lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <6FC83E55-44EC-4FBF-9262-B17901A37227@intel.com>
Date:   Wed, 14 Nov 2018 21:50:41 +0000
From:   "Bae, Chang Seok" <chang.seok.bae@...el.com>
To:     LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v3] x86/fsgsbase/64: Fix the base write helper functions

On Nov 6, 2018, at 17:23, Andy Lutomirski <luto@...nel.org> wrote:
> 
> On Thu, Nov 1, 2018 at 1:32 PM Chang S. Bae <chang.seok.bae@...el.com> wrote:
>> 
>> @@ -392,12 +384,7 @@ int x86_fsbase_write_task(struct task_struct *task, unsigned long fsbase)
>>        if (unlikely(fsbase >= TASK_SIZE_MAX))
>>                return -EPERM;
>> 
>> -       preempt_disable();
>>        task->thread.fsbase = fsbase;
>> -       if (task == current)
>> -               x86_fsbase_write_cpu(fsbase);
>> -       task->thread.fsindex = 0;
>> -       preempt_enable();
>> 
>>        return 0;
>> }
> 
> Similar objection to last time.  If you get rid of the task == current
> check, you should WARN_ON_ONCE(task != current).
> 

From your previous comments, I was a bit confused by a mixture of options. 
It looks like you’d intended to suggest two different ways (by our own words):

1. The _write_task() functions must not be called on current.  Then
there should be a warning, and you shouldn't call them on current.

2. The _write_task() functions should work correctly on current.  In
this case, you shouldn't need to *also* called _write_cpu /
_write_cpu_inactive.  You'll still need the special loadseg handling
in do_arch_prctl_64().

The option 1 looks to be simple and straight forward. So, let me go with that.

Nit. I think it should be WARN_ON_ONCE(task == current).

>> @@ -758,11 +740,41 @@ long do_arch_prctl_64(struct task_struct *task, int option, unsigned long arg2)
>> 
>>        switch (option) {
>>        case ARCH_SET_GS: {
>> +               preempt_disable();
>>                ret = x86_gsbase_write_task(task, arg2);
>> +               if (ret == 0) {
>> +                       /*
>> +                        * ARCH_SET_GS has always overwritten the index
>> +                        * and the base. Zero is the most sensible value
>> +                        * to put in the index, and is the only value that
>> +                        * makes any sense if FSGSBASE is unavailable.
>> +                        */
>> +                       if (task == current) {
>> +                               loadseg(GS, 0);
>> +                               x86_gsbase_write_cpu_inactive(arg2);
>> +                       } else {
>> +                               task->thread.gsindex = 0;
>> +                       }
>> +               }
>> +               preempt_enable();
> 
> And you should drop the redundant ...write_task if task == current.

To avoid the redundancy, the sanity check for a base value can be moved out here.

>> 
>> diff --git a/arch/x86/kernel/ptrace.c b/arch/x86/kernel/ptrace.c
>> index ffae9b9740fd..e4ab1abca5b5 100644
>> --- a/arch/x86/kernel/ptrace.c
>> +++ b/arch/x86/kernel/ptrace.c
>> @@ -397,11 +397,11 @@ static int putreg(struct task_struct *child,
>>                if (value >= TASK_SIZE_MAX)
>>                        return -EIO;
>>                /*
>> -                * When changing the FS base, use the same
>> -                * mechanism as for do_arch_prctl_64().
>> +                * When changing the FS base, use do_arch_prctl_64()
>> +                * to set the index and the base.
> 
> to set the index to zero and to set the base as requested.

Thanks for the edit.
Chang

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ