lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sat, 21 Sep 2013 09:50:02 +0200
From:	Ingo Molnar <mingo@...nel.org>
To:	Bart Kuivenhoven <bemk@...hat.com>
Cc:	Matt Fleming <matt@...sole-pimps.org>, matt.fleming@...el.com,
	hpa@...or.com, tglx@...utronix.de, mingo@...hat.com,
	x86@...nel.org, linux-efi@...r.kernel.org,
	linux-kernel@...r.kernel.org, jcm@...hat.com, msalter@...hat.com
Subject: Re: [PATCH] x86 efi: bugfix interrupt disabling sequence


* Bart Kuivenhoven <bemk@...hat.com> wrote:

> On Fri, 2013-09-20 at 16:28 +0100, Matt Fleming wrote:
> > On Wed, 18 Sep, at 07:28:53PM, Bart Kuivenhoven wrote:
> > > The problem in efi_main was that the idt was cleared before the
> > > interrupts were disabled.
> > > 
> > > The UEFI spec states that interrupts aren't used so this shouldn't be
> > > too much of a problem. Peripherals however don't necessarily know about
> > > this and thus might cause interrupts to happen anyway. Even if
> > > ExitBootServices() has been called.
> > >
> > > This means there is a risk of an interrupt being triggered while the IDT
> > > register is nullified and the interrupt bit hasn't been cleared,
> > > allowing for a triple fault.
> > 
> > Just to be clear, you haven't witnessed a triple fault, correct?
> > 
> > > This patch fixes this by clearing the interrupt bit before the lidt
> > > instruction.
> > 
> > I think we can go even further than this and get rid of all of the IDT
> > code in the EFI boot stub. The kernel maintains its own IDT anyway.
> > 
> 
> Well, isn't it so, that the kernel expects a setup in which interrupts 
> are disabled before the decompressed image is loaded?
> 
> What we can do is remove the lidt instruction and IDT pointer, but that 
> still doesn't change anything with regards to the kernels expectations.
> 
> And no, I haven't witnessed a triple fault, this is purely theoretical, 
> with a very slim chance of it actually happening. That does not mean 
> that it can't happen though.

it would also be very hard to prove that it occured (outside of special 
debug environments) - spurious, low probability triple faults are as 
undebuggable as it gets.

Thanks,

	Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ