lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20250529180352.1935517-1-dave.hansen@linux.intel.com>
Date: Thu, 29 May 2025 11:03:52 -0700
From: Dave Hansen <dave.hansen@...ux.intel.com>
To: torvalds@...ux-foundation.org
Cc: x86@...nel.org,
	linux-kernel@...r.kernel.org,
	Dave Hansen <dave.hansen@...ux.intel.com>
Subject: [GIT PULL] x86/sgx for 6.16-rc1

Hi Linus,

Continuing the trend of a slow dribble of SGX updates, please pull a
couple x86/sgx changes for 6.16-rc1.

The first one is a no-brainer to use the (simple) SHA-256 library.

For the second one, some folks doing testing noticed that SGX systems
under memory pressure were inducing fatal machine checks at pretty
unnerving rates, despite the SGX code having _some_ awareness of
memory poison. Turns out that the SGX reclaim path was not checking
for poison _and_ it always accesses memory to copy it around. Make
sure that poisoned pages are not reclaimed.

--

The following changes since commit b4432656b36e5cc1d50a1f2dc15357543add530e:

  Linux 6.15-rc4 (2025-04-27 15:19:23 -0700)

are available in the Git repository at:

  https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git tags/x86_sgx_for_6.16-rc1

for you to fetch changes up to ed16618c380c32c68c06186d0ccbb0d5e0586e59:

  x86/sgx: Prevent attempts to reclaim poisoned pages (2025-05-15 19:01:45 +0200)

----------------------------------------------------------------
 * Make SGX less likely to induce fatal machine checks
 * Use much more compact SHA-256 library API

----------------------------------------------------------------
Andrew Zaborowski (1):
      x86/sgx: Prevent attempts to reclaim poisoned pages

Eric Biggers (1):
      x86/sgx: Use SHA-256 library API instead of crypto_shash API

 arch/x86/Kconfig                 |  3 +--
 arch/x86/kernel/cpu/sgx/driver.h |  1 -
 arch/x86/kernel/cpu/sgx/ioctl.c  | 30 ++----------------------------
 arch/x86/kernel/cpu/sgx/main.c   |  2 ++
 4 files changed, 5 insertions(+), 31 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ