lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20191014172016.w6ehilts4nl5tfva@willie-the-truck>
Date:   Mon, 14 Oct 2019 18:20:17 +0100
From:   Will Deacon <will@...nel.org>
To:     Suzuki K Poulose <suzuki.poulose@....com>
Cc:     Julien Grall <julien.grall@....com>,
        linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org,
        catalin.marinas@....com, Dave.Martin@....com
Subject: Re: [PATCH] arm64: cpufeature: Don't expose ZFR0 to userspace when
 SVE is not enabled

On Mon, Oct 14, 2019 at 05:57:46PM +0100, Suzuki K Poulose wrote:
> On 14/10/2019 17:43, Will Deacon wrote:
> > On Mon, Oct 14, 2019 at 11:21:13AM +0100, Julien Grall wrote:
> > > The kernel may not support SVE if CONFIG_ARM64_SVE is not set and
> > > will hide the feature from the from userspace.
> > 
> > I don't understand this sentence.
> > 
> > > Unfortunately, the fields of ID_AA64ZFR0_EL1 are still exposed and could
> > > lead to undefined behavior in userspace.
> > 
> > Undefined in what way? Generally, we can't stop exposing things that
> > we've exposed previously in case somebody has started relying on them, so
> > this needs better justification.
> 
> We still expose them with this patch, but zero them out, if the SVE is not
> supported. When SVE is enabled, we expose them as usual.

Sure, but if userspace was relying on the non-zero values, it's now broken.

What's missing from the patch description is the fact that this register is
RAZ is SVE is not supported. Given that we get both the SVE HWCAP and
PFR0.SVE field correct when the CONFIG option is disabled, then it's only
very dodgy userspace which would parse the information in ZFR0 for this
configuration and I think we can make this change as a bug fix. I'll try to
write something sensible.

Will

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ