lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 10 Aug 2021 00:57:29 +0000
From:   "Bae, Chang Seok" <chang.seok.bae@...el.com>
To:     "Macieira, Thiago" <thiago.macieira@...el.com>
CC:     "bp@...e.de" <bp@...e.de>, "Lutomirski, Andy" <luto@...nel.org>,
        "tglx@...utronix.de" <tglx@...utronix.de>,
        "mingo@...nel.org" <mingo@...nel.org>,
        "x86@...nel.org" <x86@...nel.org>,
        "Brown, Len" <len.brown@...el.com>,
        "Hansen, Dave" <dave.hansen@...el.com>,
        "Liu, Jing2" <jing2.liu@...el.com>,
        "Shankar, Ravi V" <ravi.v.shankar@...el.com>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v9 14/26] x86/arch_prctl: Create
 ARCH_SET_STATE_ENABLE/ARCH_GET_STATE_ENABLE

On Aug 9, 2021, at 16:42, Macieira, Thiago <thiago.macieira@...el.com> wrote:
> 
> This means the corruption can get worse since the rollback code can undo or 
> partially undo the progression of the other ARCH_SET_STATE_ENABLE.

Maybe something like this can help here to ensure a valid rollback.

diff --git a/arch/x86/kernel/fpu/xstate.c b/arch/x86/kernel/fpu/xstate.c
index 96056f49bcff..3468bc0ee654 100644
--- a/arch/x86/kernel/fpu/xstate.c
+++ b/arch/x86/kernel/fpu/xstate.c
@@ -1353,6 +1353,8 @@ int alloc_xstate_buffer(struct fpu *fpu, u64 mask)
       return 0;
}

+static DEFINE_SPINLOCK(set_xstate_perm_lock);
+
/**
 * set_process_xstate_perm - Set a per-process permission to use dynamic
 *                          user xstates.
@@ -1383,6 +1385,8 @@ long set_process_xstate_perm(struct task_struct *tsk, u64 state_perm)
       if (!req_dynstate_perm)
               return 0;

+       spin_lock(&set_xstate_perm_lock);
+
       old_dynstate_perm = tsk->thread.fpu.dynamic_state_perm;

       for_each_thread(tsk, t) {
@@ -1396,6 +1400,8 @@ long set_process_xstate_perm(struct task_struct *tsk, u64 state_perm)
               pr_err("x86/fpu: ARCH_XSTATE_PERM failed as thread number mismatched.\n");
               return -EBUSY;
       }
+
+       spin_unlock(&set_xstate_perm_lock);
       return 0;
}

Thanks,
Chang

Powered by blists - more mailing lists