lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 21 Nov 2017 15:42:59 -0800
From:   Dave Hansen <dave.hansen@...ux.intel.com>
To:     Andy Lutomirski <luto@...nel.org>
Cc:     Thomas Gleixner <tglx@...utronix.de>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "linux-mm@...ck.org" <linux-mm@...ck.org>,
        moritz.lipp@...k.tugraz.at,
        Daniel Gruss <daniel.gruss@...k.tugraz.at>,
        michael.schwarz@...k.tugraz.at, richard.fellner@...dent.tugraz.at,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        Kees Cook <keescook@...gle.com>,
        Hugh Dickins <hughd@...gle.com>, X86 ML <x86@...nel.org>
Subject: Re: [PATCH 12/30] x86, kaiser: map GDT into user page tables

On 11/21/2017 03:32 PM, Andy Lutomirski wrote:
>> To do this, we need to special-case the kernel page table walker to deal
>> with PTEs only since we can't just grab PMD or PUD flags and stick them
>> in a PTE.  We would only be able to use this path when populating things
>> that we know are 4k-mapped in the kernel.
> I'm not sure I'm understanding the issue.  We'd promise to map the
> cpu_entry_area without using large pages, but I'm not sure I know what
> you're referring to.  The only issue I see is that we'd have to be
> quite careful when tearing down the user tables to avoid freeing the
> shared part.

It's just that it currently handles large and small pages in the kernel
mapping that it's copying.  If we want to have it just copy the PTE,
we've got to refactor things a bit to separate out the PTE flags from
the paddr being targeted, and also make sure we don't munge the flags
conversion from the large-page entries to 4k PTEs.  The PAT and PSE bits
cause a bit of trouble here.

IOW, it would make the call-sites look cleaner, but it largely just
shifts the complexity elsewhere.  But, either way, it's all contained to
kaiser.c

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ