| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1beb4b7b-a4c1-0f60-3aa8-640754e30137@amd.com>
Date: Mon, 29 Apr 2019 20:16:07 +0000
From: Gary R Hook <ghook@....com>
To: Borislav Petkov <bp@...en8.de>
CC: Thomas Gleixner <tglx@...utronix.de>,
"Hook, Gary" <Gary.Hook@....com>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>,
"peterz@...radead.org" <peterz@...radead.org>,
"x86@...nel.org" <x86@...nel.org>,
"mingo@...hat.com" <mingo@...hat.com>,
"luto@...nel.org" <luto@...nel.org>,
Alexander Potapenko <glider@...gle.com>
Subject: Re: [PATCH] x86/mm/mem_encrypt: Disable all instrumentation for SME
early boot code
On 4/26/19 11:24 AM, Borislav Petkov wrote:
> On Fri, Apr 26, 2019 at 03:11:17PM +0000, Gary R Hook wrote:
>> 2) Turn off instrumentation for lib/cmdline.c. The risk is that any
>> changes to its code would not enjoy the benefits of KASAN/etc testing
>> (if enabled).
>
> What happened to Thomas' suggestion to turn off instrumentation for
> those files only when CONFIG_AMD_MEM_ENCRYPT=y?
>
> Which is a variant of 2) above with ifdeffery.
>
Ah, very good. That one escaped my list.
Yes, option 4 would be a combination of using a local copy of strncmp()
and disabling instrumentation (KASAN, KCOV, whatever) for
arch/x86/lib/cmdline.c when SME is enabled.
I have any/all of these ready to repost as a version 2 offering. What
say you?
grh
Powered by blists - more mailing lists