| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <cover.1620186182.git.jpoimboe@redhat.com>
Date: Tue, 4 May 2021 22:54:28 -0500
From: Josh Poimboeuf <jpoimboe@...hat.com>
To: Al Viro <viro@...iv.linux.org.uk>
Cc: x86@...nel.org, linux-kernel@...r.kernel.org,
Linus Torvalds <torvalds@...ux-foundation.org>,
Will Deacon <will@...nel.org>,
Dan Williams <dan.j.williams@...el.com>,
Andrea Arcangeli <aarcange@...hat.com>,
Waiman Long <longman@...hat.com>,
Peter Zijlstra <peterz@...radead.org>,
Thomas Gleixner <tglx@...utronix.de>,
Andrew Cooper <andrew.cooper3@...rix.com>,
Andy Lutomirski <luto@...nel.org>,
Christoph Hellwig <hch@....de>,
David Laight <David.Laight@...lab.com>,
Mark Rutland <mark.rutland@....com>,
Borislav Petkov <bp@...en8.de>
Subject: [PATCH v4 0/4] x86/uaccess: Use pointer masking to limit uaccess speculation
This one managed to fall through the cracks back in September. Here's a
fresh new version.
Ideally, we'd switch all access_ok() users to access_ok_mask() or
something, but that's a much bigger change.
I dropped all the ack/review tags because the rebase was significant.
Please review carefully :-)
v4 changes:
- Rebased on the latest.
- Split up into multiple logical patches.
- Renamed "force_user_ptr()" -> "mask_user_ptr()" to prevent confusing
it with '__force' casting. [based on Dan's comment]
- Instead of reusing array_index_nospec(), made a new separate inline
asm statement. Otherwise it fails the build on recent toolchains
and/or kernels because the "g" constraint in array_index_mask_nospec()
isn't big enough for TASK_SIZE_MAX. I could have changed "g" to "r",
but that would negatively impact code generation for the other users.
v3 was here:
https://lore.kernel.org/lkml/1d06ed6485b66b9f674900368b63d7ef79f666ca.1599756789.git.jpoimboe@redhat.com/
Josh Poimboeuf (4):
uaccess: Always inline strn*_user() helper functions
uaccess: Fix __user annotations for copy_mc_to_user()
x86/uaccess: Use pointer masking to limit uaccess speculation
x86/nospec: Remove barrier_nospec()
Documentation/admin-guide/hw-vuln/spectre.rst | 6 +--
arch/x86/include/asm/barrier.h | 3 --
arch/x86/include/asm/futex.h | 5 ++
arch/x86/include/asm/uaccess.h | 48 +++++++++++++------
arch/x86/include/asm/uaccess_64.h | 12 ++---
arch/x86/kernel/cpu/sgx/virt.c | 6 ++-
arch/x86/lib/copy_mc.c | 10 ++--
arch/x86/lib/csum-wrappers_64.c | 5 +-
arch/x86/lib/getuser.S | 16 ++-----
arch/x86/lib/putuser.S | 8 ++++
arch/x86/lib/usercopy_32.c | 6 +--
arch/x86/lib/usercopy_64.c | 7 +--
lib/iov_iter.c | 2 +-
lib/strncpy_from_user.c | 6 ++-
lib/strnlen_user.c | 4 +-
15 files changed, 89 insertions(+), 55 deletions(-)
--
2.31.1
Powered by blists - more mailing lists