lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <alpine.DEB.2.20.1712121940230.2289@nanos> Date: Tue, 12 Dec 2017 19:41:39 +0100 (CET) From: Thomas Gleixner <tglx@...utronix.de> To: Peter Zijlstra <peterz@...radead.org> cc: Andy Lutomirski <luto@...capital.net>, Andy Lutomirski <luto@...nel.org>, LKML <linux-kernel@...r.kernel.org>, X86 ML <x86@...nel.org>, Linus Torvalds <torvalds@...ux-foundation.org>, Dave Hansen <dave.hansen@...el.com>, Borislav Petkov <bpetkov@...e.de>, Greg KH <gregkh@...uxfoundation.org>, Kees Cook <keescook@...gle.com>, Hugh Dickins <hughd@...gle.com>, Brian Gerst <brgerst@...il.com>, Josh Poimboeuf <jpoimboe@...hat.com>, Denys Vlasenko <dvlasenk@...hat.com>, Boris Ostrovsky <boris.ostrovsky@...cle.com>, Juergen Gross <jgross@...e.com>, David Laight <David.Laight@...lab.com>, Eduardo Valentin <eduval@...zon.com>, aliguori@...zon.com, Will Deacon <will.deacon@....com>, "linux-mm@...ck.org" <linux-mm@...ck.org> Subject: Re: [patch 11/16] x86/ldt: Force access bit for CS/SS On Tue, 12 Dec 2017, Peter Zijlstra wrote: > On Tue, Dec 12, 2017 at 10:22:48AM -0800, Andy Lutomirski wrote: > > > > Also, why is LAR deferred to user exit? And I thought that LAR didn't > > set the accessed bit. > > LAR does not set the ACCESSED bit indeed, we need to explicitly set that > when creating the descriptor. > > It also works if you do the LAR right after LLDT (which is what I > originally had). The reason its a TIF flag is that I originally LAR'ed > every entry in the table. > > It got reduced to CS/SS, but the TIF thing stayed. > > > If I had to guess, I'd guess that LAR is actually generating a read > > fault and forcing the pagetables to get populated. If so, then it > > means the VMA code isn't quite right, or you're susceptible to > > failures under memory pressure. > > > > Now maybe LAR will repopulate the PTE every time if you were to never > > clear it, but ick. > > I did not observe #PFs from LAR, we had a giant pile of trace_printk() > in there. The pages are populated _before_ the new ldt is installed. So no memory pressure issue, nothing. If the populate fails, then modify_ldt() returns with an error. Thanks, tglx
Powered by blists - more mailing lists