lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20160305.230702.1325379875282120281.davem@davemloft.net>
Date:	Sat, 05 Mar 2016 23:07:02 -0500 (EST)
From:	David Miller <davem@...emloft.net>
To:	khalid.aziz@...cle.com
Cc:	corbet@....net, akpm@...ux-foundation.org,
	dingel@...ux.vnet.ibm.com, zhenzhang.zhang@...wei.com,
	bob.picco@...cle.com, kirill.shutemov@...ux.intel.com,
	aneesh.kumar@...ux.vnet.ibm.com, aarcange@...hat.com,
	arnd@...db.de, sparclinux@...r.kernel.org, rob.gardner@...cle.com,
	mhocko@...e.cz, chris.hyser@...cle.com, richard@....at,
	vbabka@...e.cz, koct9i@...il.com, oleg@...hat.com,
	gthelen@...gle.com, jack@...e.cz, xiexiuqi@...wei.com,
	Vineet.Gupta1@...opsys.com, luto@...nel.org, ebiederm@...ssion.com,
	bsegall@...gle.com, geert@...ux-m68k.org, dave@...olabs.net,
	adobriyan@...il.com, linux-doc@...r.kernel.org,
	linux-kernel@...r.kernel.org, linux-mm@...ck.org,
	linux-arch@...r.kernel.org, linux-api@...r.kernel.org
Subject: Re: [PATCH v2] sparc64: Add support for Application Data Integrity
 (ADI)

From: Khalid Aziz <khalid.aziz@...cle.com>
Date: Wed,  2 Mar 2016 13:39:37 -0700

> 	In this
> 	first implementation I am enabling ADI for hugepages only
> 	since these pages are locked in memory and hence avoid the
> 	issue of saving and restoring tags.

This makes the feature almost entire useless.

Non-hugepages must be in the initial implementation.

> +	PR_ENABLE_SPARC_ADI - Enable ADI checking in all pages in the address
> +		range specified. The pages in the range must be already
> +		locked. This operation enables the TTE.mcd bit for the
> +		pages specified. arg2 is the starting address for address
> +		range and must be page aligned. arg3 is the length of
> +		memory address range and must be a multiple of page size.

I strongly dislike this interface, and it makes the prtctl cases look
extremely ugly and hide to the casual reader what the code is actually
doing.

This is an mprotect() operation, so add a new flag bit and implement
this via mprotect please.

Then since you are guarenteed to have a consistent ADI setting for
every single VMA region, you never "lose" the ADI state when you swap
out.  It's implicit in the VMA itself, because you'll store in the VMA
that this is an ADI region.

I also want this enabled unconditionally, without any Kconfig knobs.

Thanks.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ