lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 5 Jan 2017 08:13:31 -0700
From:   Khalid Aziz <khalid.aziz@...cle.com>
To:     Jerome Marchand <jmarchan@...hat.com>, davem@...emloft.net,
        corbet@....net, arnd@...db.de, akpm@...ux-foundation.org
Cc:     hpa@...or.com, viro@...iv.linux.org.uk, nitin.m.gupta@...cle.com,
        chris.hyser@...cle.com, tushar.n.dave@...cle.com,
        sowmini.varadhan@...cle.com, mike.kravetz@...cle.com,
        adam.buchbinder@...il.com, minchan@...nel.org, hughd@...gle.com,
        kirill.shutemov@...ux.intel.com, keescook@...omium.org,
        allen.pais@...cle.com, aryabinin@...tuozzo.com,
        atish.patra@...cle.com, joe@...ches.com, pmladek@...e.com,
        jslaby@...e.cz, cmetcalf@...lanox.com,
        paul.gortmaker@...driver.com, mhocko@...e.com,
        dave.hansen@...ux.intel.com, lstoakes@...il.com,
        0x7f454c46@...il.com, vbabka@...e.cz, tglx@...utronix.de,
        mingo@...hat.com, dan.j.williams@...el.com, iamjoonsoo.kim@....com,
        mgorman@...hsingularity.net, vdavydov.dev@...il.com,
        hannes@...xchg.org, namit@...are.com, linux-doc@...r.kernel.org,
        linux-kernel@...r.kernel.org, sparclinux@...r.kernel.org,
        linux-arch@...r.kernel.org, x86@...nel.org, linux-mm@...ck.org,
        Khalid Aziz <khalid@...ehiking.org>
Subject: Re: [RFC PATCH v3] sparc64: Add support for Application Data
 Integrity (ADI)

On 01/05/2017 02:37 AM, Jerome Marchand wrote:
> On 01/04/2017 11:46 PM, Khalid Aziz wrote:
>> ADI is a new feature supported on sparc M7 and newer processors to allow
>> hardware to catch rogue accesses to memory. ADI is supported for data
>> fetches only and not instruction fetches. An app can enable ADI on its
>> data pages, set version tags on them and use versioned addresses to
>> access the data pages. Upper bits of the address contain the version
>> tag. On M7 processors, upper four bits (bits 63-60) contain the version
>> tag. If a rogue app attempts to access ADI enabled data pages, its
>> access is blocked and processor generates an exception.
>>
>> This patch extends mprotect to enable ADI (TSTATE.mcde), enable/disable
>> MCD (Memory Corruption Detection) on selected memory ranges, enable
>> TTE.mcd in PTEs, return ADI parameters to userspace and save/restore ADI
>> version tags on page swap out/in.  It also adds handlers for all traps
>> related to MCD. ADI is not enabled by default for any task. A task must
>> explicitly enable ADI on a memory range and set version tag for ADI to
>> be effective for the task.
>>
>> Signed-off-by: Khalid Aziz <khalid.aziz@...cle.com>
>> Cc: Khalid Aziz <khalid@...ehiking.org>
>> ---
>> v2:
>> 	- Fixed a build error
>>
>> v3:
>> 	- Removed CONFIG_SPARC_ADI
>> 	- Replaced prctl commands with mprotect
>> 	- Added auxiliary vectors for ADI parameters
>> 	- Enabled ADI for swappable pages
>>
>>  Documentation/sparc/adi.txt             | 239 ++++++++++++++++++++++++++++++++
>>  arch/sparc/include/asm/adi.h            |   6 +
>>  arch/sparc/include/asm/adi_64.h         |  46 ++++++
>>  arch/sparc/include/asm/elf_64.h         |   8 ++
>>  arch/sparc/include/asm/hugetlb.h        |  13 ++
>>  arch/sparc/include/asm/hypervisor.h     |   2 +
>>  arch/sparc/include/asm/mman.h           |  40 +++++-
>>  arch/sparc/include/asm/mmu_64.h         |   2 +
>>  arch/sparc/include/asm/mmu_context_64.h |  32 +++++
>>  arch/sparc/include/asm/pgtable_64.h     |  97 ++++++++++++-
>>  arch/sparc/include/asm/ttable.h         |  10 ++
>>  arch/sparc/include/asm/uaccess_64.h     | 120 +++++++++++++++-
>>  arch/sparc/include/uapi/asm/asi.h       |   5 +
>>  arch/sparc/include/uapi/asm/auxvec.h    |   8 ++
>>  arch/sparc/include/uapi/asm/mman.h      |   2 +
>>  arch/sparc/include/uapi/asm/pstate.h    |  10 ++
>>  arch/sparc/kernel/Makefile              |   1 +
>>  arch/sparc/kernel/adi_64.c              |  93 +++++++++++++
>>  arch/sparc/kernel/entry.h               |   3 +
>>  arch/sparc/kernel/head_64.S             |   1 +
>>  arch/sparc/kernel/mdesc.c               |   4 +
>>  arch/sparc/kernel/process_64.c          |  21 +++
>>  arch/sparc/kernel/sun4v_mcd.S           |  16 +++
>>  arch/sparc/kernel/traps_64.c            | 142 ++++++++++++++++++-
>>  arch/sparc/kernel/ttable_64.S           |   6 +-
>>  arch/sparc/mm/gup.c                     |  37 +++++
>>  arch/sparc/mm/tlb.c                     |  28 ++++
>>  arch/x86/kernel/signal_compat.c         |   2 +-
>>  include/asm-generic/pgtable.h           |   5 +
>>  include/linux/mm.h                      |   2 +
>>  include/uapi/asm-generic/siginfo.h      |   5 +-
>>  mm/memory.c                             |   2 +-
>>  mm/rmap.c                               |   4 +-
>
> I haven't actually reviewed the code and looked at why you need
> set_swp_pte_at() function, but the code that add the generic version of
> this function need to be separated from the rest of the patch. Also,
> given the size of this patch, I suspect the rest also need to be broken
> into more patches.
>
> Jerome
>

Sure, I can do that. Code to add new signal codes can be one patch, 
generic changes to swap infrastructure can be another and I can look for 
logical breaks for the rest of the sparc specific code.

--
Khalid

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ