lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 31 Oct 2018 14:35:34 -0700
From:   Dave Hansen <dave.hansen@...el.com>
To:     Sean Christopherson <sean.j.christopherson@...el.com>
Cc:     Jethro Beekman <jethro@...tanix.com>,
        Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>,
        Andy Lutomirski <luto@...capital.net>,
        Andrew Lutomirski <luto@...nel.org>, X86 ML <x86@...nel.org>,
        Platform Driver <platform-driver-x86@...r.kernel.org>,
        "nhorman@...hat.com" <nhorman@...hat.com>,
        "npmccallum@...hat.com" <npmccallum@...hat.com>,
        "Ayoun, Serge" <serge.ayoun@...el.com>,
        "shay.katz-zamir@...el.com" <shay.katz-zamir@...el.com>,
        "linux-sgx@...r.kernel.org" <linux-sgx@...r.kernel.org>,
        Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        Peter Zijlstra <peterz@...radead.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        "H. Peter Anvin" <hpa@...or.com>,
        LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v14 09/19] x86/mm: x86/sgx: Signal SEGV_SGXERR for #PFs w/
 PF_SGX

On 10/31/18 2:30 PM, Sean Christopherson wrote:
> On Mon, Oct 01, 2018 at 03:03:30PM -0700, Dave Hansen wrote:
>> On 10/01/2018 02:42 PM, Jethro Beekman wrote:
>>>
>>> 1) Even though the vDSO function exists, userspace may still call 
>>> `ENCLU[EENTER]` manually, so the fault handling as described in the 
>>> current patch should also be maintained.
>>
>> Why?
> 
> Circling back to this question, what if we take the easy way out and
> simply signal SIGSEGV without an SGX-specific code?  I.e. treat #PF
> with X86_PF_SGX as an access error, no more no less.  That should be
> sufficient for userspace to function, albeit with a little more effort,
> but presumably no more than would be needed to run on SGX1 hardware.

There are two sides to this ABI: what the kernel does to support SGX and
what userspace does.  If we do what you suggest, we remove any (most?)
needed kernel changes and foist the burden entirely into userspace.
But, we end up with two ABIs: the old one and the new vDSO one.

IOW, once we start doing SIGSEGV, we have to do it forever, despite if
we have a newer mechanism.

> AFAIK there isn't a way to prevent userspace from manually invoking
> EENTER, short of doing some really nasty text poking or PTE swizzling.
> We could declare using EENTER as unsupported,

Yep, userspace can call it all it wants, and we can also say that
calling it outside the vdso is "undefined".

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ