[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <d81c4410-6c7f-6f99-577a-30fc92eafc6d@linux.intel.com>
Date: Wed, 10 Jan 2018 12:20:05 -0800
From: Dave Hansen <dave.hansen@...ux.intel.com>
To: Willy Tarreau <w@....eu>, linux-kernel@...r.kernel.org,
x86@...nel.org
Cc: Andy Lutomirski <luto@...nel.org>, Borislav Petkov <bp@...en8.de>,
Brian Gerst <brgerst@...il.com>,
Ingo Molnar <mingo@...nel.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Peter Zijlstra <peterz@...radead.org>,
Thomas Gleixner <tglx@...utronix.de>,
Josh Poimboeuf <jpoimboe@...hat.com>,
"H. Peter Anvin" <hpa@...or.com>,
David Woodhouse <dwmw@...zon.co.uk>,
Kees Cook <keescook@...omium.org>
Subject: Re: [RFC PATCH v3 6/8] x86/pti: don't mark the user PGD with
_PAGE_NX.
On 01/10/2018 11:28 AM, Willy Tarreau wrote:
> Since we're going to keep running on the same PGD when returning to
> userspace for certain performance-critical tasks, we'll need the user
> pages to be executable. So this code disables the extra protection
> that was added consisting in marking user pages _PAGE_NX so that this
> pgd remains usable for userspace.
If you are going to keep pushing this patch, or anything like it, the
least you can do is to describe the downsides. Describe the SMEP-like
semantics that PTI gives you and describe how this shoots them in the
head for the entire process.
Also describe the reason PTI put this mechanism in place, and how this
shoots _that_ in the head for the entire process.
Granted, you have an RFC on this, but please, for the love of everything
that is good the world, please stop sending this patch set until you
have a halfway reasonable method of dealing with NX that doesn't involve
#ifdefs. Please.
Powered by blists - more mailing lists