lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <ZXkCs9ypok5X/Wx2@debug.ba.rivosinc.com>
Date:   Tue, 12 Dec 2023 17:02:43 -0800
From:   Deepak Gupta <debug@...osinc.com>
To:     Palmer Dabbelt <palmer@...belt.com>
Cc:     Paul Walmsley <paul.walmsley@...ive.com>, aou@...s.berkeley.edu,
        apatel@...tanamicro.com, ajones@...tanamicro.com,
        guoren@...nel.org, mchitale@...tanamicro.com, waylingii@...il.com,
        greentime.hu@...ive.com, samitolvanen@...gle.com,
        Bjorn Topel <bjorn@...osinc.com>,
        Conor Dooley <conor.dooley@...rochip.com>,
        jeeheng.sia@...rfivetech.com, Heiko Stuebner <heiko@...ech.de>,
        Evan Green <evan@...osinc.com>, jszhang@...nel.org,
        cleger@...osinc.com, linux-riscv@...ts.infradead.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH v1 2/2] riscv: envcfg save and restore on trap entry/exit

On Tue, Dec 12, 2023 at 04:53:48PM -0800, Palmer Dabbelt wrote:
>On Tue, 12 Dec 2023 15:49:25 PST (-0800), debug@...osinc.com wrote:
>>envcfg CSR defines enabling bits for cache management instructions and soon
>>will control enabling for control flow integrity and pointer masking features.
>>
>>Control flow integrity and pointer masking features need to be enabled on per
>>thread basis. Additionally, I believe cache management instructions need to be
>>enabled on per thread basis. As an example a seccomped task on riscv may be
>>restricted to not use cache management instructions
>
>Do we have anything in the kernel that actually does that?  Generally 
>we need some use, I couldn't find any user-mode writable envcfg bits 
>in any extesions I looked at (admittidly just CFI and pointer 
>masking), and unless I'm missing something there's no per-thread state 
>in the kernel.
>

Cache management operations?
As of now kernel blindly enables that for all the user mode. It will be good if
that is enabled on per-thread basis. Sure, all threads can have it enabled by
default. But if strict seccomp is enabled, I would argue that cache management
operations for that thread to be disabled as is done on other arches. As an
example x86 disable rdtsc on strict seccomp. 
RISCV allows this CMO extension and I expect CMO to leverage this (currently it
doesn't).

I was being opportunistic here so that I can reduce number of patches on CFI
enabling patchset.

Will it be okay if I revise this patch to include with a usecase to restrict CMO
(say for case of strict seccomp on risc-v)?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ