lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CALCETrUihPeKODJqi3tMYwyWYhML1Z=gr4wrVK5VnaFo=KGVJA@mail.gmail.com>
Date:	Tue, 28 Oct 2014 11:09:53 -0700
From:	Andy Lutomirski <luto@...capital.net>
To:	Josh Triplett <josh@...htriplett.org>
Cc:	X86 ML <x86@...nel.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	Ingo Molnar <mingo@...nel.org>,
	Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>,
	xen-devel@...ts.xenproject.org
Subject: Re: [PATCH 3/3] x86_64,vsyscall: Make vsyscall emulation configurable

On Tue, Oct 28, 2014 at 10:57 AM, Josh Triplett <josh@...htriplett.org> wrote:
> On Tue, Oct 28, 2014 at 10:22:28AM -0700, Andy Lutomirski wrote:
>> This adds CONFIG_X86_VSYSCALL_EMULATION, guarded by CONFIG_EXPERT.
>> Turning it off completely disables vsyscall emulation, saving ~3.5k
>> for vsyscall_64.c, 4k for vsyscall_emu_64.S (the fake vsyscall
>> page), some tiny amount of core mm code that supports a gate area,
>> and possibly 4k for a wasted pagetable.  The latter is because the
>> vsyscall addresses are misaligned and fit poorly in the fixmap.
>>
>> Signed-off-by: Andy Lutomirski <luto@...capital.net>
>
> One minor nit below, but with or without that change,
> Reviewed-by: Josh Triplett <josh@...htriplett.org>
>
>> --- a/arch/x86/xen/mmu.c
>> +++ b/arch/x86/xen/mmu.c
>> @@ -1456,11 +1456,13 @@ static int xen_pgd_alloc(struct mm_struct *mm)
>>               user_pgd = (pgd_t *)__get_free_page(GFP_KERNEL | __GFP_ZERO);
>>               page->private = (unsigned long)user_pgd;
>>
>> +#ifdef CONFIG_X86_VSYSCALL_EMULATION
>>               if (user_pgd != NULL) {
>>                       user_pgd[pgd_index(VSYSCALL_ADDR)] =
>>                               __pgd(__pa(level3_user_vsyscall) | _PAGE_TABLE);
>>                       ret = 0;
>>               }
>> +#endif
>
> Could you instead make the if use IS_ENABLED?
>
>                 if (IS_ENABLED(CONFIG_X86_VSYSCALL_EMULATION) && user_pgd != NULL)
>
> That has the advantage of ensuring that the code continues to compile.
> (Given that you haven't removed level3_user_vsyscall, that should work.)

I need the ret = 0, I think, so I'll resend.

I think I'd rather use #ifdef here, since I think it would be great if
the Xen people could clean this up further.  With this change, under
some configurations, there should be no user-accessible kernel
addresses at all.  (Also, is there some PV mechanism
that I'm not thinking of that will break with this change?  I know
I've tripped over Xen pagetable and fixmap oddities before.)

--Andy
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ