lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20150309162404.GA7833@redhat.com>
Date:	Mon, 9 Mar 2015 17:24:04 +0100
From:	Oleg Nesterov <oleg@...hat.com>
To:	Borislav Petkov <bp@...e.de>
Cc:	Dave Hansen <dave.hansen@...el.com>,
	Ingo Molnar <mingo@...nel.org>,
	Andy Lutomirski <luto@...capital.net>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	Pekka Riikonen <priikone@....fi>,
	Rik van Riel <riel@...hat.com>,
	Suresh Siddha <sbsiddha@...il.com>,
	LKML <linux-kernel@...r.kernel.org>,
	"Yu, Fenghua" <fenghua.yu@...el.com>,
	Quentin Casasnovas <quentin.casasnovas@...cle.com>
Subject: Re: [PATCH 1/1] x86/fpu: x86/fpu: avoid math_state_restore()
	without used_math() in __restore_xstate_sig()

On 03/09, Borislav Petkov wrote:
>
> On Mon, Mar 09, 2015 at 03:34:36PM +0100, Oleg Nesterov wrote:
> > The patch only fixes the problem with irqs disabled, I tested this.
> >
> > The problem with fpu_init/XRSTORS is another thing...
>
> Yet another thing?! Oh boy.

Well, this is the same thinhg reported by Dave ;)

> So first Dave reported the #GP, which got fixed by Quentin's patch.

It is not fixed by Quentin's patch.

This patch "fixes" the problem in a sense that the kernel won't crash
after restore_fpu_checking() triggers #GP. Before this patch
do_general_protection()->fixup_exception() does not work in this case
and the kernel panics.

But restore_fpu_checking() should not trigger #GP (and fail).


And just in case... tip/x86/fpu still won't work even with the patch
from Quentin. Again, the kernel won't crash, but /sbin/init will be
killed by SIGSEGV I guess. Because restore_fpu_checking() will fail.

I'll change flush_thread() to rely on init_xstate_buf, I was going to
do this anyway. But this too doesn't fix the problem: fpu_finit() is
buggy on Dave's machine.

Oleg.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ