lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <bd81a98b-f8d4-4304-ac55-d4151a1a77ab@intel.com>
Date: Mon, 23 Jun 2025 08:32:53 -0700
From: Dave Hansen <dave.hansen@...el.com>
To: "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>
Cc: Andrew Cooper <andrew.cooper3@...rix.com>, acme@...hat.com, aik@....com,
 akpm@...ux-foundation.org, alexander.shishkin@...ux.intel.com,
 ardb@...nel.org, ast@...nel.org, bp@...en8.de, brijesh.singh@....com,
 changbin.du@...wei.com, christophe.leroy@...roup.eu, corbet@....net,
 daniel.sneddon@...ux.intel.com, dave.hansen@...ux.intel.com,
 ebiggers@...gle.com, geert+renesas@...der.be, houtao1@...wei.com,
 hpa@...or.com, jgg@...pe.ca, jgross@...e.com, jpoimboe@...nel.org,
 kai.huang@...el.com, kees@...nel.org, leitao@...ian.org,
 linux-doc@...r.kernel.org, linux-efi@...r.kernel.org,
 linux-kernel@...r.kernel.org, linux-mm@...ck.org, linux@...musvillemoes.dk,
 luto@...nel.org, mcgrof@...nel.org, mhiramat@...nel.org,
 michael.roth@....com, mingo@...nel.org, mingo@...hat.com,
 namhyung@...nel.org, paulmck@...nel.org, pawan.kumar.gupta@...ux.intel.com,
 peterz@...radead.org, rick.p.edgecombe@...el.com, rppt@...nel.org,
 sandipan.das@....com, shijie@...amperecomputing.com, sohil.mehta@...el.com,
 tglx@...utronix.de, tj@...nel.org, tony.luck@...el.com,
 vegard.nossum@...cle.com, x86@...nel.org, xin3.li@...el.com,
 xiongwei.song@...driver.com, ytcoode@...il.com
Subject: Re: [PATCHv6 07/16] x86/vsyscall: Reorganize the #PF emulation code

On 6/23/25 05:41, Kirill A. Shutemov wrote:
> So, IIUC, that's dependency of vsyscall PF on NX. Do we want to disable
> vsyscall on boot if NX is not available?

Well, vsyscall=none can break old userspace, so forcing it on old
hardware doesn't seem like a great idea.

But, either way, this doesn't really appear to be a LASS issue. This code:

>         if (!(error_code & X86_PF_INSTR)) {
>                 /* Failed vsyscall read */
>                 if (vsyscall_mode == EMULATE)
>                         return false;

Is really asking the question:

	Is this #PF from an instruction fetch in the vsyscall page?

That _should_ be able to be done by comparing CR2 and regs->rip. In
fact, that's done just below anyway:

	WARN_ON_ONCE(address != regs->ip);

So I think we can fix this up with something like the attached patch
which just drives the if() from regs->rip and make the warning NX-only.

But this code has been like this a long time and I'm 99% sure the x86
selftests poke at all these cases. I'm curious what they do on those old
P4's (or a 64-bit VM with NX turned off), but it's not super important
either way.
View attachment "vsyscall-nx.patch" of type "text/x-patch" (1152 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ