| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 8 Dec 2017 16:46:51 +0000
From: David Laight <David.Laight@...LAB.COM>
To: 'Andy Lutomirski' <luto@...nel.org>,
Peter Zijlstra <peterz@...radead.org>
CC: Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...nel.org>, Borislav Petkov <bp@...en8.de>,
X86 ML <x86@...nel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
Brian Gerst <brgerst@...il.com>,
Kees Cook <keescook@...omium.org>
Subject: RE: [PATCH] LDT improvements
From: Andy Lutomirski
> Sent: 08 December 2017 16:34
> #GP on IRET is a failure, and we have disgusting code to handle it.
Is that the trap in kernel space when the on-stack segment registers
are invalid?
Definitely needs horrid code...
> #PF on IRET would not be a failure -- it's a case where IRET should be
> retried. Our crap that fixes up #GP would get that wrong and leave us
> with the wrong GSBASE.
If the user code page isn't present then the fault happens after the
return to user mode, not on the IRET instruction in kernel mode.
So it is not really any different to returning to a NOP at the end
of a resident page when the page following is absent.
(Or any other invalid %ip value.)
SWAPGS is a PITA, should have been SAVEGS, LOAD_KERNEL_GS, and READ_SAVED_GS.
David
Powered by blists - more mailing lists