lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <9f4927cb-e8c1-4b97-b9b6-145172b469e0@zytor.com>
Date: Mon, 29 Apr 2024 13:57:00 -0700
From: "H. Peter Anvin" <hpa@...or.com>
To: Kees Cook <keescook@...omium.org>
Cc: Xin Li <xin@...or.com>, Andrew Lutomirski <luto@...nel.org>,
        Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>,
        Borislav Petkov <bp@...en8.de>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        LKML <linux-kernel@...r.kernel.org>, "x86@...nel.org" <x86@...nel.org>
Subject: Re: x86: dynamic pt_regs pointer and kernel stack randomization

On 4/29/24 09:09, Kees Cook wrote:
> 
> If I'm understanding FRED correctly, I think this exit path
> would need to call choose_random_kstack_offset() as well. (For
> syscalls, add_random_kstack_offset() is used on entry and
> choose_random_kstack_offset() is used on exit, so I think we'd want the
> same pattern for interrupt handling.)
> 

Yes, I didn't include it in here because it doesn't affect the assembly 
flow per se, since it "simply" sets up the parameters for the next entry 
and so at least logically can be executed more or less anywhere.

> Yeah, I'd like greater coverage for ring 3->0 transitions. We do want to
> double-check the original design choices, though. I *think* they still
> stand (see the comments for choose_random_kstack_offset() about entropy
> location (per-cpu area), and lifetime (across userspace execution).

Yeah, I'm not super sure of what exactly the constraints really are; 
they are written in a way that signals to me that there is implied 
context that isn't clear to me, especially the bit about "long running 
syscalls".

	-hpa

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ