lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 29 Nov 2019 14:56:03 +0000
From:   "Metzger, Markus T" <markus.t.metzger@...el.com>
To:     Thomas Gleixner <tglx@...utronix.de>
CC:     "Bae, Chang Seok" <chang.seok.bae@...el.com>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "bp@...en8.de" <bp@...en8.de>, "luto@...nel.org" <luto@...nel.org>,
        "hpa@...or.com" <hpa@...or.com>,
        "Hansen, Dave" <dave.hansen@...el.com>,
        "Luck, Tony" <tony.luck@...el.com>,
        "Shankar, Ravi V" <ravi.v.shankar@...el.com>,
        "Pedro Alves" <palves@...hat.com>, Simon Marchi <simark@...ark.ca>,
        Andi Kleen <ak@...ux.intel.com>
Subject: RE: [PATCH v9 00/17] Enable FSGSBASE instructions

> On Fri, Nov 15, 2019 at 07:29:17PM +0100, Thomas Gleixner wrote:
> > On Fri, 4 Oct 2019, Chang S. Bae wrote:
> > >
> > > Updates from v8 [10]:
> > > * Internalized the interrupt check in the helper functions (Andy L.)
> > > * Simplified GS base helper functions (Tony L.)
> > > * Changed the patch order to put the paranoid path changes before the
> > >   context switch changes (Tony L.)
> > > * Fixed typos (Randy D.) and massaged a few sentences in the documentation
> > > * Massaged the FSGSBASE enablement message
> >
> > That still lacks what Andy requested quite some time ago in the V8 thread:
> >
> >      https://lore.kernel.org/lkml/034aaf3a-a93d-ec03-0bbd-
> 068e1905b774@...nel.org/
> >
> >   "I also think that, before this series can have my ack, it needs an
> >    actual gdb maintainer to chime in, publicly, and state that they have
> >    thought about and tested the ABI changes and that gdb still works on
> >    patched kernels with and without FSGSBASE enabled.  I realize that there
> >    were all kinds of discussions, but they were all quite theoretical, and
> >    I think that the actual patches need to be considered by people who
> >    understand the concerns.  Specific test cases would be nice, too."
> >
> > What's the state of this?

On branch users/mmetzger/fsgs in sourceware.org/git/binutils-gdb.git,
there's a GDB test covering the behavior discussed theoretically back then.

It covers modifying the selector as well as the base from GDB and using
the modified values for inferior calls as well as for resuming the inferior.

Current kernels allow changing the selector and provide the resulting
base back to the ptracer.  They also allow changing the base as long as
the selector is zero.  That's the behavior we wanted to preserve IIRC.

The patch series on branch fsgs_tip_5.4-rc1_100319 at
github.com/changbae/Linux-kernel.git breaks tests that modify the
selector and expect that to change the base.

That kernel allows changing the base via ptrace but ignores changes
to the selector.

Regards,
Markus.
Intel Deutschland GmbH
Registered Address: Am Campeon 10-12, 85579 Neubiberg, Germany
Tel: +49 89 99 8853-0, www.intel.de
Managing Directors: Christin Eisenschmid, Gary Kershaw
Chairperson of the Supervisory Board: Nicole Lau
Registered Office: Munich
Commercial Register: Amtsgericht Muenchen HRB 186928

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ