lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 21 Mar 2017 18:59:14 +0300
From:   Dmitry Safonov <dsafonov@...tuozzo.com>
To:     Thomas Gleixner <tglx@...utronix.de>,
        Adam Borowski <kilobyte@...band.pl>
CC:     Ingo Molnar <mingo@...nel.org>, Andrei Vagin <avagin@...il.com>,
        "Ingo Molnar" <mingo@...hat.com>,
        LKML <linux-kernel@...r.kernel.org>,
        "Cyrill Gorcunov" <gorcunov@...nvz.org>,
        Andy Lutomirski <luto@...nel.org>,
        "Thomas Garnier" <thgarnie@...gle.com>,
        "H. Peter Anvin" <hpa@...or.com>
Subject: Re: linux-next: x86: Unalbe to run x32 processes on the x86_64 kernel

On 03/21/2017 03:50 PM, Dmitry Safonov wrote:
> On 03/21/2017 03:49 PM, Thomas Gleixner wrote:
>> On Tue, 21 Mar 2017, Adam Borowski wrote:
>>> On Tue, Mar 21, 2017 at 07:45:39AM +0100, Ingo Molnar wrote:
>>>> * Andrei Vagin <avagin@...il.com> wrote:
>>>>
>>>>> # first bad commit: [45fc8757d1d2128e342b4e7ef39adedf7752faac] x86:
>>>>> Make the GDT remapping read-only on 64-bit
>>>>
>>>> Just wondering, does the following commit fix it:
>>>>
>>>>   5b781c7e317f x86/tls: Forcibly set the accessed bit in TLS segments
>>>
>>> It does fix i386 but not x32.
>>>
>>> By "x32" I mean CONFIG_X86_X32, by "i386" CONFIG_IA32_EMULATION,
>>> contrary to
>>> Andrei's first report.  The naming of the new ABI wasn't too
>>> fortunate...
>>
>> The X32 issue is unrelated to the GDT mapping.
>>
>> What happens is that the mmap rework from Dmitry switched X32 to use
>> 64bit
>> mappings, which is wrong. X32 has 64bit instructions and syscalls and
>> 32bit
>> address space.
>
> Hmm, in_compat_syscall() checks x32 syscall bit.

Which is not set during exec() for x32. So in_compat_syscall() doesn't
work there.
I've tested this patch on x32-debian port:
https://lkml.org/lkml/2017/3/21/489

Though I'm not very happy with the resulting patch :(
Maybe one could suggest a better idea..

> I'll take a look, what happens there.
>
>> Dmitry, can you please have a look and fix that up? For reproduction just
>> compile helloworld.c with gcc -mx32.
>
> Sure, thanks.
>

-- 
              Dmitry

Powered by blists - more mailing lists