lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20140725150445.GG18735@two.firstfloor.org>
Date:	Fri, 25 Jul 2014 17:04:45 +0200
From:	Andi Kleen <andi@...stfloor.org>
To:	Peter Zijlstra <peterz@...radead.org>
Cc:	"Yan, Zheng" <zheng.z.yan@...el.com>, linux-kernel@...r.kernel.org,
	mingo@...nel.org, acme@...radead.org, eranian@...gle.com,
	andi@...stfloor.org
Subject: Re: [PATCH v3 6/9] perf, x86: handle multiple records in PEBS
 buffer

> You can't.. the events might have different security context.
> 
> Remember, the overflow bit is set from the overflow until the PEBS
> event is generated, this is quite a long time. So if another PEBS event
> gets generated while the other is still pending it will have both bits
> set. Even though the second bit is for another (unrelated) counter.

When an event is not allowed by some policy it should be disabled
in global ctrl right? And disabling makes sure overflow is cleared,
and PEBS will not report it.

When it's not disabled it could happen any time and there
is no isolation.

Or is the concern that the PEBS buffer may not be flushed
on event switch/disable and you see something stale? I believe it is
flushed.

> I think you can unwind and fully correct this trainwreck. But simply
> delivering an even with multiple bits set to all relevant events is
> wrong and might leak sensitive information.

In theory could double check that the event is enabled,
but I don't think it's really needed.

-Andi
-- 
ak@...ux.intel.com -- Speaking for myself only.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ