| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 1 Jul 2016 09:30:37 -0700 From: Andy Lutomirski <luto@...capital.net> To: Borislav Petkov <bp@...en8.de> Cc: Michal Hocko <mhocko@...e.com>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, stable <stable@...r.kernel.org>, Andi Kleen <ak@...ux.intel.com>, "linux-mm@...ck.org" <linux-mm@...ck.org>, Linus Torvalds <torvalds@...ux-foundation.org>, Andrew Morton <akpm@...ux-foundation.org>, X86 ML <x86@...nel.org>, Dave Hansen <dave.hansen@...ux.intel.com>, Dave Hansen <dave@...1.net> Subject: Re: [PATCH 1/6] x86: fix duplicated X86_BUG(9) macro On Jul 1, 2016 2:23 AM, "Borislav Petkov" <bp@...en8.de> wrote: > > On Thu, Jun 30, 2016 at 05:12:10PM -0700, Dave Hansen wrote: > > > > From: Dave Hansen <dave.hansen@...ux.intel.com> > > > > epufeatures.h currently defines X86_BUG(9) twice on 32-bit: > > > > #define X86_BUG_NULL_SEG X86_BUG(9) /* Nulling a selector preserves the base */ > > ... > > #ifdef CONFIG_X86_32 > > #define X86_BUG_ESPFIX X86_BUG(9) /* "" IRET to 16-bit SS corrupts ESP/RSP high bits */ > > #endif > > > > I think what happened was that this added the X86_BUG_ESPFIX, but > > in an #ifdef below most of the bugs: > > > > [58a5aac5] x86/entry/32: Introduce and use X86_BUG_ESPFIX instead of paravirt_enabled > > > > Then this came along and added X86_BUG_NULL_SEG, but collided > > with the earlier one that did the bug below the main block > > defining all the X86_BUG()s. > > > > [7a5d6704] x86/cpu: Probe the behavior of nulling out a segment at boot time > > > > Signed-off-by: Dave Hansen <dave.hansen@...ux.intel.com> > > Acked-by: Andy Lutomirski <luto@...nel.org> > > Cc: stable@...r.kernel.org > > --- > > > > b/arch/x86/include/asm/cpufeatures.h | 6 ++---- > > 1 file changed, 2 insertions(+), 4 deletions(-) > > > > diff -puN arch/x86/include/asm/cpufeatures.h~knl-leak-10-fix-x86-bugs-macros arch/x86/include/asm/cpufeatures.h > > --- a/arch/x86/include/asm/cpufeatures.h~knl-leak-10-fix-x86-bugs-macros 2016-06-30 17:10:41.215185869 -0700 > > +++ b/arch/x86/include/asm/cpufeatures.h 2016-06-30 17:10:41.218186005 -0700 > > @@ -301,10 +301,6 @@ > > #define X86_BUG_FXSAVE_LEAK X86_BUG(6) /* FXSAVE leaks FOP/FIP/FOP */ > > #define X86_BUG_CLFLUSH_MONITOR X86_BUG(7) /* AAI65, CLFLUSH required before MONITOR */ > > #define X86_BUG_SYSRET_SS_ATTRS X86_BUG(8) /* SYSRET doesn't fix up SS attrs */ > > -#define X86_BUG_NULL_SEG X86_BUG(9) /* Nulling a selector preserves the base */ > > -#define X86_BUG_SWAPGS_FENCE X86_BUG(10) /* SWAPGS without input dep on GS */ > > - > > - > > #ifdef CONFIG_X86_32 > > /* > > * 64-bit kernels don't use X86_BUG_ESPFIX. Make the define conditional > > So I'd remove the "#ifdef CONFIG_X86_32" ifdeffery too and make that bit > unconditional - so what, we have enough free bits. But I'd leave the > comment to still avoid the confusion :) > I put the ifdef there to prevent anyone from accidentally using it in a 64-bit code path, not to save a bit. We could put in the middle of the list to make the mistake much less likely to be repeated, I suppose.
Powered by blists - more mailing lists