lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20150507174136.DD696F6F@viggo.jf.intel.com>
Date:	Thu, 07 May 2015 10:41:36 -0700
From:	Dave Hansen <dave@...1.net>
To:	dave@...1.net
Cc:	linux-kernel@...r.kernel.org, x86@...nel.org
Subject: [PATCH 09/12] x86, pkeys: notify userspace about protection key faults


A protection key fault is very similar to any other access
error.  There must be a VMA, etc...  We even want to take
the same action (SIGSEGV) that we do with a normal access
fault.

However, we do need to let userspace know that something
is different.  We do this the same way what we did with
SEGV_BNDERR with Memory Protection eXtensions (MPX):
define a new SEGV code: SEGV_PKUERR.

We will, at some point need to allow userspace a way to
figure out which protection key coveres the address that
we faulted on.  We can either do that with a separate
interface, or we could pass it up in the siginfo like
MPX did.

Suggestions welcome. :)

---

 b/arch/x86/mm/fault.c                |    5 ++++-
 b/include/uapi/asm-generic/siginfo.h |   10 +++++++++-
 2 files changed, 13 insertions(+), 2 deletions(-)

diff -puN arch/x86/mm/fault.c~pkeys-13-siginfo arch/x86/mm/fault.c
--- a/arch/x86/mm/fault.c~pkeys-13-siginfo	2015-05-07 10:31:44.169312893 -0700
+++ b/arch/x86/mm/fault.c	2015-05-07 10:31:44.174313118 -0700
@@ -838,7 +838,10 @@ static noinline void
 bad_area_access_error(struct pt_regs *regs, unsigned long error_code,
 		      unsigned long address)
 {
-	__bad_area(regs, error_code, address, SEGV_ACCERR);
+	if (error_code & PF_PK)
+		__bad_area(regs, error_code, address, SEGV_PKUERR);
+	else
+		__bad_area(regs, error_code, address, SEGV_ACCERR);
 }
 
 static void
diff -puN include/uapi/asm-generic/siginfo.h~pkeys-13-siginfo include/uapi/asm-generic/siginfo.h
--- a/include/uapi/asm-generic/siginfo.h~pkeys-13-siginfo	2015-05-07 10:31:44.170312938 -0700
+++ b/include/uapi/asm-generic/siginfo.h	2015-05-07 10:31:44.174313118 -0700
@@ -95,6 +95,13 @@ typedef struct siginfo {
 				void __user *_lower;
 				void __user *_upper;
 			} _addr_bnd;
+			int protection_key; /* FIXME: protection key value??
+					     * Do we really need this in here?
+					     * userspace can get the PKRU value in
+					     * the signal handler, but they do not
+					     * easily have access to the PKEY value
+					     * from the PTE.
+					     */
 		} _sigfault;
 
 		/* SIGPOLL */
@@ -206,7 +213,8 @@ typedef struct siginfo {
 #define SEGV_MAPERR	(__SI_FAULT|1)	/* address not mapped to object */
 #define SEGV_ACCERR	(__SI_FAULT|2)	/* invalid permissions for mapped object */
 #define SEGV_BNDERR	(__SI_FAULT|3)  /* failed address bound checks */
-#define NSIGSEGV	3
+#define SEGV_PKUERR	(__SI_FAULT|4)  /* failed address bound checks */
+#define NSIGSEGV	4
 
 /*
  * SIGBUS si_codes
_
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ