lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 13 Dec 2021 12:22:12 +0800
From:   Lai Jiangshan <jiangshanlai@...il.com>
To:     linux-kernel@...r.kernel.org
Cc:     x86@...nel.org, Lai Jiangshan <laijs@...ux.alibaba.com>
Subject: [PATCH 0/3] x86/entry: Fix 3 suspicious bugs

From: Lai Jiangshan <laijs@...ux.alibaba.com>

The problems described in patch1/patch2 can only happen when the system
owner is really paranoid.

For patch3, I hardly believe #VC can hit in the code range returining
to user without implementing more SEV features.

Lai Jiangshan (3):
  X86/db: Change __this_cpu_read() to this_cpu_read() in
    hw_breakpoint_active()
  x86/hw_breakpoint: Add stack_canary to hw_breakpoints denylist
  x86/sev: The code for returning to user space is also in syscall gap

 arch/x86/entry/entry_64.S        | 2 ++
 arch/x86/entry/entry_64_compat.S | 2 ++
 arch/x86/include/asm/debugreg.h  | 2 +-
 arch/x86/include/asm/proto.h     | 4 ++++
 arch/x86/include/asm/ptrace.h    | 4 ++++
 arch/x86/kernel/hw_breakpoint.c  | 8 ++++++++
 6 files changed, 21 insertions(+), 1 deletion(-)

-- 
2.19.1.6.gb485710b

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ