lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <YAdAA6k7ZjqikE0R@google.com>
Date:   Tue, 19 Jan 2021 12:24:35 -0800
From:   Sean Christopherson <seanjc@...gle.com>
To:     Tianjia Zhang <tianjia.zhang@...ux.alibaba.com>
Cc:     Jarkko Sakkinen <jarkko@...nel.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        "H. Peter Anvin" <hpa@...or.com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Shuah Khan <shuah@...nel.org>, haitao.huang@...el.com,
        Kai Huang <kai.huang@...el.com>, x86@...nel.org,
        linux-sgx@...r.kernel.org, linux-kernel@...r.kernel.org,
        linux-mm@...ck.org, linux-kselftest@...r.kernel.org,
        Jia Zhang <zhang.jia@...ux.alibaba.com>
Subject: Re: [PATCH] x86/sgx: Fix free_cnt counting logic in epc section

On Mon, Jan 18, 2021, Tianjia Zhang wrote:
> Increase `section->free_cnt` in sgx_sanitize_section() is
> more reasonable, which is called in ksgxd kernel thread,
> instead of assigning it to epc section pages number at
> initialization. Although this is unlikely to fail, these
> pages cannot be allocated after initialization, and which
> need to be reset by ksgxd.
> 
> Reported-by: Jia Zhang <zhang.jia@...ux.alibaba.com>
> Signed-off-by: Tianjia Zhang <tianjia.zhang@...ux.alibaba.com>

Reviewed-by: Sean Christopherson <seanjc@...gle.com> 

> ---
>  arch/x86/kernel/cpu/sgx/main.c | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/arch/x86/kernel/cpu/sgx/main.c b/arch/x86/kernel/cpu/sgx/main.c
> index c519fc5f6948..9e9a3cf7c00b 100644
> --- a/arch/x86/kernel/cpu/sgx/main.c
> +++ b/arch/x86/kernel/cpu/sgx/main.c
> @@ -48,9 +48,10 @@ static void sgx_sanitize_section(struct sgx_epc_section *section)
>  					struct sgx_epc_page, list);
>  
>  		ret = __eremove(sgx_get_epc_virt_addr(page));
> -		if (!ret)
> +		if (!ret) {
>  			list_move(&page->list, &section->page_list);
> -		else
> +			section->free_cnt += 1;
> +		} else

Nit: the the "else" should also have curly braces.

>  			list_move_tail(&page->list, &dirty);
>  
>  		spin_unlock(&section->lock);

FWIW, taking section->lock could be moved inside the !ret flow so that EREMOVE
is done without holding the lock.  I've no idea if that'd actually change
anything in practice, but it's theoretically possible that ksgxd hasn't finished
sanitizing the EPC when userspace starts creating enclaves.

> @@ -646,7 +647,6 @@ static bool __init sgx_setup_epc_section(u64 phys_addr, u64 size,
>  		list_add_tail(&section->pages[i].list, &section->init_laundry_list);
>  	}
>  
> -	section->free_cnt = nr_pages;
>  	return true;
>  }
>  
> -- 
> 2.19.1.3.ge56e4f7
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ