| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <7e458284-b334-bb70-a374-c65cc4ef9f02@linux.intel.com>
Date: Tue, 21 Nov 2017 14:09:03 -0800
From: Dave Hansen <dave.hansen@...ux.intel.com>
To: Thomas Gleixner <tglx@...utronix.de>
Cc: linux-kernel@...r.kernel.org, linux-mm@...ck.org,
moritz.lipp@...k.tugraz.at, daniel.gruss@...k.tugraz.at,
michael.schwarz@...k.tugraz.at, richard.fellner@...dent.tugraz.at,
luto@...nel.org, torvalds@...ux-foundation.org,
keescook@...gle.com, hughd@...gle.com, x86@...nel.org
Subject: Re: [PATCH 09/30] x86, kaiser: only populate shadow page tables for
userspace
On 11/20/2017 12:12 PM, Thomas Gleixner wrote:
>> + */
>> + native_get_shadow_pgd(pgdp)->pgd = pgd.pgd;
>> + /*
>> + * For the copy of the pgd that the kernel
>> + * uses, make it unusable to userspace. This
>> + * ensures if we get out to userspace with the
>> + * wrong CR3 value, userspace will crash
>> + * instead of running.
>> + */
>> + pgd.pgd |= _PAGE_NX;
>> + }
>> + } else if (!pgd.pgd) {
>> + /*
>> + * We are clearing the PGD and can not check _PAGE_USER
>> + * in the zero'd PGD.
>
> Just the argument cannot be checked because it's clearing the entry. The
> pgd entry itself is not yet modified, so it could be checked.
So, I guess we could enforce that only PGDs with _PAGE_USER set can ever
be cleared. That has a nice symmetry to it because we set the shadow
when we see _PAGE_USER and we would then clear the shadow when we see
_PAGE_USER.
Powered by blists - more mailing lists