lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Thu,  3 Jun 2021 08:41:35 +0000 (UTC)
From:   Christophe Leroy <christophe.leroy@...roup.eu>
To:     Benjamin Herrenschmidt <benh@...nel.crashing.org>,
        Paul Mackerras <paulus@...ba.org>,
        Michael Ellerman <mpe@...erman.id.au>
Cc:     linux-kernel@...r.kernel.org, linuxppc-dev@...ts.ozlabs.org
Subject: [PATCH v2 00/12] powerpc: Optimise KUAP on book3s/32

This series is a rework of KUAP on book3s/32.

On book3s32, KUAP is heavier than on other platform because it can't
be opened globaly at once, it must be done for each 256Mb segment.

Instead of opening access to all necessary segments via a heavy logic,
only open access to the segment matching the start of the range.

99.999% of the time, the range doesn't cross segment limit so
it is not worth checking and handling that corner case at the
first place. If that happens, take a fault and do the additional
segments opening in the fault handler. See patch 9 for details.

This series also adds the capability to disable KUAP and KUEP at boot
time via the "nosmap" and "nosmep" kernel parameters as PPC64 does.

Last 2 patches are cleanup of generic KUAP code once book3s/32 has
been simplified.

Changes in v2:
- Incorporated the conversion to C of switch_mmu_context()
- Converted initial KUAP/KUEP setup to C
- Added capability to disable KUAP and KUEP at boottime
- Enable KUAP and KUEP by default 

Christophe Leroy (12):
  powerpc/32s: Move setup_{kuep/kuap}() into {kuep/kuap}.c
  powerpc/32s: Refactor update of user segment registers
  powerpc/32s: move CTX_TO_VSID() into mmu-hash.h
  powerpc/32s: Convert switch_mmu_context() to C
  powerpc/32s: Simplify calculation of segment register content
  powerpc/32s: Initialise KUAP and KUEP in C
  powerpc/32s: Allow disabling KUEP at boot time
  powerpc/32s: Allow disabling KUAP at boot time
  powerpc/32s: Rework Kernel Userspace Access Protection
  powerpc/32s: Activate KUAP and KUEP by default
  powerpc/kuap: Remove KUAP_CURRENT_XXX
  powerpc/kuap: Remove to/from/size parameters of prevent_user_access()

 arch/powerpc/include/asm/book3s/32/kup.h      | 199 ++++++++++++------
 arch/powerpc/include/asm/book3s/32/mmu-hash.h |  41 ++++
 arch/powerpc/include/asm/book3s/64/kup.h      |   3 +-
 arch/powerpc/include/asm/kup.h                |  28 +--
 arch/powerpc/include/asm/nohash/32/kup-8xx.h  |   3 +-
 arch/powerpc/include/asm/processor.h          |  10 +-
 arch/powerpc/kernel/asm-offsets.c             |   5 -
 arch/powerpc/kernel/head_book3s_32.S          |  64 ------
 arch/powerpc/kernel/process.c                 |   3 +
 arch/powerpc/kernel/smp.c                     |   4 +
 arch/powerpc/kvm/book3s_32_mmu_host.c         |   3 -
 arch/powerpc/mm/book3s32/Makefile             |   1 +
 arch/powerpc/mm/book3s32/kuap.c               |  30 +++
 arch/powerpc/mm/book3s32/kuep.c               |  42 +---
 arch/powerpc/mm/book3s32/mmu.c                |  20 --
 arch/powerpc/mm/book3s32/mmu_context.c        |  48 +++--
 arch/powerpc/platforms/Kconfig.cputype        |   4 +-
 17 files changed, 276 insertions(+), 232 deletions(-)
 create mode 100644 arch/powerpc/mm/book3s32/kuap.c

-- 
2.25.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ