lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 01 Jan 2019 13:17:06 -0800 (PST)
From:   David Miller <davem@...emloft.net>
To:     daniel@...earbox.net
Cc:     ast@...nel.org, jannh@...gle.com, netdev@...r.kernel.org
Subject: Re: [PATCH bpf 3/9] bpf: enable access to ax register also from
 verifier rewrite

From: Daniel Borkmann <daniel@...earbox.net>
Date: Tue,  1 Jan 2019 21:49:19 +0100

> diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c
> index a34312a..4e6f29a 100644
> --- a/kernel/bpf/core.c
> +++ b/kernel/bpf/core.c
> @@ -858,6 +858,26 @@ static int bpf_jit_blind_insn(const struct bpf_insn *from,
>  	BUILD_BUG_ON(BPF_REG_AX  + 1 != MAX_BPF_JIT_REG);
>  	BUILD_BUG_ON(MAX_BPF_REG + 1 != MAX_BPF_JIT_REG);
>  
> +	/* Constraints on AX register:
> +	 *
> +	 * AX register is inaccessible from user space. It is mapped in
> +	 * all JITs, and used here for constant blinding rewrites. It is
> +	 * typically "stateless" meaning its contents are only valid within
> +	 * the executed instruction, but not across several instructions.
> +	 * There are a few exceptions however which are further detailled
                                                                ^^^^^^^^^

Typo, should be "detailed".

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ