lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Y7bT0OL8RAWkCu0Z@kroah.com>
Date:   Thu, 5 Jan 2023 14:42:40 +0100
From:   Greg KH <gregkh@...uxfoundation.org>
To:     Aaron Lu <aaron.lu@...el.com>
Cc:     Dave Hansen <dave.hansen@...el.com>,
        Pavel Boldin <pboldin@...udlinux.com>,
        Pavel Boldin <boldin.pavel@...il.com>,
        "Raphael S. Carvalho" <raphaelsc@...lladb.com>,
        Moritz Lipp <github@....me>,
        Daniel Gruss <daniel.gruss@...k.tugraz.at>,
        Michael Schwarz <michael.schwarz91@...il.com>,
        linux-kselftest@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] selftest/x86/meltdown: Add a selftest for meltdown

On Thu, Jan 05, 2023 at 08:35:05PM +0800, Aaron Lu wrote:
> To capture potential programming errors like mistakenly setting Global
> bit on kernel page table entries, a selftest for meltdown is added.
> 
> This selftest is based on Pavel Boldin's work at:
> https://github.com/linux-test-project/ltp/blob/master/testcases/cve/meltdown.c
> 
> In addition to the existing test of reading kernel variable
> saved_command_line from user space, one more test of reading user local
> variable through kernel direct map address is added. For the existing
> test(reading saved_command_line) to report a failure, both the high kernel
> mapping and low kernel mapping have to be in leaked state; For the added
> test(read local var), only low kernel mapping leak is enough to trigger
> a test fail, so both tests are useful.
> 
> Test results of 10 runs:
> 
> On v6.1-rc8 with nopti kernel cmdline option:
> 
> host              test_out_rate_1    test_out_rate_2
> lkp-bdw-de1            50%               100%
> lkp-hsw-d01            70%               100%
> lkp-hsw-d02             0%                80%
> lkp-hsw-d03            60%               100%
> lkp-hsw-d04            20%               100%
> lkp-hsw-d05            60%               100%
> lkp-ivb-d01             0%                70%
> lkp-kbl-d01           100%               100%
> lkp-skl-d02           100%                90%
> lkp-skl-d03            90%               100%
> lkp-skl-d05            60%               100%
> kbl-vm                100%                80%
> 2 other machines have 0% rate for both tests.
> 
> bdw=broadwell, hsw=haswell, ivb=ivybridge, etc.
> 
> test_out_rate_1: test reports fail rate for the test of reading
> saved_command_line from user space;
> test_out_rate_2: test reports fail rate for the test of reading user
> local variable through kernel direct map address in user space.
> 
> On v5.19 without nopti cmdline option:
> host              test_out_rate_2
> lkp-bdw-de1            80%
> lkp-hsw-4ex1           50%
> lkp-hsw-d01            30%
> lkp-hsw-d03            10%
> lkp-hsw-d04            10%
> lkp-kbl-d01            10%
> kbl-vm                 80%
> 7 other machines have 0% rate for test2.
> 
> Also tested on an i386 VM with 512M memory and the test out rate is 100%
> when adding nopti to kernel cmdline with v6.1-rc8.
> 
> Main changes I made from Pavel Boldin's meltdown test are:
> - Replace rdtscll() and clflush() with kernel's implementation;
> - Reimplement find_symbol_in_file() to avoid bringing in LTP's library
>   functions;
> - Coding style changes: placing the function return type in the same
>   line of the function.
> 
> Signed-off-by: Aaron Lu <aaron.lu@...el.com>
> ---
> Notable changes from RFC v3:
> - Drop RFC tag;
> - Change the base code from zlib licensed one to GPL licensed one.

Sorry, but this still gets my NAK for the issues raised in previous
reviews that are not addressed here for some reason :(

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ