lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Mon,  8 Nov 2021 15:34:59 -0800
From:   "Chang S. Bae" <chang.seok.bae@...el.com>
To:     linux-kernel@...r.kernel.org
Cc:     x86@...nel.org, tglx@...utronix.de, dave.hansen@...ux.intel.com,
        bp@...en8.de, mingo@...hat.com, yang.zhong@...el.com,
        jing2.liu@...el.com, chang.seok.bae@...el.com
Subject: [PATCH 0/2] x86: Fix ARCH_REQ_XCOMP_PERM and update the test

The recent x86 dynamic state support incorporates the arch_prctl option to
request permission before using a dynamic state.

It was designed to add the requested feature in the group leader's
permission bitmask so that every thread can reference this master bitmask.
The group leader is assumed to be unchanged here. The mainline is the case
as a group leader is identified at fork() or exec() time only.

This master bitmask should include non-dynamic features always, as they
are permitted by default. Users may check them via ARCH_GET_XCOMP_PERM.

But, in hindsight, the implementation does:
  (1) update each task's permission bitmask, instead of the group leader's. 
  (2) overwrite the bitmask with the requested bit only, instead of adding 
      the bit to the existing one. This overwrite effectively revokes the
      permission that is granted already.

Fix the code and also update the selftest to disclose the issue if there
is.

Reported-by: Yang Zhong <yang.zhong@...el.com>
Cc: Thomas Gleixner <tglx@...utronix.de>
Cc: Dave Hansen <dave.hansen@...ux.intel.com>

Chang S. Bae (2):
  x86/arch_prctl: Fix ARCH_REQ_XCOMP_PERM
  selftests/x86/amx: Update the ARCH_REQ_XCOMP_PERM test

 arch/x86/kernel/fpu/xstate.c      |  2 +-
 tools/testing/selftests/x86/amx.c | 16 ++++++++++++++--
 2 files changed, 15 insertions(+), 3 deletions(-)


base-commit: 9a6cf455a952725422f4fb10848839989f833579
-- 
2.17.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ