lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CA+55aFwUn7+WiHxL7PBWxNrGB0--HETqUjdRwxi+DkMvCP_CaA@mail.gmail.com>
Date:   Thu, 25 Jan 2018 13:06:45 -0800
From:   Linus Torvalds <torvalds@...ux-foundation.org>
To:     Andy Lutomirski <luto@...nel.org>
Cc:     "the arch/x86 maintainers" <x86@...nel.org>,
        LKML <linux-kernel@...r.kernel.org>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Alan Cox <alan@...ux.intel.com>, Jann Horn <jannh@...gle.com>,
        Samuel Neves <samuel.c.p.neves@...il.com>,
        Dan Williams <dan.j.williams@...el.com>,
        Kernel Hardening <kernel-hardening@...ts.openwall.com>,
        Borislav Petkov <bp@...en8.de>
Subject: Re: [PATCH] x86/retpoline/entry: Disable the entire SYSCALL64 fast
 path with retpolines on

On Thu, Jan 25, 2018 at 1:02 PM, Andy Lutomirski <luto@...nel.org> wrote:
>
> Feel free to Acked-by: Andy Lutomirski <luto@...nel.org> that patch.
>
> Or I can grab it and send it to -tip.

I'm not going to apply it for 4.15, I just wanted to see how it
looked, and do some minimal profiling.

>From the profiles, as mentioned, moving 'status' from thread_struct to
thread_info is probably worth doing. But I didn't look at the impact
of that at all.

So it should go through all the normal channels in -tip for 4.16.

I'll happily sign off on the patch, but it was really pretty mindless,
so I'm not sure I need the authorship either.

> Re: the trampoline not showing up: if I find some time, I'll try to
> wire it up correctly in kallsyms.

That would be lovely. Right now the system call exit shows up pretty
clearly in profiles, and most of it is (obviously) the cr3 write. So
the missing entry trampoline is not insignificant.

             Linus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ