lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 24 Apr 2020 14:25:35 +0200
From:   Vitaly Kuznetsov <vkuznets@...hat.com>
To:     x86@...nel.org
Cc:     Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        "H. Peter Anvin" <hpa@...or.com>, linux-kernel@...r.kernel.org
Subject: [PATCH] x86/idt: Keep spurious entries unset in system_vectors

Commit dc20b2d52653 ("x86/idt: Move interrupt gate initialization to IDT
code") had a side-effect of 'set_bit(i, used_vectors)' for unused entries
which are being mapped to spurious entries. (user_vectors were later
renamed to system_vectors).

Previously, we used to count on system_vectors in arch_show_interrupts()
to not print unexisting entries in /proc/interrupts. E.g. 'Hypervisor
callback interrupts' should not be printed on bare metal. This is
currently broken.

Setting bits in system_vectors for all unused entries also makes
alloc_intr_gate() fail in case someone decides to do it later. It seems
this is not currently an issue because all alloc_intr_gate() users are
calling it early, before we call idt_setup_apic_and_irq_gates() but
this also seems wrong.

Signed-off-by: Vitaly Kuznetsov <vkuznets@...hat.com>
---
 arch/x86/kernel/idt.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kernel/idt.c b/arch/x86/kernel/idt.c
index 87ef69a72c52..b62e9d080a3e 100644
--- a/arch/x86/kernel/idt.c
+++ b/arch/x86/kernel/idt.c
@@ -318,7 +318,13 @@ void __init idt_setup_apic_and_irq_gates(void)
 
 #ifdef CONFIG_X86_LOCAL_APIC
 	for_each_clear_bit_from(i, system_vectors, NR_VECTORS) {
-		set_bit(i, system_vectors);
+		/*
+		 * Spurious entries are left unset in system_vectors so it can
+		 * be used to check which gates were really allocated. This also
+		 * allows using alloc_intr_gate() and not update_intr_gate() if
+		 * some of the currently-spurious entries are to be allocated
+		 * later.
+		 */
 		entry = spurious_entries_start + 8 * (i - FIRST_SYSTEM_VECTOR);
 		set_intr_gate(i, entry);
 	}
-- 
2.25.3

Powered by blists - more mailing lists