| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 5 Jun 2023 09:42:52 -0700
From: "H. Peter Anvin" <hpa@...or.com>
To: Thomas Gleixner <tglx@...utronix.de>, Xin Li <xin3.li@...el.com>,
linux-kernel@...r.kernel.org, x86@...nel.org, kvm@...r.kernel.org
Cc: mingo@...hat.com, bp@...en8.de, dave.hansen@...ux.intel.com,
peterz@...radead.org, andrew.cooper3@...rix.com, seanjc@...gle.com,
pbonzini@...hat.com, ravi.v.shankar@...el.com,
jiangshanlai@...il.com, shan.kang@...el.com
Subject: Re: [PATCH v8 31/33] x86/fred: BUG() when ERETU with %rsp not equal
to that when the ring 3 event was just delivered
On 6/5/23 07:15, Thomas Gleixner wrote:
> On Mon, Apr 10 2023 at 01:14, Xin Li wrote:
>> A FRED stack frame generated by a ring 3 event should never be messed up, and
>> the first thing we must make sure is that at the time an ERETU instruction is
>> executed, %rsp must have the same address as that when the user level event
>> was just delivered.
>>
>> However we don't want to bother the normal code path of ERETU because it's on
>> the hotest code path, a good choice is to do this check when ERETU
>> faults.
>
> Which might be not catching bugs where the wrong frame makes ERETU not
> fault.
>
> We have CONFIG_DEBUG_ENTRY for catching this at the proper place.
>
This is true, but this BUG() is a cheap test on a slow path, and thus
can be included in production code.
-hpa
Powered by blists - more mailing lists