lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <5987ac95e4011c2b71d1c3cce13872571cff3ac7.camel@surriel.com>
Date: Tue, 03 Jun 2025 17:20:56 -0400
From: Rik van Riel <riel@...riel.com>
To: Dave Hansen <dave.hansen@...el.com>, linux-kernel@...r.kernel.org
Cc: kernel-team@...a.com, dave.hansen@...ux.intel.com, luto@...nel.org, 
	peterz@...radead.org, bp@...en8.de, x86@...nel.org, yu-cheng.yu@...el.com,
 Rik van Riel <riel@...a.com>, stable@...nel.org
Subject: Re: [PATCH 1/3] x86/mm: Fix potential overflow in
 user_pcid_flush_mask

On Mon, 2025-06-02 at 09:55 -0700, Dave Hansen wrote:
> On 6/2/25 06:30, Rik van Riel wrote:
> > 
> > @@ -149,6 +166,15 @@ struct tlb_state {
> >  	 * context 0.
> >  	 */
> >  	struct tlb_context ctxs[TLB_NR_DYN_ASIDS];
> > +
> > +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
> > +	/*
> > +	 * Mask that contains TLB_NR_DYN_ASIDS+1 bits to indicate
> > +	 * the corresponding user PCID needs a flush next time we
> > +	 * switch to it; see SWITCH_TO_USER_CR3.
> > +	 */
> > +	unsigned long user_pcid_flush_mask[CR3_AVAIL_PCID_LONGS];
> > +#endif
> >  };
> >  DECLARE_PER_CPU_ALIGNED(struct tlb_state, cpu_tlbstate);
> 
> This adds an #ifdef. I guess it makes sense to do it for the now
> larger
> user_pcid_flush_mask[] while it didn't for a single long. But that's
> another logically separate bit that adds complexity to reading this
> whole mess.
> 
> Honestly, I'd just leave this out for the bug fix. If someone really
> cares, we can come back and fix it up in mainline.

I added the #ifdef at Ingo's request.

I am happy to do the code in any way you two can
agree on, but we should probably avoid the back
and forth over many versions thing :)

> 
> > diff --git a/arch/x86/kernel/asm-offsets.c b/arch/x86/kernel/asm-
> > offsets.c
> > index 6259b474073b..8c41a2e5a53e 100644
> > --- a/arch/x86/kernel/asm-offsets.c
> > +++ b/arch/x86/kernel/asm-offsets.c
> > @@ -103,8 +103,10 @@ static void __used common(void)
> >  	BLANK();
> >  	DEFINE(PTREGS_SIZE, sizeof(struct pt_regs));
> >  
> > +#ifdef CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
> >  	/* TLB state for the entry code */
> >  	OFFSET(TLB_STATE_user_pcid_flush_mask, tlb_state,
> > user_pcid_flush_mask);
> > +#endif
> 
> Because it necessitates this hunk too...

I agree this isn't the prettiest, but then again
asm-offsets.c isn't code people will be reading
a lot?


-- 
All Rights Reversed.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ