| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 4 Sep 2018 18:18:55 +0200 (CEST)
From: Thomas Gleixner <tglx@...utronix.de>
To: Jiri Kosina <jikos@...nel.org>
cc: Ingo Molnar <mingo@...hat.com>,
Peter Zijlstra <peterz@...radead.org>,
Josh Poimboeuf <jpoimboe@...hat.com>,
Andrea Arcangeli <aarcange@...hat.com>,
"Woodhouse, David" <dwmw@...zon.co.uk>,
Oleg Nesterov <oleg@...hat.com>,
Tim Chen <tim.c.chen@...ux.intel.com>,
linux-kernel@...r.kernel.org, x86@...nel.org
Subject: Re: [PATCH v3 2/3] x86/speculation: apply IBPB more strictly to
avoid cross-process data leak
On Tue, 4 Sep 2018, Jiri Kosina wrote:
> if (tsk && tsk->mm &&
> tsk->mm->context.ctx_id != last_ctx_id &&
> - get_dumpable(tsk->mm) != SUID_DUMP_USER)
> + ___ptrace_may_access(current, tsk, PTRACE_MODE_IBPB))
Uurgh. If X86_FEATURE_USE_IBPB is not enabled, then the whole
__ptrace_may_access() overhead is just done for nothing.
> indirect_branch_prediction_barrier();
This really wants to be runtime patched:
if (static_cpu_has(X86_FEATURE_USE_IBPB))
stop_speculation(tsk, last_ctx_id);
and have an inline for that:
static inline void stop_speculation(struct task_struct *tsk, u64 last_ctx_id)
{
if (tsk && tsk->mm && tsk->mm->context.ctx_id != last_ctx_id &&
___ptrace_may_access(current, tsk, PTRACE_MODE_IBPB))
indirect_branch_prediction_barrier();
}
which also makes the whole mess readable.
Hmm?
Thanks,
tglx
Powered by blists - more mailing lists