lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 1 Mar 2019 07:27:47 -0800
From:   Andy Lutomirski <>
To:     Peter Zijlstra <>
Cc:     Linus Torvalds <>,
        Thomas Gleixner <>,
        Peter Anvin <>,
        Julien Thierry <>,
        Will Deacon <>,
        Ingo Molnar <>,
        Catalin Marinas <>,
        James Morse <>,,
        Brian Gerst <>,
        Josh Poimboeuf <>,
        Andrew Lutomirski <>,
        Borislav Petkov <>,
        Denys Vlasenko <>,
        Linux List Kernel Mailing <>,
        Chris Wilson <>
Subject: Re: [PATCH 6/8] i915,uaccess: Fix redundant CLAC

> On Mar 1, 2019, at 6:38 AM, Peter Zijlstra <> wrote:
>> On Fri, Mar 01, 2019 at 01:57:18PM +0100, Peter Zijlstra wrote:
>>> On Fri, Mar 01, 2019 at 01:27:45PM +0100, Peter Zijlstra wrote:
>>> arch/x86/lib/usercopy_64.o: warning: objtool: .altinstr_replacement+0x30: redundant UACCESS disable
>>> The usercopy one is difficult, that's copy_user_handle_tail(), it is
>>> buggered though, because that lacks notrace and thus has a __fentry__
>>> call in.
>>> Also, afaict all exception jumps into copy_user_handle_tail() will have
>>> AC=1, but the __{get,put}_user_nocheck() things do STAC/CLAC all over
>>> again.
>>> So what do we do? Annotate that we start with AC=1 and then immediately
>>> do the clac, and then let __{get,put}_user_nocheck() do their own thing?
>>> or make it use the unsafe stuff?
>> Or.. we move the thing to assembly. Of course, I suck at (writing) asm,
>> so the below is probably broken in various ways.
> The advantage is that it now all lives in the same .o file and objtool
> can actually follow and find the complete control flow.
> I've made it ENDPROC() such that it becomes STT_FUNC and objtool does
> all the normal things. I've also moved the ALIGN_DESTINATION macro into
> the .S file.
> Andy, do we have a sensible self-test for this path?

Not that I know of. Something like my (rejected) strncpy_from_user test could probably be added fairly easily.

Powered by blists - more mailing lists