lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <d0162c76c25bc8e1c876aebe8e243ff2e6862359.camel@intel.com>
Date: Fri, 26 Apr 2024 16:33:31 +0000
From: "Edgecombe, Rick P" <rick.p.edgecombe@...el.com>
To: "jeffxu@...gle.com" <jeffxu@...gle.com>, "jeffxu@...omium.org"
	<jeffxu@...omium.org>
CC: "dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>,
	"x86@...nel.org" <x86@...nel.org>, "jannh@...gle.com" <jannh@...gle.com>,
	"andrew.brownsword@...cle.com" <andrew.brownsword@...cle.com>,
	"matthias.neugschwandtner@...cle.com" <matthias.neugschwandtner@...cle.com>,
	"tglx@...utronix.de" <tglx@...utronix.de>, "aruna.ramakrishna@...cle.com"
	<aruna.ramakrishna@...cle.com>, "sroettger@...gle.com"
	<sroettger@...gle.com>, "linux-kernel@...r.kernel.org"
	<linux-kernel@...r.kernel.org>, "keescook@...omium.org"
	<keescook@...omium.org>
Subject: Re: [RFC PATCH v2 1/1] x86/pkeys: update PKRU to enable pkey 0 before
 XSAVE

On Fri, 2024-04-26 at 09:13 -0700, Jeff Xu wrote:
> > > I’m wary about reordering anything here. Also, this code is not aware of
> > > the altstack permissions. I’m wondering if wrpkru(0) is needed here too.
> > > 
> > We can't change PKRU after restore_sigcontext,  the calling thread
> > would have PKRU 0, not the original PKRU from before handling the
> > signal.
> 
> probably putting restore_altstack ahead of restore_sigcontext would be
> good enough.
> restore_altstack doesn't seem to need to be after restore_sigcontex,
> it reads data
> from the sigframe and calls do_sigaltstack to update the current struct.

Just was CCed, and haven't reviewed the whole thread.

But I hit an issue with the ordering in setting up a signal frame. I noted that
the ordering in sigreturn was potentially wrong in the same way:
https://lore.kernel.org/lkml/20231107182251.91276-1-rick.p.edgecombe@intel.com/

It might be useful analysis.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ