lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date:   Tue, 28 Nov 2017 01:02:19 -0800
From:   Dave Hansen <dave.hansen@...ux.intel.com>
To:     linux-kernel@...r.kernel.org
Cc:     linux-mm@...ck.org, Dave Hansen <dave.hansen@...ux.intel.com>,
        moritz.lipp@...k.tugraz.at, daniel.gruss@...k.tugraz.at,
        michael.schwarz@...k.tugraz.at, richard.fellner@...dent.tugraz.at,
        luto@...nel.org, torvalds@...ux-foundation.org,
        keescook@...gle.com, bp@...en8.de, hughd@...gle.com, x86@...nel.org
Subject: [PATCH] x86/mm/kaiser: remove no-INVPCID user ASID flushing


From: Dave Hansen <dave.hansen@...ux.intel.com>

As the comment says, there are systems that have PCIDs but no
support for the INVPCID instruction to help flush individual
PCIDs.  Flushing the TLB on those systems is awkward, and even
worse with KAISER.  If faced with one of these when KAISER is
enabled, we simply fall back as if we have no PCID support.

However, there is a remnant in the code from trying to support
these systems.  Remove it, but leave the warning.

Andy Lutomirski points out that the code that this removes
has a hole that could leave entries from the kernel page tables
tagged with the user asid, leaving them vulnerable to being
used to weaken KASLR.

Signed-off-by: Dave Hansen <dave.hansen@...ux.intel.com>
Cc: Moritz Lipp <moritz.lipp@...k.tugraz.at>
Cc: Daniel Gruss <daniel.gruss@...k.tugraz.at>
Cc: Michael Schwarz <michael.schwarz@...k.tugraz.at>
Cc: Richard Fellner <richard.fellner@...dent.tugraz.at>
Cc: Andy Lutomirski <luto@...nel.org>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Kees Cook <keescook@...gle.com>
Cc: Borislav Petkov <bp@...en8.de>
Cc: Hugh Dickins <hughd@...gle.com>
Cc: x86@...nel.org
---

 b/arch/x86/mm/tlb.c |    9 ---------
 1 file changed, 9 deletions(-)

diff -puN arch/x86/mm/tlb.c~kaiser-remove-unused-tlb-flush-code arch/x86/mm/tlb.c
--- a/arch/x86/mm/tlb.c~kaiser-remove-unused-tlb-flush-code	2017-11-28 00:53:41.391460358 -0800
+++ b/arch/x86/mm/tlb.c	2017-11-28 00:55:28.084460092 -0800
@@ -127,15 +127,6 @@ static void flush_user_asid(pgd_t *pgd,
 		invpcid_flush_single_context(user_asid(kern_asid));
 	} else {
 		/*
-		 * On systems with PCIDs, but no INVPCID, the only
-		 * way to flush a PCID is a CR3 write.  Note that
-		 * we use the kernel page tables with the *user*
-		 * ASID here.
-		 */
-		unsigned long user_asid_flush_cr3;
-		user_asid_flush_cr3 = build_cr3(pgd, user_asid(kern_asid));
-		write_cr3(user_asid_flush_cr3);
-		/*
 		 * We do not use PCIDs with KAISER unless we also
 		 * have INVPCID.  Getting here is unexpected.
 		 */
_

Powered by blists - more mailing lists