lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 24 Apr 2015 09:25:05 -0700
From:	Linus Torvalds <torvalds@...ux-foundation.org>
To:	Brian Gerst <brgerst@...il.com>
Cc:	Denys Vlasenko <dvlasenk@...hat.com>,
	Andy Lutomirski <luto@...nel.org>,
	"the arch/x86 maintainers" <x86@...nel.org>,
	"H. Peter Anvin" <hpa@...or.com>,
	Andy Lutomirski <luto@...capital.net>,
	Borislav Petkov <bp@...en8.de>,
	Denys Vlasenko <vda.linux@...glemail.com>,
	Ingo Molnar <mingo@...nel.org>,
	Steven Rostedt <rostedt@...dmis.org>,
	Oleg Nesterov <oleg@...hat.com>,
	Frederic Weisbecker <fweisbec@...il.com>,
	Alexei Starovoitov <ast@...mgrid.com>,
	Will Drewry <wad@...omium.org>,
	Kees Cook <keescook@...omium.org>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] x86_64, asm: Work around AMD SYSRET SS descriptor
 attribute issue

On Fri, Apr 24, 2015 at 5:00 AM, Brian Gerst <brgerst@...il.com> wrote:
>
> So actually this isn't a preemption issue, as the NULL SS is coming
> from an interrupt from userspace (timer tick, etc.).

It *is* a preemption issue, in the sense that the interrupt that
clears SS also then returns to user space using an "iret" that will
properly restore it.

So the only case we need to worry about is the preemption case, where
the interrupt has caused a task switch (typically because it woke
something up or it was the timer interrupt and the timeslice of the
previous task is up), and we switch to another context that returns to
user space using "sysret" instead.

> Another alternative to consider is setting SS=__KERNEL_DS on interrupt
> entry if it's NULL.

The interrupt path is likely more critical than the scheduler path.
Also, it's any exception, afaik, so it's a lot less targeted.

I like Andy's patch. It looks good and efficient. We need to keep this
issue in mind if we ever expand the "Use sysret to return to userspace
when possible" approach to other things than just system call returns,
but with the limitations of the contents of RCX/R11, that's unlikely
to ever be a useful thing anyway.

                      Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ