lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <31008f559a7263d2a4042f9c061efcd4e86b5a69.camel@intel.com>
Date:   Mon, 19 Jul 2021 18:21:34 +0000
From:   "Edgecombe, Rick P" <rick.p.edgecombe@...el.com>
To:     "Xu, Pengfei" <pengfei.xu@...el.com>,
        "vedvyas.shanbhogue@...el.com" <vedvyas.shanbhogue@...el.com>,
        "tglx@...utronix.de" <tglx@...utronix.de>,
        "linux-arch@...r.kernel.org" <linux-arch@...r.kernel.org>,
        "Lutomirski, Andy" <luto@...nel.org>,
        "nadav.amit@...il.com" <nadav.amit@...il.com>,
        "peterz@...radead.org" <peterz@...radead.org>,
        "corbet@....net" <corbet@....net>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "jannh@...gle.com" <jannh@...gle.com>,
        "x86@...nel.org" <x86@...nel.org>, "bp@...en8.de" <bp@...en8.de>,
        "pavel@....cz" <pavel@....cz>,
        "rdunlap@...radead.org" <rdunlap@...radead.org>,
        "linux-api@...r.kernel.org" <linux-api@...r.kernel.org>,
        "Dave.Martin@....com" <Dave.Martin@....com>,
        "arnd@...db.de" <arnd@...db.de>,
        "bsingharora@...il.com" <bsingharora@...il.com>,
        "mike.kravetz@...cle.com" <mike.kravetz@...cle.com>,
        "oleg@...hat.com" <oleg@...hat.com>,
        "fweimer@...hat.com" <fweimer@...hat.com>,
        "keescook@...omium.org" <keescook@...omium.org>,
        "Yu, Yu-cheng" <yu-cheng.yu@...el.com>,
        "gorcunov@...il.com" <gorcunov@...il.com>,
        "Huang, Haitao" <haitao.huang@...el.com>,
        "hpa@...or.com" <hpa@...or.com>,
        "mingo@...hat.com" <mingo@...hat.com>,
        "Shankar, Ravi V" <ravi.v.shankar@...el.com>,
        "hjl.tools@...il.com" <hjl.tools@...il.com>,
        "linux-mm@...ck.org" <linux-mm@...ck.org>,
        "esyr@...hat.com" <esyr@...hat.com>,
        "linux-doc@...r.kernel.org" <linux-doc@...r.kernel.org>,
        "Yang, Weijiang" <weijiang.yang@...el.com>,
        "dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>
Subject: Re: [PATCH v27 06/10] x86/cet/ibt: Update arch_prctl functions for
 Indirect Branch Tracking

On Fri, 2021-05-21 at 15:15 -0700, Yu-cheng Yu wrote:
> From: "H.J. Lu" <hjl.tools@...il.com>
> 
> Update ARCH_X86_CET_STATUS and ARCH_X86_CET_DISABLE for Indirect
> Branch
> Tracking.
> 
> Signed-off-by: H.J. Lu <hjl.tools@...il.com>
> Signed-off-by: Yu-cheng Yu <yu-cheng.yu@...el.com>
> Reviewed-by: Kees Cook <keescook@...omium.org>
> ---
>  arch/x86/kernel/cet_prctl.c | 5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff --git a/arch/x86/kernel/cet_prctl.c
> b/arch/x86/kernel/cet_prctl.c
> index b426d200e070..bd3c80d402e7 100644
> --- a/arch/x86/kernel/cet_prctl.c
> +++ b/arch/x86/kernel/cet_prctl.c
> @@ -22,6 +22,9 @@ static int cet_copy_status_to_user(struct
> thread_shstk *shstk, u64 __user *ubuf)
>                 buf[2] = shstk->size;
>         }
>  
> +       if (shstk->ibt)
> +               buf[0] |= GNU_PROPERTY_X86_FEATURE_1_IBT;
> +
Can you have IBT enabled but not shadow stack via kernel parameters?
Outside this diff it has:
if (!cpu_feature_enabled(X86_FEATURE_SHSTK))
	return -ENOTSUPP;

So if "no_user_shstk" is set, this can't be used for IBT. But the
kernel would attempt to enable IBT.

Also if so, the CR4 bit enabling logic needs adjusting in this IBT
series. If not, we should probably mention this in the docs and enforce
it. It would then follow the logic in Kconfig, so maybe the simplest.
Like maybe instead of no_user_shstk, just no_user_cet?

>         return copy_to_user(ubuf, buf, sizeof(buf));
>  }
>  
> @@ -46,6 +49,8 @@ int prctl_cet(int option, u64 arg2)
>                         return -EINVAL;
>                 if (arg2 & GNU_PROPERTY_X86_FEATURE_1_SHSTK)
>                         shstk_disable();
> +               if (arg2 & GNU_PROPERTY_X86_FEATURE_1_IBT)
> +                       ibt_disable();
>                 return 0;
>  
>         case ARCH_X86_CET_LOCK:

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ