lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 5 Jan 2018 13:07:03 -0800
From:   Dave Hansen <dave.hansen@...ux.intel.com>
To:     Jiri Kosina <jikos@...nel.org>
Cc:     Yisheng Xie <xieyisheng1@...wei.com>, linux-kernel@...r.kernel.org,
        linux-mm@...ck.org, richard.fellner@...dent.tugraz.at,
        moritz.lipp@...k.tugraz.at, daniel.gruss@...k.tugraz.at,
        michael.schwarz@...k.tugraz.at, luto@...nel.org,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        keescook@...gle.com, hughd@...gle.com, x86@...nel.org,
        Andrea Arcangeli <aarcange@...hat.com>
Subject: Re: [PATCH 05/23] x86, kaiser: unmap kernel from userspace page
 tables (core patch)

On 01/05/2018 11:17 AM, Jiri Kosina wrote:
> On Fri, 5 Jan 2018, Dave Hansen wrote:
> 
>>> --- a/arch/x86/platform/efi/efi_64.c
>>> +++ b/arch/x86/platform/efi/efi_64.c
>>> @@ -95,6 +95,12 @@ pgd_t * __init efi_call_phys_prolog(void
>>>  		save_pgd[pgd] = *pgd_offset_k(pgd * PGDIR_SIZE);
>>>  		vaddress = (unsigned long)__va(pgd * PGDIR_SIZE);
>>>  		set_pgd(pgd_offset_k(pgd * PGDIR_SIZE), *pgd_offset_k(vaddress));
>>> +		/*
>>> +		 * pgprot API doesn't clear it for PGD
>>> +		 *
>>> +		 * Will be brought back automatically in _epilog()
>>> +		 */
>>> +		pgd_offset_k(pgd * PGDIR_SIZE)->pgd &= ~_PAGE_NX;
>>>  	}
>>>  	__flush_tlb_all();
>>
>> Wait a sec...  Where does the _PAGE_USER come from?  Shouldn't we see
>> the &init_mm in there and *not* set _PAGE_USER?
> 
> That's because pgd_populate() uses _PAGE_TABLE and not _KERNPG_TABLE for 
> reasons that are behind me.
> 
> I did put this on my TODO list, but for later.
> 
> (and yes, I tried clearing _PAGE_USER from init_mm's PGD, and no obvious 
> breakages appeared, but I wanted to give it more thought later).

Feel free to add my Ack on this.  I'd personally much rather muck with
random relatively unused bits of the efi code than touch the core PGD code.

We need to go look at it again in the 4.16 timeframe, probably.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ