lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <34533c4a-994a-4d4d-bcaa-b3f517c8695d@windriver.com>
Date: Mon, 23 Sep 2024 16:21:09 +0800
From: guocai he <guocai.he.cn@...driver.com>
To: Andy Lutomirski <luto@...nel.org>, Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        Dave Hansen <dave.hansen@...ux.intel.com>, x86@...nel.org,
        "H. Peter Anvin" <hpa@...or.com>, linux-kernel@...r.kernel.org
Subject: commit 55516b355b0c cause SMEP/SMAP feature not work

Andy, Thomas and all:

> branch: v5.15/standard/preempt-rt/x86
>
> commit: 55516b355b0c x86/syscall: Don't force use of indirect calls 
> for system calls
>
> I found this commit cause the intel CPU feature of SMEP/SMAP does not 
> work.
>
SMEP/SMAP is to "trick" the kernel into using instructions or data from 
a user-space program and get call trace
>
>
> testing:
>
> 1 enable SMEP/SMAP
>
> 2 in user-space, the test case source code:
>
> #include <stdio.h>
> #include <stdlib.h>
> #include <string.h>
> #include <unistd.h>
> #include <sys/mman.h>
> #include <sys/syscall.h>
> #include <errno.h>
>
> #define BUF_SIZE 128
>
> int main(int argc, char **argv)
> {
>     char *map;
>
>     map = mmap(NULL , 1024, PROT_READ|PROT_WRITE|PROT_EXEC, 
> MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
>     if (map == MAP_FAILED) {
>         printf("Failed to mmap: %s\n", strerror(errno));
>         return -1;
>     }
>
>     memset(map, 0, sizeof(BUF_SIZE));
>
>     mlockall(MCL_CURRENT);
>
>     syscall(247, map);
>
>     return 0;
> }
>

> 3 after the test case  executed, expect to get the call trace. but 
> this commit cause the test case can not find the call trace.
>
>
> do you have chance to look at this issue?
>
>
> Thanks
>
> Guocai
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ