lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 9 May 2016 16:54:21 -0700
From:	Dave Hansen <dave.hansen@...ux.intel.com>
To:	Yu-cheng Yu <yu-cheng.yu@...el.com>
Cc:	linux-kernel@...r.kernel.org, x86@...nel.org,
	"H. Peter Anvin" <hpa@...or.com>,
	Thomas Gleixner <tglx@...utronix.de>,
	Ingo Molnar <mingo@...hat.com>,
	Andy Lutomirski <luto@...nel.org>,
	Borislav Petkov <bp@...e.de>,
	Sai Praneeth Prakhya <sai.praneeth.prakhya@...el.com>,
	"Ravi V. Shankar" <ravi.v.shankar@...el.com>,
	Fenghua Yu <fenghua.yu@...el.com>
Subject: Re: [PATCH v5 11/13] x86/xsaves: Add WARN_ON_FPU() when a disabled
 xstate component offset is requested for a compacted format

On 05/09/2016 04:44 PM, Yu-cheng Yu wrote:
> On Mon, May 09, 2016 at 04:31:18PM -0700, Dave Hansen wrote:
>> On 05/09/2016 01:46 PM, Yu-cheng Yu wrote:
>>> Add a warning in case a disabled (not existing) xstate component offset
>>> is requested.
>> ...
>>> diff --git a/arch/x86/kernel/fpu/xstate.c b/arch/x86/kernel/fpu/xstate.c
>>> index 350814c..2e6dbfe 100644
>>> --- a/arch/x86/kernel/fpu/xstate.c
>>> +++ b/arch/x86/kernel/fpu/xstate.c
>>> @@ -756,6 +756,7 @@ void *__raw_xsave_addr(struct xregs_state *xsave, int xstate_feature_mask)
>>>  {
>>>  	int feature_nr = fls64(xstate_feature_mask) - 1;
>>>  
>>> +	WARN_ON_FPU(using_compacted_format() && !xfeature_enabled(feature_nr));
>>>  	return (void *)xsave + xstate_comp_offsets[feature_nr];
>>>  }
>>
>> Why the using_compacted_format()?  Shouldn't this be an error, regardless.
> 
> If the kernel is not using compacted format, I can get a component offset, no? 

You can get it, but why would you?  Let's say you were trying to get the
MPX contents.  You'd either be guaranteed to be getting 0's or
uninitialized garbage (if we didn't zero it carefully).

The garbage could be kernel data (if we didn't zero carefully).  So it
just seems dangerous to allow this for no apparent benefit.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ