lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20141029200016.GK3424@laptop.dumpdata.com>
Date:	Wed, 29 Oct 2014 16:00:16 -0400
From:	Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
To:	Andy Lutomirski <luto@...capital.net>
Cc:	Josh Triplett <josh@...htriplett.org>, X86 ML <x86@...nel.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	Ingo Molnar <mingo@...nel.org>, xen-devel@...ts.xenproject.org
Subject: Re: [PATCH 3/3] x86_64,vsyscall: Make vsyscall emulation configurable

On Tue, Oct 28, 2014 at 11:09:53AM -0700, Andy Lutomirski wrote:
> On Tue, Oct 28, 2014 at 10:57 AM, Josh Triplett <josh@...htriplett.org> wrote:
> > On Tue, Oct 28, 2014 at 10:22:28AM -0700, Andy Lutomirski wrote:
> >> This adds CONFIG_X86_VSYSCALL_EMULATION, guarded by CONFIG_EXPERT.
> >> Turning it off completely disables vsyscall emulation, saving ~3.5k
> >> for vsyscall_64.c, 4k for vsyscall_emu_64.S (the fake vsyscall
> >> page), some tiny amount of core mm code that supports a gate area,
> >> and possibly 4k for a wasted pagetable.  The latter is because the
> >> vsyscall addresses are misaligned and fit poorly in the fixmap.
> >>
> >> Signed-off-by: Andy Lutomirski <luto@...capital.net>
> >
> > One minor nit below, but with or without that change,
> > Reviewed-by: Josh Triplett <josh@...htriplett.org>
> >
> >> --- a/arch/x86/xen/mmu.c
> >> +++ b/arch/x86/xen/mmu.c
> >> @@ -1456,11 +1456,13 @@ static int xen_pgd_alloc(struct mm_struct *mm)
> >>               user_pgd = (pgd_t *)__get_free_page(GFP_KERNEL | __GFP_ZERO);
> >>               page->private = (unsigned long)user_pgd;
> >>
> >> +#ifdef CONFIG_X86_VSYSCALL_EMULATION
> >>               if (user_pgd != NULL) {
> >>                       user_pgd[pgd_index(VSYSCALL_ADDR)] =
> >>                               __pgd(__pa(level3_user_vsyscall) | _PAGE_TABLE);
> >>                       ret = 0;
> >>               }
> >> +#endif
> >
> > Could you instead make the if use IS_ENABLED?
> >
> >                 if (IS_ENABLED(CONFIG_X86_VSYSCALL_EMULATION) && user_pgd != NULL)
> >
> > That has the advantage of ensuring that the code continues to compile.
> > (Given that you haven't removed level3_user_vsyscall, that should work.)
> 
> I need the ret = 0, I think, so I'll resend.
> 
> I think I'd rather use #ifdef here, since I think it would be great if
> the Xen people could clean this up further.  With this change, under
> some configurations, there should be no user-accessible kernel
> addresses at all.  (Also, is there some PV mechanism
> that I'm not thinking of that will break with this change?  I know
> I've tripped over Xen pagetable and fixmap oddities before.)

Not that I know of. The vsyscall is the only one that I know of that
does this. 

Do you have a full patchset somewhere for testing?
> 
> --Andy
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ