lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 10 Mar 2022 17:19:40 +0000
From:   David Laight <David.Laight@...LAB.COM>
To:     'Dave Hansen' <dave.hansen@...el.com>,
        'Bharata B Rao' <bharata@....com>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
CC:     "linux-mm@...ck.org" <linux-mm@...ck.org>,
        "x86@...nel.org" <x86@...nel.org>,
        "kirill.shutemov@...ux.intel.com" <kirill.shutemov@...ux.intel.com>,
        "tglx@...utronix.de" <tglx@...utronix.de>,
        "mingo@...hat.com" <mingo@...hat.com>,
        "bp@...en8.de" <bp@...en8.de>,
        "dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>,
        "catalin.marinas@....com" <catalin.marinas@....com>,
        "will@...nel.org" <will@...nel.org>,
        "shuah@...nel.org" <shuah@...nel.org>,
        "oleg@...hat.com" <oleg@...hat.com>,
        "ananth.narayan@....com" <ananth.narayan@....com>
Subject: RE: [RFC PATCH v0 0/6] x86/AMD: Userspace address tagging

From: Dave Hansen <dave.hansen@...el.com>
> Sent: 10 March 2022 16:46
> 
> On 3/10/22 06:32, David Laight wrote:
> >> UAI allows software to store a tag in the upper 7 bits of a logical
> >> address [63:57]. When enabled, the processor will suppress the
> >> traditional canonical address checks on the addresses. More information
> >> about UAI can be found in section 5.10 of 'AMD64 Architecture
> >> Programmer's Manual, Vol 2: System Programming' which is available from
> >>
> >> https://bugzilla.kernel.org/attachment.cgi?id=300549
> > Is that really allowing bit 63 to be used?
> > That is normally the user-kernel bit.
> > I can't help feeling that will just badly break things.
> 
> Yeah, this does seem worrisome.  The LAM approach[1] retains
> canonicality checking for bit 63.

Actually it is rather worse than 'worrisome'.
Allowing the user all address upto the base of the valid
kernel addresses (probably tags to 3e, but not 3f)
means that you can't use a fast address check in access_ok().
You are forced to use the strict test that 32bit kernels use.

Otherwise for 64bit access_ok() need only test address < 0
and rely on kernel code reading something below the (big)
offset to valid kernel addresses.
No real need to include the length at all.

If the hardware is just ignoring the high address bits
then the should be no need to mask them in kernel.
The required kernel accesses to user memory should 'just work'.

Of course, the bit to enable this (wherever it is) needs
to be restored on every process switch.

	David

-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ