lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 18 Feb 2016 19:53:22 +0100 From: Ingo Molnar <mingo@...nel.org> To: Bryan O'Donoghue <pure.logic@...us-software.ie> Cc: linux-kernel@...r.kernel.org, corbet@....net, tglx@...utronix.de, mingo@...hat.com, hpa@...or.com, x86@...nel.org, andriy.shevchenko@...ux.intel.com, boon.leong.ong@...el.com, fengguang.wu@...el.com, linux-doc@...r.kernel.org Subject: Re: [PATCH] x86/intel/quark: Parameterize the kernel's IMR lock logic * Bryan O'Donoghue <pure.logic@...us-software.ie> wrote: > On Thu, 2016-02-18 at 08:58 +0100, Ingo Molnar wrote: > > So why not simply do the patch below? Very few people use boot > > parameters, and the > > complexity does not seem to be worth it. > > > > Furthermore I think an IMR range in itself is safe enough - it's not > > like such > > register state is going to be randomly corrupted, even with the > > 'lock' bit unset. > > > Hi Ingo. > > I agree - to flip the lock bit you need to be in ring-0 anyway. > > > So it's a perfectly fine protective measure against accidental memory > > corruption > > from the DMA space. It should not try to be more than that. > > > > And once we do this, I suggest we get rid of the 'lock' parameter > > altogether - > > that will further simplify the code. > > > > Thanks, > > > > Ingo > > That was the V1 of this patch > > https://groups.google.com/forum/#!topic/linux.kernel/6ZuVOF3TJow heh ;-) > Andriy asked for the boot parameter to control the state of the IMR > lock bit, I'm just as happy to go back to that version TBH I really think it's over-engineered - especially considering that with the kernel lock-down removed there's no other IMR area that is really locked down - so we could get rid of the whole 'locked' logic that would simplify the code throughout. Yeah, it's a nice looking hardware feature - but I don't think it's particularly useful in terms of extra protection. Thanks, Ingo
Powered by blists - more mailing lists