lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <tip-b7c21bc56fbedf4a61b628c6b11e0d7048746cc1@git.kernel.org>
Date:   Wed, 25 Apr 2018 02:08:37 -0700
From:   tip-bot for Dave Hansen <tipbot@...or.com>
To:     linux-tip-commits@...r.kernel.org
Cc:     jgross@...e.com, mingo@...nel.org, arjan@...ux.intel.com,
        peterz@...radead.org, keescook@...gle.com, namit@...are.com,
        aarcange@...hat.com, gregkh@...uxfoundation.org,
        tglx@...utronix.de, jpoimboe@...hat.com, luto@...nel.org,
        hughd@...gle.com, bp@...en8.de, vbabka@...e.cz,
        dave.hansen@...ux.intel.com, dwmw2@...radead.org,
        linux-kernel@...r.kernel.org, torvalds@...ux-foundation.org,
        hpa@...or.com, dan.j.williams@...el.com
Subject: [tip:x86/pti] x86/pti: Disallow global kernel text with RANDSTRUCT

Commit-ID:  b7c21bc56fbedf4a61b628c6b11e0d7048746cc1
Gitweb:     https://git.kernel.org/tip/b7c21bc56fbedf4a61b628c6b11e0d7048746cc1
Author:     Dave Hansen <dave.hansen@...ux.intel.com>
AuthorDate: Fri, 20 Apr 2018 15:20:26 -0700
Committer:  Thomas Gleixner <tglx@...utronix.de>
CommitDate: Wed, 25 Apr 2018 11:02:51 +0200

x86/pti: Disallow global kernel text with RANDSTRUCT

commit 26d35ca6c3776784f8156e1d6f80cc60d9a2a915

RANDSTRUCT derives its hardening benefits from the attacker's lack of
knowledge about the layout of kernel data structures.  Keep the kernel
image non-global in cases where RANDSTRUCT is in use to help keep the
layout a secret.

Fixes: 8c06c7740 (x86/pti: Leave kernel text global for !PCID)
Reported-by: Kees Cook <keescook@...gle.com>
Signed-off-by: Dave Hansen <dave.hansen@...ux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@...utronix.de>
Acked-by: Ingo Molnar <mingo@...nel.org>
Cc: Andrea Arcangeli <aarcange@...hat.com>
Cc: Juergen Gross <jgross@...e.com>
Cc: Josh Poimboeuf <jpoimboe@...hat.com>
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: Peter Zijlstra <peterz@...radead.org>
Cc: David Woodhouse <dwmw2@...radead.org>
Cc: Hugh Dickins <hughd@...gle.com>
Cc: linux-mm@...ck.org
Cc: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Borislav Petkov <bp@...en8.de>
Cc: Andy Lutomirski <luto@...nel.org>
Cc: Nadav Amit <namit@...are.com>
Cc: Dan Williams <dan.j.williams@...el.com>
Cc: Arjan van de Ven <arjan@...ux.intel.com>
Cc: Vlastimil Babka <vbabka@...e.cz>
Link: https://lkml.kernel.org/r/20180420222026.D0B4AAC9@viggo.jf.intel.com


---
 arch/x86/mm/pti.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/arch/x86/mm/pti.c b/arch/x86/mm/pti.c
index ae3eb4f5d53b..4d418e705878 100644
--- a/arch/x86/mm/pti.c
+++ b/arch/x86/mm/pti.c
@@ -421,6 +421,16 @@ static inline bool pti_kernel_image_global_ok(void)
 	if (boot_cpu_has(X86_FEATURE_K8))
 		return false;
 
+	/*
+	 * RANDSTRUCT derives its hardening benefits from the
+	 * attacker's lack of knowledge about the layout of kernel
+	 * data structures.  Keep the kernel image non-global in
+	 * cases where RANDSTRUCT is in use to help keep the layout a
+	 * secret.
+	 */
+	if (IS_ENABLED(CONFIG_GCC_PLUGIN_RANDSTRUCT))
+		return false;
+
 	return true;
 }
 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ