| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <57039ac1-efe2-2f97-386f-dab0b90f64a5@intel.com>
Date: Mon, 8 Jan 2018 09:03:36 -0800
From: Dave Hansen <dave.hansen@...el.com>
To: Willy Tarreau <w@....eu>, linux-kernel@...r.kernel.org,
x86@...nel.org
Cc: tglx@...utronix.de, gnomes@...rguk.ukuu.org.uk,
torvalds@...ux-foundation.org
Subject: Re: [PATCH RFC 3/4] x86/pti: don't mark the user PGD with _PAGE_NX.
On 01/08/2018 08:12 AM, Willy Tarreau wrote:
> Since we're going to keep running on the same PGD when returning to
> userspace for certain performance-critical tasks, we'll need the user
> pages to be executable. So this code disables the extra protection
> that was added consisting in marking user pages _PAGE_NX so that this
> pgd remains usable for userspace.
>
> Note: it isn't necessarily the best approach, but one way or another
> if we want to be able to return to userspace from the kernel,
> we'll have to have this executable anyway. Another approach
> might consist in using another pgd for userland+kernel but
> the current core really looks like an extra careful measure
> to catch early bugs if any.
I don't like this.
I think the prctl() should apply to an entire process, not to a thread.
If it applies to a process, you can unpoison the PGD. I even had code
to do this in an earlier version of the (whole system) runtime PTI
on/off stuff.
Why are you even posting half-baked hacks like this now? Is there
something super-pressing about this set that we need to lock in a new
ABI now?
Powered by blists - more mailing lists