| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 27 Jan 2021 00:03:03 +0800
From: Lecopzer Chen <lecopzer.chen@...iatek.com>
To: <linux@...linux.org.uk>
CC: <akpm@...ux-foundation.org>, <bigeasy@...utronix.de>,
<gregkh@...uxfoundation.org>, <lecopzer.chen@...iatek.com>,
<linux-arm-kernel@...ts.infradead.org>,
<linux-kernel@...r.kernel.org>, <marc.zyngier@....com>,
<peterx@...hat.com>, <rppt@...nel.org>, <tglx@...utronix.de>,
<walken@...gle.com>, <yj.chiang@...iatek.com>
Subject: Re: [PATCH] ARM: mm: harden branch predictor before opening interrupts during fault
> On Tue, Jan 26, 2021 at 11:01:50PM +0800, Lecopzer Chen wrote:
> > > On 2021-01-26 10:59:32 [+0000], Russell King - ARM Linux admin wrote:
> > > > On Tue, Jan 26, 2021 at 05:17:08PM +0800, Lecopzer Chen wrote:
> > > > > Hi all,
> > > > >
> > > > > I don't see any fix for this issue now(maybe I missed it..?),
> > > > > could we fix this if there is better solution?
> > > > > This issue exists almost two years.
> > > >
> > > > I don't think anyone provided an acceptable patch.
> > > >
> > > > The first patch moved the hardening out of the translation/section
> > > > fault handling. Since the kernel is mapped with sections, these
> > > > are above TASK_SIZE, and the whole point of the branch prediction
> > > > hardening is to prevent the prediction in the kernel being exploited,
> > > > missing the hardening effectively makes the mitigation useless.
> > > >
> > > > The discussion in February 2019 never concluded from what I can see.
> > >
> > > My memory is that I never got a reply which I understood.
> > > Let me try again this week with the information above.
> >
> >
> > NOTE:
> > Before sending this mail, I had searched the relative threads and
> > there are two solutions in general:
> > 1. Add get_pcpu()/put_cpu() https://lkml.org/lkml/2019/6/3/426
> > Reject by Marc:
> > > The right fix would be to move the call to a point where we haven't
> > > enabled preemption yet.
> >
> > 2. Move out like the patch from Sebastian:
> > This seems follow the concept of 1.
> > (move the call to a point where we haven't enabled preemption yet).
> > But I can't find any reply in the thread.
> >
> > Now the CONFIG_HARDEN_BRANCH_PREDICTOR has already backported to LTS,
> > and after upgrading ARM CONFIG_CPU_V7 products to latest LTS, the
> > CONFIG_HARDEN_BRANCH_PREDICTOR will be default y and this issue makes
> > our devices panic and we have to either disable HARDEN_BRANCH_PREDICTOR
> > or hack in-house to avoid the kernel panic.
>
> It does _not_ cause the kernel to panic, ever. A kernel panic takes
> out the system. This is not the case here.
>
> It merely causes a noisy message to be emitted in the kernel log, and
> the system survives. That is way more preferable than breaking the
> effect of branch predictor hardening.
>
> If it is taking out your kernel with a real panic, then there is
> something wrong elsewhere - and this is _not_ something that should
> be happening during normal system operation.
Oh, yes, you're right;
After reread the panic log, our panic happened because
-> invalid userspace memory access
-> debug_preempt log
-> the program seg fault
-> main service need the program but it crash
-> panic
Sorry for wrong information and thanks a lot for the correctness.
I think I have to see why the in-house hacking is working...
Thanks!!
BRs,
Lecopzer
Powered by blists - more mailing lists