lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Mon, 13 Nov 2017 10:51:47 +1100
From:   Benjamin Herrenschmidt <benh@....ibm.com>
To:     Mathieu Desnoyers <mathieu.desnoyers@...icios.com>,
        Andy Lutomirski <luto@...nel.org>,
        Peter Zijlstra <peterz@...radead.org>,
        "H. Peter Anvin" <hpa@...or.com>
Cc:     linux-kernel@...r.kernel.org, linux-api@...r.kernel.org,
        "Paul E . McKenney" <paulmck@...ux.vnet.ibm.com>,
        Boqun Feng <boqun.feng@...il.com>,
        Andrew Hunter <ahh@...gle.com>,
        Maged Michael <maged.michael@...il.com>,
        Avi Kivity <avi@...lladb.com>,
        Paul Mackerras <paulus@...ba.org>,
        Michael Ellerman <mpe@...erman.id.au>,
        Dave Watson <davejwatson@...com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>,
        Andrea Parri <parri.andrea@...il.com>,
        Russell King <linux@...linux.org.uk>,
        Greg Hackmann <ghackmann@...gle.com>,
        Will Deacon <will.deacon@....com>,
        David Sehr <sehr@...gle.com>,
        Linus Torvalds <torvalds@...ux-foundation.org>, x86@...nel.org,
        linux-arch@...r.kernel.org, stable@...nel.org
Subject: Re: [RFC PATCH v2] Fix: x86: Add missing core serializing
 instruction on migration

On Mon, 2017-11-13 at 10:26 +1100, Benjamin Herrenschmidt wrote:
> On Sat, 2017-11-11 at 10:03 -0500, Mathieu Desnoyers wrote:
> > x86 has a missing core serializing instruction in migration scenarios.
> > 
> > Given that x86-32 can return to user-space with sysexit, and x86-64
> > through sysretq and sysretl, which are not core serializing, the
> > following user-space self-modifiying code (JIT) scenario can occur:
> 
> Is this about load/store consistency ? In this case, don't you also
> have problems with get/put_user and not just going to userspace ?

Ah forget it, I saw Linus earlier messages.

Cheers,
Ben.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ