lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Fri,  2 Jun 2023 10:29:45 +0100
From:   Ryan Roberts <ryan.roberts@....com>
To:     Andrew Morton <akpm@...ux-foundation.org>,
        SeongJae Park <sj@...nel.org>,
        Christoph Hellwig <hch@...radead.org>
Cc:     Ryan Roberts <ryan.roberts@....com>,
        "Matthew Wilcox (Oracle)" <willy@...radead.org>,
        "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>,
        Lorenzo Stoakes <lstoakes@...il.com>,
        Uladzislau Rezki <urezki@...il.com>, Zi Yan <ziy@...dia.com>,
        Yu Zhao <yuzhao@...gle.com>, Mike Rapoport <rppt@...nel.org>,
        linux-kernel@...r.kernel.org, linux-mm@...ck.org,
        damon@...ts.linux.dev
Subject: [PATCH v3 0/4] Fixes for pte encapsulation bypasses

This is the first half of v3 of a series to improve the encapsulation of pte
entries by disallowing non-arch code from directly dereferencing pte_t pointers.
Based on earlier feedback, I've split the series in 2; this first part contains
fixes for existing bugs that were discovered during the work. The second part,
which contains the new changes I'm adding, will be posted separately.

These fixes have had a fair amount of review now so I hope they can be
considered for addition to the appropriate mm- branch as is. And I've cc'ed
stable since I believe they should be candidates for backport.

See the v1 cover letter at [1] for rationale and explanation of overall
objective (requires both parts of the split series to achieve).

The series is split up as follows:

patch 1-2:  Fix bugs where code was _setting_ ptes directly, rather than using
            set_pte_at() and friends. Data corruption was theoretically
	    possible.
patch 3:    Minor refactoring requested in v2 review.
patch 4:    Fix highmem unmapping issue I spotted while doing the work.

Patches are based on v6.4-rc4 and a branch is available at [3].

Changes since v2 [2]:
   - patch 2: minor commit message rewording to fix review nits
   - patch 3: Refactored damon code to use {pte|pmd}p_clear_young_notify()
   - patch 1-4: applied Ack/Reviewed-by tags; thanks for those!

Changes since v1 [1]:
   - patch 1: Refactored pfn to use local variable
   - patch 1-2: Minor rewording of commit message: 'verify' -> 'check'
   - patch 1-3: applied Ack/Reviewed-by tags; thanks for those!

[1] https://lore.kernel.org/linux-mm/20230511132113.80196-1-ryan.roberts@arm.com/
[2] https://lore.kernel.org/linux-mm/20230518110727.2106156-1-ryan.roberts@arm.com/
[3] https://gitlab.arm.com/linux-arm/linux-rr/-/tree/bugs/pte_encapsulation_bypasses-lkml_v3

Thanks,
Ryan

Ryan Roberts (4):
  mm: vmalloc must set pte via arch code
  mm/damon/ops-common: atomically test and clear young on ptes and pmds
  mm/damon/ops-common: Refactor to use {pte|pmd}p_clear_young_notify()
  mm: Fix failure to unmap pte on highmem systems

 mm/damon/ops-common.c | 30 ++++--------------------------
 mm/damon/ops-common.h |  4 ++--
 mm/damon/paddr.c      |  4 ++--
 mm/damon/vaddr.c      |  4 ++--
 mm/memory.c           |  6 ++----
 mm/vmalloc.c          | 10 ++++++++--
 6 files changed, 20 insertions(+), 38 deletions(-)

--
2.25.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ