| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20180719071606.dkeq5btz5wlzk4oq@kshutemo-mobl1>
Date: Thu, 19 Jul 2018 10:16:06 +0300
From: "Kirill A. Shutemov" <kirill@...temov.name>
To: Dave Hansen <dave.hansen@...el.com>
Cc: "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>,
Ingo Molnar <mingo@...hat.com>, x86@...nel.org,
Thomas Gleixner <tglx@...utronix.de>,
"H. Peter Anvin" <hpa@...or.com>,
Tom Lendacky <thomas.lendacky@....com>,
Kai Huang <kai.huang@...ux.intel.com>,
Jacob Pan <jacob.jun.pan@...ux.intel.com>,
linux-kernel@...r.kernel.org, linux-mm@...ck.org
Subject: Re: [PATCHv5 02/19] mm: Do not use zero page in encrypted pages
On Wed, Jul 18, 2018 at 10:36:24AM -0700, Dave Hansen wrote:
> On 07/17/2018 04:20 AM, Kirill A. Shutemov wrote:
> > Zero page is not encrypted and putting it into encrypted VMA produces
> > garbage.
> >
> > We can map zero page with KeyID-0 into an encrypted VMA, but this would
> > be violation security boundary between encryption domains.
>
> Why? How is it a violation?
>
> It only matters if they write secrets. They can't write secrets to the
> zero page.
I believe usage of zero page is wrong here. It would indirectly reveal
content of supposedly encrypted memory region.
I can see argument why it should be okay and I don't have very strong
opinion on this.
If folks see it's okay to use zero page in encrypted VMAs I can certainly
make it work.
> Is this only because you accidentally inherited ->vm_page_prot on the
> zero page PTE?
Yes, in previous patchset I mapped zero page with wrong KeyID. This is one
of possible fixes for this.
--
Kirill A. Shutemov
Powered by blists - more mailing lists