lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240913191022.fqipwsazkkrm5x67@desk>
Date: Fri, 13 Sep 2024 12:10:22 -0700
From: Pawan Gupta <pawan.kumar.gupta@...ux.intel.com>
To: Dave Hansen <dave.hansen@...el.com>
Cc: Borislav Petkov <bp@...en8.de>,
	Dave Hansen <dave.hansen@...ux.intel.com>,
	linux-kernel@...r.kernel.org, x86@...nel.org,
	Robert Gill <rtgill82@...il.com>,
	Jari Ruusu <jariruusu@...tonmail.com>,
	Brian Gerst <brgerst@...il.com>,
	"Linux regression tracking (Thorsten Leemhuis)" <regressions@...mhuis.info>,
	antonio.gomez.iglesias@...ux.intel.com,
	daniel.sneddon@...ux.intel.com
Subject: Re: [PATCH v6 1/3] x86/entry_32: Do not clobber user EFLAGS.ZF

On Thu, Sep 12, 2024 at 10:45:23AM -0700, Dave Hansen wrote:
> On 9/5/24 09:00, Pawan Gupta wrote:
> > Opportunistic SYSEXIT executes VERW to clear CPU buffers after user EFLAGS
> > are restored. This can clobber user EFLAGS.ZF.
> > 
> > Move CLEAR_CPU_BUFFERS before the user EFLAGS are restored. This ensures
> > that the user EFLAGS.ZF is not clobbered.
> 
> Just to be clear, the new (later) location is also safe for RFDS because
> it only exposes the contents of EFLAGS (not sensitive) and RAX.

Right.

> RAX might leak the old or new values of CR3, which do not seem super
> valuable to me.
> 
> Acked-by: Dave Hansen <dave.hansen@...ux.intel.com>

Thanks.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ