lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <02624089-58b5-a3a1-834c-d6fd3b84478d@intel.com>
Date:   Thu, 4 Jan 2018 21:05:27 -0800
From:   Dave Hansen <dave.hansen@...el.com>
To:     Andy Lutomirski <luto@...nel.org>
Cc:     Tim Chen <tim.c.chen@...ux.intel.com>,
        Peter Zijlstra <peterz@...radead.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        Greg KH <gregkh@...uxfoundation.org>,
        Andrea Arcangeli <aarcange@...hat.com>,
        Andi Kleen <ak@...ux.intel.com>,
        Arjan Van De Ven <arjan.van.de.ven@...el.com>,
        LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 2/7] x86/enter: MACROS to set/clear IBRS

On 01/04/2018 08:54 PM, Andy Lutomirski wrote:
> On Thu, Jan 4, 2018 at 2:23 PM, Dave Hansen <dave.hansen@...el.com> wrote:
>> On 01/04/2018 02:21 PM, Tim Chen wrote:
>>>> Does this really have to live outside of arch/x86/entry/ ?
>>>>
>>> There are some inline C routines later in this file
>>> that will be needed by other functions.  Want to consolidate
>>> them in the same file.
>>
>> We could put all of the assembly into calling.h along with the PTI
>> assembly.  Seems as sane a place as anywhere else to put it.
> 
> We should also stop thinking that NMI is at all special.  All the
> paranoid entry paths + NMI should just save and restore it, just like
> CR3.  Otherwise we get nasty corner cases with MCE, kprobes, etc.

I've probably been too imprecise in my language here.  The goal is
absolutely to deal with all the paranoid paths.  It's just that the NMI
one is the easiest to understand and easiest to exercise.

It also *is* special because it's the only one needing paranoid handling
that does not use paranoid_exit itself.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ