| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 17 Feb 2022 08:44:17 -0800
From: Dave Hansen <dave.hansen@...el.com>
To: Brian Geffon <bgeffon@...gle.com>
Cc: Greg KH <gregkh@...uxfoundation.org>,
Thomas Gleixner <tglx@...utronix.de>,
Willis Kung <williskung@...gle.com>,
Guenter Roeck <groeck@...gle.com>,
Borislav Petkov <bp@...e.de>,
Andy Lutomirski <luto@...nel.org>,
"# v4 . 10+" <stable@...r.kernel.org>,
the arch/x86 maintainers <x86@...nel.org>,
LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH stable 5.4,5.10] x86/fpu: Correct pkru/xstate
inconsistency
On 2/17/22 05:31, Brian Geffon wrote:
> How would you and Greg KH like to proceed with this? I'm happy to help
> however I can.
If I could wave a magic wand, I'd just apply the whole FPU rewrite to
stable.
My second choice would be to stop managing PKRU with XSAVE.
x86_pkru_load() uses WRPKRU instead of XSAVE and keeps the task's PKRU
in task->pkru instead of the XSAVE buffer. Doing that will take some
care, including pulling XFEATURE_PKRU out of the feature mask (RFBM) at
XRSTOR. I _think_ that can be done in a manageable set of patches which
will keep stable close to mainline. I recognize that more bugs might
get introduced in the process which are unique to stable.
If you give that a shot and realize that it's not feasible to do a
subset, then we can fall back to the minimal fix. I'm not asking for a
multi-month engineering effort here. Maybe an hour or two to see if
it's really as scary as it looks.
Powered by blists - more mailing lists