lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 3 Apr 2023 15:55:09 +0200
From:   Dmitry Vyukov <dvyukov@...gle.com>
To:     "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>
Cc:     Dave Hansen <dave.hansen@...ux.intel.com>,
        Andy Lutomirski <luto@...nel.org>,
        Peter Zijlstra <peterz@...radead.org>, x86@...nel.org,
        Kostya Serebryany <kcc@...gle.com>,
        Andrey Ryabinin <ryabinin.a.a@...il.com>,
        Andrey Konovalov <andreyknvl@...il.com>,
        Alexander Potapenko <glider@...gle.com>,
        Taras Madan <tarasmadan@...gle.com>,
        "H . J . Lu" <hjl.tools@...il.com>,
        Andi Kleen <ak@...ux.intel.com>,
        Rick Edgecombe <rick.p.edgecombe@...el.com>,
        Bharata B Rao <bharata@....com>,
        Jacob Pan <jacob.jun.pan@...ux.intel.com>,
        Ashok Raj <ashok.raj@...el.com>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        linux-mm@...ck.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 2/2] x86/mm/iommu/sva: Do not allow to set
 FORCE_TAGGED_SVA bit from outside

On Mon, 3 Apr 2023 at 13:10, Kirill A. Shutemov
<kirill.shutemov@...ux.intel.com> wrote:
>
> arch_prctl(ARCH_FORCE_TAGGED_SVA) overrides the default and allows LAM
> and SVA to co-exist in the process. It is expected by called by the
> process when it knows what it is doing.
>
> arch_prctl() operates on the current process, but the same code is
> reachable from ptrace where it can be called on arbitrary task.
>
> Make it strict and only allow to set MM_CONTEXT_FORCE_TAGGED_SVA for the
> current process.
>
> Signed-off-by: Kirill A. Shutemov <kirill.shutemov@...ux.intel.com>
> Fixes: 23e5d9ec2bab ("x86/mm/iommu/sva: Make LAM and SVA mutually exclusive")
> Suggested-by: Dmitry Vyukov <dvyukov@...gle.com>
> ---
>  arch/x86/kernel/process_64.c | 2 ++
>  1 file changed, 2 insertions(+)
>
> diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c
> index c7dfd727c9ec..cefac2d3a9f6 100644
> --- a/arch/x86/kernel/process_64.c
> +++ b/arch/x86/kernel/process_64.c
> @@ -885,6 +885,8 @@ long do_arch_prctl_64(struct task_struct *task, int option, unsigned long arg2)
>         case ARCH_ENABLE_TAGGED_ADDR:
>                 return prctl_enable_tagged_addr(task->mm, arg2);
>         case ARCH_FORCE_TAGGED_SVA:
> +               if (current != task)
> +                       return -EINVAL;

prctl_enable_tagged_addr() checks "task->mm != current->mm".
Should we check the same here for consistency? Or also change the
check in prctl_enable_tagged_addr().

arch_prctl() can only do task==current, so I guess "current != task"
is a more reasonable check for prctl_enable_tagged_addr() as well.



>                 set_bit(MM_CONTEXT_FORCE_TAGGED_SVA, &task->mm->context.flags);
>                 return 0;
>         case ARCH_GET_MAX_TAG_BITS:
> --
> 2.39.2
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ