Re: [tip:x86/mpx] x86/insn-eval: Add utility function to get segment descriptor

2017-12-07 Thread Borislav Petkov
On Wed, Dec 06, 2017 at 11:23:59PM -0800, Ricardo Neri wrote: > In UMIP emulation we can potentially access the LDT twice. Once when > determining the base address of the code segment and again when determining > the base address and limit of the segment in which the result of the > emulation is

Re: [tip:x86/mpx] x86/insn-eval: Add utility function to get segment descriptor

2017-12-07 Thread Borislav Petkov
On Wed, Dec 06, 2017 at 11:23:59PM -0800, Ricardo Neri wrote: > In UMIP emulation we can potentially access the LDT twice. Once when > determining the base address of the code segment and again when determining > the base address and limit of the segment in which the result of the > emulation is

Re: [tip:x86/mpx] x86/insn-eval: Add utility function to get segment descriptor

2017-12-07 Thread Borislav Petkov
On Wed, Dec 06, 2017 at 11:26:05PM -0800, Ricardo Neri wrote: > At the moment MPX and UMIP are using the insn-eval decoder to determine > linear addresses. If we're keeping a whole instruction decoder in the kernel, it better be designed generically enough and usable (and used) by everything that

Re: [tip:x86/mpx] x86/insn-eval: Add utility function to get segment descriptor

2017-12-07 Thread Borislav Petkov
On Wed, Dec 06, 2017 at 11:26:05PM -0800, Ricardo Neri wrote: > At the moment MPX and UMIP are using the insn-eval decoder to determine > linear addresses. If we're keeping a whole instruction decoder in the kernel, it better be designed generically enough and usable (and used) by everything that

Re: [tip:x86/mpx] x86/insn-eval: Add utility function to get segment descriptor

2017-12-06 Thread Ricardo Neri
On Tue, Dec 05, 2017 at 10:29:33PM +0100, Borislav Petkov wrote: > On Tue, Dec 05, 2017 at 07:38:45PM +0100, Peter Zijlstra wrote: > > Sorry what? So either this code is broken because it has IRQs enabled, > > or its broken because its trying to acquire a mutex with IRQs disabled. > > Which is it?

Re: [tip:x86/mpx] x86/insn-eval: Add utility function to get segment descriptor

2017-12-06 Thread Ricardo Neri
On Tue, Dec 05, 2017 at 10:29:33PM +0100, Borislav Petkov wrote: > On Tue, Dec 05, 2017 at 07:38:45PM +0100, Peter Zijlstra wrote: > > Sorry what? So either this code is broken because it has IRQs enabled, > > or its broken because its trying to acquire a mutex with IRQs disabled. > > Which is it?

Re: [tip:x86/mpx] x86/insn-eval: Add utility function to get segment descriptor

2017-12-06 Thread Ricardo Neri
On Tue, Dec 05, 2017 at 07:14:56PM +0100, Borislav Petkov wrote: > > But, if other code is going to use those functions - and I believe > that's the idea - otherwise they wouldn't be in arch/x86/lib/ At the moment MPX and UMIP are using the insn-eval decoder to determine linear addresses.

Re: [tip:x86/mpx] x86/insn-eval: Add utility function to get segment descriptor

2017-12-06 Thread Ricardo Neri
On Tue, Dec 05, 2017 at 07:14:56PM +0100, Borislav Petkov wrote: > > But, if other code is going to use those functions - and I believe > that's the idea - otherwise they wouldn't be in arch/x86/lib/ At the moment MPX and UMIP are using the insn-eval decoder to determine linear addresses.

Re: [tip:x86/mpx] x86/insn-eval: Add utility function to get segment descriptor

2017-12-05 Thread Borislav Petkov
On Tue, Dec 05, 2017 at 07:38:45PM +0100, Peter Zijlstra wrote: > Sorry what? So either this code is broken because it has IRQs enabled, > or its broken because its trying to acquire a mutex with IRQs disabled. > Which is it? Well, lemme try to sum up what Peter, Thomas and I discussed on IRC:

Re: [tip:x86/mpx] x86/insn-eval: Add utility function to get segment descriptor

2017-12-05 Thread Borislav Petkov
On Tue, Dec 05, 2017 at 07:38:45PM +0100, Peter Zijlstra wrote: > Sorry what? So either this code is broken because it has IRQs enabled, > or its broken because its trying to acquire a mutex with IRQs disabled. > Which is it? Well, lemme try to sum up what Peter, Thomas and I discussed on IRC:

Re: [tip:x86/mpx] x86/insn-eval: Add utility function to get segment descriptor

2017-12-05 Thread Peter Zijlstra
On Tue, Dec 05, 2017 at 07:14:56PM +0100, Borislav Petkov wrote: > On Tue, Dec 05, 2017 at 06:48:44PM +0100, Peter Zijlstra wrote: > > This is broken right? You unlock and then return @desc, which afaict can > > at that point get freed by free_ldt_struct(). > > > > Something like the below ought

Re: [tip:x86/mpx] x86/insn-eval: Add utility function to get segment descriptor

2017-12-05 Thread Peter Zijlstra
On Tue, Dec 05, 2017 at 07:14:56PM +0100, Borislav Petkov wrote: > On Tue, Dec 05, 2017 at 06:48:44PM +0100, Peter Zijlstra wrote: > > This is broken right? You unlock and then return @desc, which afaict can > > at that point get freed by free_ldt_struct(). > > > > Something like the below ought

Re: [tip:x86/mpx] x86/insn-eval: Add utility function to get segment descriptor

2017-12-05 Thread Borislav Petkov
On Tue, Dec 05, 2017 at 06:48:44PM +0100, Peter Zijlstra wrote: > This is broken right? You unlock and then return @desc, which afaict can > at that point get freed by free_ldt_struct(). > > Something like the below ought to cure; although its not entirely > pretty either. Right. Or, instead of

Re: [tip:x86/mpx] x86/insn-eval: Add utility function to get segment descriptor

2017-12-05 Thread Borislav Petkov
On Tue, Dec 05, 2017 at 06:48:44PM +0100, Peter Zijlstra wrote: > This is broken right? You unlock and then return @desc, which afaict can > at that point get freed by free_ldt_struct(). > > Something like the below ought to cure; although its not entirely > pretty either. Right. Or, instead of

Re: [tip:x86/mpx] x86/insn-eval: Add utility function to get segment descriptor

2017-12-05 Thread Peter Zijlstra
On Wed, Nov 01, 2017 at 02:00:28PM -0700, tip-bot for Ricardo Neri wrote: > +static struct desc_struct *get_desc(unsigned short sel) > +{ > + struct desc_ptr gdt_desc = {0, 0}; > + unsigned long desc_base; > + > +#ifdef CONFIG_MODIFY_LDT_SYSCALL > + if ((sel & SEGMENT_TI_MASK) ==

Re: [tip:x86/mpx] x86/insn-eval: Add utility function to get segment descriptor

2017-12-05 Thread Peter Zijlstra
On Wed, Nov 01, 2017 at 02:00:28PM -0700, tip-bot for Ricardo Neri wrote: > +static struct desc_struct *get_desc(unsigned short sel) > +{ > + struct desc_ptr gdt_desc = {0, 0}; > + unsigned long desc_base; > + > +#ifdef CONFIG_MODIFY_LDT_SYSCALL > + if ((sel & SEGMENT_TI_MASK) ==

[tip:x86/mpx] x86/insn-eval: Add utility function to get segment descriptor

2017-11-01 Thread tip-bot for Ricardo Neri
Commit-ID: 670f928ba09b06712da34a3c44be6c8fa561fb19 Gitweb: https://git.kernel.org/tip/670f928ba09b06712da34a3c44be6c8fa561fb19 Author: Ricardo Neri AuthorDate: Fri, 27 Oct 2017 13:25:41 -0700 Committer: Thomas Gleixner

[tip:x86/mpx] x86/insn-eval: Add utility function to get segment descriptor

2017-11-01 Thread tip-bot for Ricardo Neri
Commit-ID: 670f928ba09b06712da34a3c44be6c8fa561fb19 Gitweb: https://git.kernel.org/tip/670f928ba09b06712da34a3c44be6c8fa561fb19 Author: Ricardo Neri AuthorDate: Fri, 27 Oct 2017 13:25:41 -0700 Committer: Thomas Gleixner CommitDate: Wed, 1 Nov 2017 21:50:12 +0100 x86/insn-eval: Add