| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 2 Nov 2020 19:39:38 +0100
From: Borislav Petkov <bp@...en8.de>
To: Andy Lutomirski <luto@...nel.org>
Cc: Dave Hansen <dave.hansen@...el.com>,
Sean Christopherson <sean.j.christopherson@...el.com>,
"Yu, Yu-cheng" <yu-cheng.yu@...el.com>,
LKML <linux-kernel@...r.kernel.org>, X86 ML <x86@...nel.org>,
Rik van Riel <riel@...riel.com>,
Andrew Cooper <andrew.cooper3@...rix.com>
Subject: Re: How should we handle illegal task FPU state?
On Thu, Oct 01, 2020 at 03:04:48PM -0700, Andy Lutomirski wrote:
> On Thu, Oct 1, 2020 at 2:50 PM Dave Hansen <dave.hansen@...el.com> wrote:
> > I'm not sure we should ever keep running userspace after an XRSTOR*
> > failure. For MPX, this might have provided a nice, additional vector
> > for an attacker to turn off MPX. Same for pkeys if we didn't correctly
> > differentiate between the hardware init state versus the "software init"
> > state that we keep in init_task.
> >
> > What's the advantage of letting userspace keep running after we init its
> > state? That it _might_ be able to recover?
>
> I suppose we can kill userspace and change that behavior only if
> someone complains. I still think it would be polite to try to dump
> core, but that could be tricky with the current code structure. I'll
> try to whip up a patch. Maybe I'll add a debugfs file to trash MXCSR
> for testing.
Just for the record, I like this: safe and simple. We can always do
smarter shenanigans later, if at all needed, that is.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
Powered by blists - more mailing lists