On Tue, Feb 6, 2018 at 4:33 PM, Dan Williams wrote:
>
> Should we go with array_element_nospec() in the meantime? So we're not
> depending on jump labels? With the constraint fix and killing that
> superfluous AND the assembly is now:
>
> e26: 48 81 fd 4d 01
On Tue, Feb 6, 2018 at 4:33 PM, Dan Williams wrote:
>
> Should we go with array_element_nospec() in the meantime? So we're not
> depending on jump labels? With the constraint fix and killing that
> superfluous AND the assembly is now:
>
> e26: 48 81 fd 4d 01 00 00cmp$0x14d,%rbp
On Tue, Feb 6, 2018 at 2:52 PM, Linus Torvalds
wrote:
> On Tue, Feb 6, 2018 at 1:37 PM, Dan Williams wrote:
>>
>> At that point we're basically just back to the array_ptr() version
>> that returned a sanitized pointer to an array element.
On Tue, Feb 6, 2018 at 2:52 PM, Linus Torvalds
wrote:
> On Tue, Feb 6, 2018 at 1:37 PM, Dan Williams wrote:
>>
>> At that point we're basically just back to the array_ptr() version
>> that returned a sanitized pointer to an array element.
>
> .. that one does an extra unnecessary 'andq' instead
On Tue, Feb 6, 2018 at 1:37 PM, Dan Williams wrote:
>
> At that point we're basically just back to the array_ptr() version
> that returned a sanitized pointer to an array element.
.. that one does an extra unnecessary 'andq' instead of the duplicated
cmp. But at least
On Tue, Feb 6, 2018 at 1:37 PM, Dan Williams wrote:
>
> At that point we're basically just back to the array_ptr() version
> that returned a sanitized pointer to an array element.
.. that one does an extra unnecessary 'andq' instead of the duplicated
cmp. But at least it avoids comparing that
On Tue, Feb 06, 2018 at 11:48:45AM -0800, Dan Williams wrote:
> On Tue, Feb 6, 2018 at 11:29 AM, Luis Henriques wrote:
> > On Thu, Jan 18, 2018 at 04:02:21PM -0800, Dan Williams wrote:
> >> The syscall table base is a user controlled function pointer in kernel
> >> space.
On Tue, Feb 06, 2018 at 11:48:45AM -0800, Dan Williams wrote:
> On Tue, Feb 6, 2018 at 11:29 AM, Luis Henriques wrote:
> > On Thu, Jan 18, 2018 at 04:02:21PM -0800, Dan Williams wrote:
> >> The syscall table base is a user controlled function pointer in kernel
> >> space. Like, 'get_user, use
On Tue, Feb 6, 2018 at 12:58 PM, Linus Torvalds
wrote:
> On Tue, Feb 6, 2018 at 12:49 PM, Andy Lutomirski wrote:
>>
>> Can you use @cc to make an asm statement that outputs both the masked
>> array index and the "if" condition? I can never
On Tue, Feb 6, 2018 at 12:58 PM, Linus Torvalds
wrote:
> On Tue, Feb 6, 2018 at 12:49 PM, Andy Lutomirski wrote:
>>
>> Can you use @cc to make an asm statement that outputs both the masked
>> array index and the "if" condition? I can never remember the syntax,
>> but something like:
>
> Yes.
On Tue, Feb 6, 2018 at 12:49 PM, Andy Lutomirski wrote:
>
> Can you use @cc to make an asm statement that outputs both the masked
> array index and the "if" condition? I can never remember the syntax,
> but something like:
Yes. Although I'd actually suggest just using an "asm
On Tue, Feb 6, 2018 at 12:49 PM, Andy Lutomirski wrote:
>
> Can you use @cc to make an asm statement that outputs both the masked
> array index and the "if" condition? I can never remember the syntax,
> but something like:
Yes. Although I'd actually suggest just using an "asm goto" if we
really
On Tue, Feb 6, 2018 at 8:42 PM, Linus Torvalds
wrote:
> On Tue, Feb 6, 2018 at 12:37 PM, Dan Williams
> wrote:
>>
>> Are there any compilers that would miscompile:
>>
>> mask = 0 - (index < size);
>>
>> That might be a way to improve
On Tue, Feb 6, 2018 at 8:42 PM, Linus Torvalds
wrote:
> On Tue, Feb 6, 2018 at 12:37 PM, Dan Williams
> wrote:
>>
>> Are there any compilers that would miscompile:
>>
>> mask = 0 - (index < size);
>>
>> That might be a way to improve the assembly.
>
> Sadly, that is *very* easy to
On Tue, Feb 6, 2018 at 12:42 PM, Linus Torvalds
wrote:
>
> Sadly, that is *very* easy to miscompile.
Side note: don't read email, go watch the falcon heavy takeoff.
Linus
On Tue, Feb 6, 2018 at 12:42 PM, Linus Torvalds
wrote:
>
> Sadly, that is *very* easy to miscompile.
Side note: don't read email, go watch the falcon heavy takeoff.
Linus
On Tue, Feb 6, 2018 at 12:37 PM, Dan Williams wrote:
>
> Are there any compilers that would miscompile:
>
> mask = 0 - (index < size);
>
> That might be a way to improve the assembly.
Sadly, that is *very* easy to miscompile. In fact, I'd be very
surprised indeed if
On Tue, Feb 6, 2018 at 12:37 PM, Dan Williams wrote:
>
> Are there any compilers that would miscompile:
>
> mask = 0 - (index < size);
>
> That might be a way to improve the assembly.
Sadly, that is *very* easy to miscompile. In fact, I'd be very
surprised indeed if any compiler worth its
On Tue, Feb 6, 2018 at 12:26 PM, Linus Torvalds
wrote:
> On Tue, Feb 6, 2018 at 11:48 AM, Dan Williams
> wrote:
>>
>> Just to clarify, when you say "this patch" you mean:
>>
>> 2fbd7af5af86 x86/syscall: Sanitize syscall table
On Tue, Feb 6, 2018 at 12:26 PM, Linus Torvalds
wrote:
> On Tue, Feb 6, 2018 at 11:48 AM, Dan Williams
> wrote:
>>
>> Just to clarify, when you say "this patch" you mean:
>>
>> 2fbd7af5af86 x86/syscall: Sanitize syscall table de-references
>> under speculation
>>
>> ...not this early
On Tue, Feb 6, 2018 at 11:48 AM, Dan Williams wrote:
>
> Just to clarify, when you say "this patch" you mean:
>
> 2fbd7af5af86 x86/syscall: Sanitize syscall table de-references
> under speculation
>
> ...not this early MASK_NOSPEC version of the patch, right?
I
On Tue, Feb 6, 2018 at 11:48 AM, Dan Williams wrote:
>
> Just to clarify, when you say "this patch" you mean:
>
> 2fbd7af5af86 x86/syscall: Sanitize syscall table de-references
> under speculation
>
> ...not this early MASK_NOSPEC version of the patch, right?
I suspect not. If that patch is
On Tue, Feb 6, 2018 at 11:29 AM, Luis Henriques wrote:
> On Thu, Jan 18, 2018 at 04:02:21PM -0800, Dan Williams wrote:
>> The syscall table base is a user controlled function pointer in kernel
>> space. Like, 'get_user, use 'MASK_NOSPEC' to prevent any out of bounds
>>
On Tue, Feb 6, 2018 at 11:29 AM, Luis Henriques wrote:
> On Thu, Jan 18, 2018 at 04:02:21PM -0800, Dan Williams wrote:
>> The syscall table base is a user controlled function pointer in kernel
>> space. Like, 'get_user, use 'MASK_NOSPEC' to prevent any out of bounds
>> speculation. While
On Thu, Jan 18, 2018 at 04:02:21PM -0800, Dan Williams wrote:
> The syscall table base is a user controlled function pointer in kernel
> space. Like, 'get_user, use 'MASK_NOSPEC' to prevent any out of bounds
> speculation. While retpoline prevents speculating into the user
> controlled target it
On Thu, Jan 18, 2018 at 04:02:21PM -0800, Dan Williams wrote:
> The syscall table base is a user controlled function pointer in kernel
> space. Like, 'get_user, use 'MASK_NOSPEC' to prevent any out of bounds
> speculation. While retpoline prevents speculating into the user
> controlled target it
On 01/19/2018, 01:02 AM, Dan Williams wrote:
> The syscall table base is a user controlled function pointer in kernel
> space. Like, 'get_user, use 'MASK_NOSPEC' to prevent any out of bounds
> speculation. While retpoline prevents speculating into the user
> controlled target it does not stop the
On 01/19/2018, 01:02 AM, Dan Williams wrote:
> The syscall table base is a user controlled function pointer in kernel
> space. Like, 'get_user, use 'MASK_NOSPEC' to prevent any out of bounds
> speculation. While retpoline prevents speculating into the user
> controlled target it does not stop the
The syscall table base is a user controlled function pointer in kernel
space. Like, 'get_user, use 'MASK_NOSPEC' to prevent any out of bounds
speculation. While retpoline prevents speculating into the user
controlled target it does not stop the pointer de-reference, the concern
is leaking memory
The syscall table base is a user controlled function pointer in kernel
space. Like, 'get_user, use 'MASK_NOSPEC' to prevent any out of bounds
speculation. While retpoline prevents speculating into the user
controlled target it does not stop the pointer de-reference, the concern
is leaking memory
30 matches
Mail list logo