| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 4 Sep 2018 09:49:00 +0200 (CEST)
From: Thomas Gleixner <tglx@...utronix.de>
To: "Yang, Bin" <bin.yang@...el.com>
cc: "mingo@...nel.org" <mingo@...nel.org>,
"hpa@...or.com" <hpa@...or.com>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"peterz@...radead.org" <peterz@...radead.org>,
"Gross, Mark" <mark.gross@...el.com>,
"x86@...nel.org" <x86@...nel.org>,
"Hansen, Dave" <dave.hansen@...el.com>
Subject: Re: [PATCH v3 1/5] x86/mm: avoid redundant checking if pgprot has
no change
On Tue, 4 Sep 2018, Yang, Bin wrote:
> On Mon, 2018-09-03 at 23:57 +0200, Thomas Gleixner wrote:
> >
> > The last patch which does the overlap check is equally broken:
>
> Sorry that I did not understand the broken of last patch.
I meant 4/5 sorry. That's the one which introduces the overlap check and
does this:
> > + /*
> > + * Ensure that the requested pgprot does not violate static protection
> > + * requirements.
> > + */
> > + new_prot = static_protections(req_prot, address,
> > + numpages << PAGE_SHIFT, pfn);
> >
> > It expands new_prot to the whole range even if the protections only
> > overlap. That should not happen in practice, but we have no checks for that
> > at all.
>
> Below code in patch #3 should cover this check. It will double check
> new_prot in whole large page range.
Which is exactly what is wrong. Read again what I wrote.
Thanks,
tglx
Powered by blists - more mailing lists