lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <d815d964-3a31-024b-7f07-04da86cc62ae@intel.com>
Date:   Fri, 5 Aug 2022 11:03:31 -0700
From:   Dave Hansen <dave.hansen@...el.com>
To:     Kyle Huey <me@...ehuey.com>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Borislav Petkov <bp@...en8.de>
Cc:     Ingo Molnar <mingo@...hat.com>, x86@...nel.org,
        "H. Peter Anvin" <hpa@...or.com>,
        Paolo Bonzini <pbonzini@...hat.com>,
        Andy Lutomirski <luto@...nel.org>,
        Peter Zijlstra <peterz@...radead.org>,
        linux-kernel@...r.kernel.org,
        Robert O'Callahan <robert@...llahan.org>,
        David Manouchehri <david.manouchehri@...eup.net>,
        Borislav Petkov <bp@...e.de>, kvm@...r.kernel.org,
        stable@...r.kernel.org
Subject: Re: [PATCH v2] x86/fpu: Allow PKRU to be (once again) written by
 ptrace.

On 8/5/22 10:24, Dave Hansen wrote:
> On 8/3/22 20:16, Kyle Huey wrote:
>> When management of the PKRU register was moved away from XSTATE, emulation
>> of PKRU's existence in XSTATE was added for APIs that read XSTATE, but not
>> for APIs that write XSTATE. This can be seen by running gdb and executing
>> `p $pkru`, `set $pkru = 42`, and `p $pkru`. On affected kernels (5.14+) the
>> write to the PKRU register (which gdb performs through ptrace) is ignored.
> Do you happen to have a reproducer for this sitting around?  I'd love to
> get an addition to the pkeys selftest/ in place to make sure we don't
> break this again.  PKRU is a very special snowflake.

Let me put this another way: I'm much more likely to quickly merge fixes
that come with a selftest that demonstrates the breakage and the fix.
An in-kernel test ensures:

1. There is a problem now
2. The patch fixes the problem
3. The problem does not recur

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ