lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CALCETrV1KHGuvT9Ob-7KfJ_CT0m-bVF=qjw18BsUzmG4wk0EYQ@mail.gmail.com>
Date:	Fri, 10 Apr 2015 13:34:05 -0700
From:	Andy Lutomirski <luto@...capital.net>
To:	Andi Kleen <ak@...ux.intel.com>
Cc:	Andi Kleen <andi@...stfloor.org>, X86 ML <x86@...nel.org>,
	Andrew Lutomirski <luto@...nel.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	Steven Rostedt <rostedt@...dmis.org>,
	Borislav Petkov <bp@...en8.de>
Subject: Re: [PATCH 4/8] x86: Add support for rd/wr fs/gs base

On Fri, Apr 10, 2015 at 1:21 PM, Andi Kleen <ak@...ux.intel.com> wrote:
>> We never run paranoid_exit if we interrupted userspace, and we can't
>> context switch on the IST stack, so I don't see how this is possible.
>>
>> > - Restore from R15 (with FSGSBASE), if the gs base was saved
>> > in R15
>>
>> What about case 4: we interrupted the kernel with usergs?  (The code
>> seems more correct in this regard, but this description above is
>> confusing to me.)
>
> I'll fix the description.
>
>> >                                 estacks = per_cpu(debug_stack, cpu);
>> > +                       /* Store GS at bottom of stack for bootstrap access */
>> > +                       *(void **)estacks = gs;
>> >                         estacks += exception_stack_sizes[v];
>> >                         oist->ist[v] = t->x86_tss.ist[v] =
>> >                                         (unsigned long)estacks;
>>
>> Seems reasonable to me.
>>
>> You could possibly simplify some things if you wrote the address to
>> the bottom of *each* debug stack.  Then you wouldn't need the extra
>> alignment stuff.
>
> It would waste 16K or so per CPU. I don't think the if is a problem.
>

It wouldn't take any additional memory at all.  Currently we have 8k
of "debug" stack which is really two 4k pieces, and you're putting the
kernel gs base in the bottom word.  I'm suggesting that you duplicate
the kernel gs base at the bottom work and the bottom word + 4k.  We
already have a hard limit of 4k of debug stack because of the IST
shift mechanism -- it really is two separate 4k stacks, not one 8k
stack.

Heck, we could rename it DEBUG_STACK_1 and DEBUG_STACK_2, although I
wouldn't get too excited about it since I'm working on patches to
remove the debug stack entirely.

The benefit of this is that the mask needed to find the kernel gs base
is the same for all entries.

--Andy
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ