| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 7 Sep 2021 22:04:54 +0200
From: Borislav Petkov <bp@...en8.de>
To: X86 ML <x86@...nel.org>
Cc: Ricardo Neri <ricardo.neri-calderon@...ux.intel.com>,
LKML <linux-kernel@...r.kernel.org>,
Marcus Rückert <mrueckert@...e.com>
Subject: [PATCH] x86/umip: Add a umip= cmdline switch
From: Borislav Petkov <bp@...e.de>
And add the first control option
umip=warnings_off
which disables warnings resulting from emulating UMIP-enabled insns.
The actual use case is for users playing games in wine, games like
Overwatch, for example, which go nuts with SIDT:
[Di Sep 7 00:24:05 2021] umip_printk: 1345 callbacks suppressed
[Di Sep 7 00:24:05 2021] umip: someapp.exe[29231] ip:14064cdba sp:11b7c0: SIDT instruction cannot be used by applications.
[Di Sep 7 00:24:05 2021] umip: someapp.exe[29231] ip:14064cdba sp:11b7c0: For now, expensive software emulation returns the result.
...
[Di Sep 7 00:26:06 2021] umip_printk: 2227 callbacks suppressed
[Di Sep 7 00:26:06 2021] umip: someapp.exe[29231] ip:14064cdba sp:11b940: SIDT instruction cannot be used by applications.
filling up the kernel log unnecessarily with the same info over and over
again which doesn't mean a whit to the users - they just wanna play.
So add a boot-time control switch for those warning messages.
Reported-by: Marcus Rückert <mrueckert@...e.com>
Signed-off-by: Borislav Petkov <bp@...e.de>
---
.../admin-guide/kernel-parameters.txt | 5 +++
arch/x86/kernel/umip.c | 33 +++++++++++++++++--
2 files changed, 35 insertions(+), 3 deletions(-)
diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
index 828d11441ebf..815d022c3e87 100644
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -5887,6 +5887,11 @@
unknown_nmi_panic
[X86] Cause panic on unknown NMI.
+ umip=warnings_off
+ [X86]
+ * warnings_off - do not issue warnings when emulating
+ UMIP-enabled instructions.
+
usbcore.authorized_default=
[USB] Default USB device authorization:
(default -1 = authorized except for wireless USB,
diff --git a/arch/x86/kernel/umip.c b/arch/x86/kernel/umip.c
index 576b47e7523d..1d37dc626011 100644
--- a/arch/x86/kernel/umip.c
+++ b/arch/x86/kernel/umip.c
@@ -90,10 +90,19 @@ static const char * const umip_insns[5] = {
[UMIP_INST_STR] = "STR",
};
-#define umip_pr_err(regs, fmt, ...) \
+static struct umip_config {
+ __u64 warnings_off : 1,
+ __reserved : 63;
+} umip_cfg;
+
+#define umip_pr_err(regs, fmt, ...) \
umip_printk(regs, KERN_ERR, fmt, ##__VA_ARGS__)
-#define umip_pr_warn(regs, fmt, ...) \
- umip_printk(regs, KERN_WARNING, fmt, ##__VA_ARGS__)
+
+#define umip_pr_warn(regs, fmt, ...) \
+({ \
+ if (!umip_cfg.warnings_off) \
+ umip_printk(regs, KERN_WARNING, fmt, ##__VA_ARGS__); \
+})
/**
* umip_printk() - Print a rate-limited message
@@ -407,5 +416,23 @@ bool fixup_umip_exception(struct pt_regs *regs)
/* increase IP to let the program keep going */
regs->ip += insn.length;
+
return true;
}
+
+static int __init parse_umip_param(char *str)
+{
+ if (!str)
+ return 0;
+
+ if (*str == '=')
+ str++;
+
+ if (!strcmp(str, "warnings_off"))
+ umip_cfg.warnings_off = 1;
+ else
+ return 0;
+
+ return 1;
+}
+__setup("umip", parse_umip_param);
--
2.29.2
Powered by blists - more mailing lists