lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20170312214033.7zllfclxtjvewo2c@pd.tnic> Date: Sun, 12 Mar 2017 22:40:33 +0100 From: Borislav Petkov <bp@...e.de> To: Linus Torvalds <torvalds@...ux-foundation.org>, Thomas Gleixner <tglx@...utronix.de> Cc: Daniel Borkmann <daniel@...earbox.net>, Kees Cook <keescook@...omium.org>, Laura Abbott <labbott@...hat.com>, Ingo Molnar <mingo@...nel.org>, Peter Anvin <hpa@...or.com>, Fengguang Wu <fengguang.wu@...el.com>, Network Development <netdev@...r.kernel.org>, LKML <linux-kernel@...r.kernel.org>, LKP <lkp@...org>, ast@...com, the arch/x86 maintainers <x86@...nel.org>, "David S. Miller" <davem@...emloft.net> Subject: Re: [net/bpf] 3051bf36c2 BUG: unable to handle kernel paging request at 0000a7cf On Thu, Mar 09, 2017 at 03:26:02PM -0800, Linus Torvalds wrote: > Maybe it's the lguest games with PGE that need to be removed? Btw, tglx suggested something else the other day: warn when we're changing boot_cpu_data x86_capability bits *after* alternatives have run. The reasoning behind it being that potentially some patching static_cpu_has() has done won't be correct anymore. And it is pretty cheap to do it, it fires nicely on the 32-bit config with LGUEST=y. --- diff --git a/arch/x86/include/asm/cpufeature.h b/arch/x86/include/asm/cpufeature.h index d59c15c3defd..f06c3dc6db70 100644 --- a/arch/x86/include/asm/cpufeature.h +++ b/arch/x86/include/asm/cpufeature.h @@ -124,8 +124,18 @@ extern const char * const x86_bug_flags[NBUGINTS*32]; #define boot_cpu_has(bit) cpu_has(&boot_cpu_data, bit) -#define set_cpu_cap(c, bit) set_bit(bit, (unsigned long *)((c)->x86_capability)) -#define clear_cpu_cap(c, bit) clear_bit(bit, (unsigned long *)((c)->x86_capability)) +#define set_cpu_cap(c, bit) \ +({ \ + WARN_ON(c == &boot_cpu_data && alternatives_patched); \ + set_bit(bit, (unsigned long *)((c)->x86_capability)); \ +}) + +#define clear_cpu_cap(c, bit) \ +({ \ + WARN_ON(c == &boot_cpu_data && alternatives_patched); \ + clear_bit(bit, (unsigned long *)((c)->x86_capability)); \ +}) + #define setup_clear_cpu_cap(bit) do { \ clear_cpu_cap(&boot_cpu_data, bit); \ set_bit(bit, (unsigned long *)cpu_caps_cleared); \ -- Regards/Gruss, Boris. SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg) --
Powered by blists - more mailing lists