_main was that the idt was cleared before the
> > interrupts were disabled.
> > 
> > The UEFI spec states that interrupts aren't used so this shouldn't be
> > too much of a problem. Peripherals however don't necessarily know about
> > this and thus might cause interrupts to happen anyway. Even if
> > ExitBootServices() has been called.
> >
> > This means there is a risk of an interrupt being triggered while the IDT
> > register is nullified and the interrupt bit hasn't been cleared,
> > allowing for a triple fault.
> 
> Just to be clear, you haven't witnessed a triple fault, correct?
> 
> > This patch fixes this by clearing the interrupt bit before the lidt
> > instruction.
> 
> I think we can go even further than this and get rid of all of the IDT
> code in the EFI boot stub. The kernel maintains its own IDT anyway.
> 

Well, isn't it so, that the kernel expects a setup in which interrupts
are disabled before the decompressed image is loaded?

What we can do is remove the lidt instruction and IDT pointer, but that
still doesn't change anything with regards to the kernels expectations.

And no, I haven't witnessed a triple fault, this is purely theoretical,
with a very slim chance of it actually happening. That does not mean
that it can't happen though.

-- 
Kind regards/Met vriendelijke groet,
Bart Kuivenhoven.

Intern Fedora ARM,
Red Hat.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ