| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <cover.1562035429.git.luto@kernel.org>
Date: Mon, 1 Jul 2019 20:43:18 -0700
From: Andy Lutomirski <luto@...nel.org>
To: LKML <linux-kernel@...r.kernel.org>
Cc: x86@...nel.org, "Bae, Chang Seok" <chang.seok.bae@...el.com>,
Borislav Petkov <bp@...en8.de>,
Peter Zijlstra <peterz@...radead.org>,
Andy Lutomirski <luto@...nel.org>
Subject: [PATCH 0/3] FSGSBASE fix, test, and a semi-related cleanup
In -tip, if FSGSBASE and PTI are on, the kernel crashes if SYSENTER
happens with TF set. It also crashes under if a non-NMI paranoid
entry happens for any other reason from kernel mode with user GSBASE
and user CR3, e.g. due to MOV SS shenanigans.
This series fixes the bug. It also adds another test to make sure
we exercise SYSENTER with TF set regardless of what vendor's CPU
we're on, although the test isn't needed to detect the bug: the
single_step_syscall_32 and mov_ss_trap_* tests also trigger it. And
it compiles ignore_sysret out on IA32_EMULATION kernels -- I wasted
a couple minutes while debugging this wondering whether I was
accidentally triggering ignore_sysret.
Andy Lutomirski (3):
selftests/x86: Test SYSCALL and SYSENTER manually with TF set
x86/entry/64: Don't compile ignore_sysret if 32-bit emulation is
enabled
x86/entry/64: Fix and clean up paranoid_exit
arch/x86/entry/entry_64.S | 39 +++---
tools/testing/selftests/x86/Makefile | 5 +-
.../testing/selftests/x86/syscall_arg_fault.c | 112 +++++++++++++++++-
3 files changed, 133 insertions(+), 23 deletions(-)
--
2.21.0
Powered by blists - more mailing lists