lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <56DDF22D.9090102@oracle.com>
Date:	Mon, 7 Mar 2016 14:27:09 -0700
From:	Khalid Aziz <khalid.aziz@...cle.com>
To:	David Miller <davem@...emloft.net>
Cc:	corbet@....net, akpm@...ux-foundation.org,
	dingel@...ux.vnet.ibm.com, bob.picco@...cle.com,
	kirill.shutemov@...ux.intel.com, aneesh.kumar@...ux.vnet.ibm.com,
	aarcange@...hat.com, arnd@...db.de, sparclinux@...r.kernel.org,
	rob.gardner@...cle.com, mhocko@...e.cz, chris.hyser@...cle.com,
	richard@....at, vbabka@...e.cz, koct9i@...il.com, oleg@...hat.com,
	gthelen@...gle.com, jack@...e.cz, xiexiuqi@...wei.com,
	Vineet.Gupta1@...opsys.com, luto@...nel.org, ebiederm@...ssion.com,
	bsegall@...gle.com, geert@...ux-m68k.org, dave@...olabs.net,
	adobriyan@...il.com, linux-doc@...r.kernel.org,
	linux-kernel@...r.kernel.org, linux-mm@...ck.org,
	linux-arch@...r.kernel.org, linux-api@...r.kernel.org
Subject: Re: [PATCH v2] sparc64: Add support for Application Data Integrity
 (ADI)

On 03/07/2016 12:09 PM, David Miller wrote:
> From: Khalid Aziz <khalid.aziz@...cle.com>
> Date: Mon, 7 Mar 2016 11:04:38 -0700
>
>> On 03/07/2016 09:56 AM, David Miller wrote:
>>> From: Khalid Aziz <khalid.aziz@...cle.com>
>>> Date: Mon, 7 Mar 2016 08:07:53 -0700
>>>
>>>> PR_GET_SPARC_ADICAPS
>>>
>>> Put this into a new ELF auxiliary vector entry via ARCH_DLINFO.
>>>
>>> So now all that's left is supposedly the TAG stuff, please explain
>>> that to me so I can direct you to the correct existing interface to
>>> provide that as well.
>>>
>>> Really, try to avoid prtctl, it's poorly typed and almost worse than
>>> ioctl().
>>>
>>
>> The two remaining operations I am looking at are:
>>
>> 1. Is PSTATE.mcde bit set for the process? PR_SET_SPARC_ADI provides
>> this in its return value in the patch I sent.
>
> Unnecessary.  If any ADI mappings exist then mcde is set, otherwise it is
> clear.  This is internal state and the application has no need to every
> set nor query it.
>
> It is implicit from the mprotect() calls the user makes to enable ADI
> regions.
>
>> 2. Is TTE.mcd set for a given virtual address? PR_GET_SPARC_ADI_STATUS
>> provides this function in the patch I sent.
>
> Again, implied by the mprotect() calls.
>

Hi Dave,

I agree with your point of view. PSTATE.mcde and TTE.mcd are set in 
response to request from userspace. If userspace asked for them to be 
set, they already know but it was the database guys that asked for these 
two functions and they are the primary customers for the ADI feature. I 
am not crazy about this idea since this extends the mprotect API even 
further but would you consider using the return value from mprotect to 
indicate if PSTATE.mcde or TTE.mcd were already set on the given address?

Thanks,
Khalid

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ