| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 24 Feb 2016 22:00:55 -0800
From: "H. Peter Anvin" <hpa@...or.com>
To: peterz@...radead.org, brgerst@...il.com, mingo@...nel.org,
tglx@...utronix.de, torvalds@...ux-foundation.org, luto@...nel.org,
linux-kernel@...r.kernel.org, luto@...capital.net, bp@...en8.de,
dvlasenk@...hat.com, linux-tip-commits@...r.kernel.org
Subject: Re: [tip:x86/urgent] x86/entry/32: Add an ASM_CLAC to
entry_SYSENTER_32
On 02/24/16 21:53, tip-bot for Andy Lutomirski wrote:
> Commit-ID: 04d1d281dcfe683a53cddfab8371fc8bb302b069
> Gitweb: http://git.kernel.org/tip/04d1d281dcfe683a53cddfab8371fc8bb302b069
> Author: Andy Lutomirski <luto@...nel.org>
> AuthorDate: Tue, 23 Feb 2016 13:19:29 -0800
> Committer: Ingo Molnar <mingo@...nel.org>
> CommitDate: Wed, 24 Feb 2016 08:43:04 +0100
>
> x86/entry/32: Add an ASM_CLAC to entry_SYSENTER_32
>
> Both before and after 5f310f739b4c ("x86/entry/32: Re-implement
> SYSENTER using the new C path"), we relied on a uaccess very early
> in the SYSENTER path to clear AC. After that change, though, we can
> potentially make it all the way into C code with AC set, which
> enlarges the attack surface for SMAP bypass by doing SYSENTER with
> AC set.
>
> Strengthen the SMAP protection by addding the missing ASM_CLAC right
> at the beginning.
>
Hmmm... this potentially adds a *lot* of unnecessary cycles to this
path. Could we reinstate the early uaccess?
-hpa
Powered by blists - more mailing lists