| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <5bddbb34-4081-494b-8c12-c2e70898a608@intel.com> Date: Thu, 18 Jan 2024 14:02:08 -0800 From: Dave Hansen <dave.hansen@...el.com> To: Thomas Gleixner <tglx@...utronix.de>, Andrei Vagin <avagin@...il.com> Cc: Andrei Vagin <avagin@...gle.com>, Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>, Dave Hansen <dave.hansen@...ux.intel.com>, LKML <linux-kernel@...r.kernel.org>, x86@...nel.org, "H. Peter Anvin" <hpa@...or.com> Subject: Re: [PATCH] x86/fpu: verify xstate buffer size according with requested features On 1/18/24 11:54, Thomas Gleixner wrote: > On Thu, Jan 18 2024 at 10:27, Dave Hansen wrote: >> If we have nice, reliable fault handling and then decide that we've got >> XRSTOR's running amok reading random memory all over the place that need >> a nicer error message, then we can add that code to predict the future. >> If our "predict the future" code goes wrong, then we lose an error >> message -- not a big deal. > After staring more at it, it's arguable to pass fpstate->user_size to > fault_in_readable() and ignore fx_sw->xstate_size completely. > > That's a guaranteed to be reliable size which prevents endless loops > because arguably that's the maximum size which can be touched by XRSTOR, > no? I like it. It takes fx_sw completely out of the picture, which was the root of the problem in the first place.
Powered by blists - more mailing lists