lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <cover.1612113550.git.luto@kernel.org>
Date:   Sun, 31 Jan 2021 09:24:31 -0800
From:   Andy Lutomirski <luto@...nel.org>
To:     x86@...nel.org
Cc:     LKML <linux-kernel@...r.kernel.org>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        Yonghong Song <yhs@...com>,
        Masami Hiramatsu <mhiramat@...nel.org>,
        Andy Lutomirski <luto@...nel.org>
Subject: [PATCH 00/11] x86/fault: Cleanups and robustifications

The BPF team reported a warning in the x86 page fault code.  This caused me
to read said code, and it was quite tangled.  This series attempts to
mostly disentangle it and fixes a whole bunch of corner cases.  In my
opinion, the control flow and the semantics of the various page fault
functions are much clearer with this series applied, and it also fixes
warts in the SMEP, SMAP, and WRUSS corners of the page fault handler.

Fortunately we don't have any WRUSS instructions in the kernel yet, but I
can dream that some day we'll get real instructions for explicit access to
normal user memory, in which case they will also benefit from these fixes.

The first patch is a genuine regression fix, but the rest is potentially
subtle enough that I would like it to have a good long soak in -next before
landing.

As a nice side bonus, the first patch should give a decent speedup to page
fault signal delivery on CPUs that are not affected by AMD erratum #91.

Andy Lutomirski (11):
  x86/fault: Fix AMD erratum #91 errata fixup for user code
  x86/fault: Fold mm_fault_error() into do_user_addr_fault()
  x86/fault/32: Move is_f00f_bug() do do_kern_addr_fault()
  x86/fault: Document the locking in the fault_signal_pending() path
  x86/fault: Correct a few user vs kernel checks wrt WRUSS
  x86/fault: Improve kernel-executing-user-memory handling
  x86/fault: Split the OOPS code out from no_context()
  x86/fault: Bypass no_context() for implicit kernel faults from
    usermode
  x86/fault: Rename no_context() to kernelmode_fixup_or_oops()
  x86/fault: Don't run fixups for SMAP violations
  x86/fault: Don't look for extable entries for SMEP violations

 arch/x86/mm/fault.c | 355 ++++++++++++++++++++++++--------------------
 1 file changed, 197 insertions(+), 158 deletions(-)

-- 
2.29.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ