From: Ingo Molnar <mingo@kernel.org>
To: Ricardo Neri <ricardo.neri-calderon@linux.intel.com>
Cc: Thomas Gleixner <tglx@linutronix.de>,
"H. Peter Anvin" <hpa@zytor.com>, Borislav Petkov <bp@suse.de>,
Andy Lutomirski <luto@kernel.org>,
Tony Luck <tony.luck@intel.com>,
Paolo Bonzini <pbonzini@redhat.com>,
"Ravi V. Shankar" <ravi.v.shankar@intel.com>,
x86@kernel.org, ricardo.neri@intel.com,
linux-kernel@vger.kernel.org
Subject: Re: [RESEND PATCH v2 4/4] x86/umip: Warn if UMIP-protected instructions are used
Date: Tue, 14 Nov 2017 08:34:08 +0100 [thread overview]
Message-ID: <20171114073408.tir3raeas7ouvyzp@gmail.com> (raw)
In-Reply-To: <1510640985-18412-5-git-send-email-ricardo.neri-calderon@linux.intel.com>
* Ricardo Neri <ricardo.neri-calderon@linux.intel.com> wrote:
> +const char * const umip_insns[5] = {
> + [UMIP_INST_SGDT] = "sgdt",
> + [UMIP_INST_SIDT] = "sidt",
> + [UMIP_INST_SMSW] = "smsw",
> + [UMIP_INST_SLDT] = "sldt",
> + [UMIP_INST_STR] = "str",
> +};
Sigh ...
> +/*
> + * If you change these strings, ensure that buffers using them are sufficiently
> + * large.
> + */
> +static const char umip_warn_use[] = "cannot be used by applications.";
> +static const char umip_warn_emu[] = "For now, expensive software emulation returns result.";
Please use the string literals directly, don't add an extra obfuscation layer.
Plus:
> + unsigned char buf[MAX_INSN_SIZE], warn[128];
> + snprintf(warn, sizeof(warn), "%s %s", umip_insns[umip_inst],
> + umip_warn_use);
This is incredibly fragile against future buffer overflows, and warning about it
in comments does not make it less fragile!
Thanks,
Ingo
next prev parent reply other threads:[~2017-11-14 7:34 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-11-14 6:29 [RESEND PATCH v2 0/4] x86: Tweaks for UMIP Ricardo Neri
2017-11-14 6:29 ` [RESEND PATCH v2 1/4] x86/umip: Select X86_INTEL_UMIP by default Ricardo Neri
2017-11-14 9:30 ` [tip:x86/urgent] " tip-bot for Ricardo Neri
2017-11-14 6:29 ` [RESEND PATCH v2 2/4] x86/umip: Inform that UMIP has been enabled Ricardo Neri
2017-11-14 9:31 ` [tip:x86/urgent] x86/umip: Print a line in the boot log " tip-bot for Ricardo Neri
2017-11-14 6:29 ` [RESEND PATCH v2 3/4] x86/umip: Identify the str and sldt instructions Ricardo Neri
2017-11-14 7:21 ` Ingo Molnar
2017-11-15 2:44 ` Ricardo Neri
2017-11-14 9:31 ` [tip:x86/urgent] x86/umip: Identify the STR and SLDT instructions tip-bot for Ricardo Neri
2017-11-14 6:29 ` [RESEND PATCH v2 4/4] x86/umip: Warn if UMIP-protected instructions are used Ricardo Neri
2017-11-14 7:34 ` Ingo Molnar [this message]
2017-11-15 2:56 ` Ricardo Neri
2017-11-15 8:41 ` Ingo Molnar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171114073408.tir3raeas7ouvyzp@gmail.com \
--to=mingo@kernel.org \
--cc=bp@suse.de \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=pbonzini@redhat.com \
--cc=ravi.v.shankar@intel.com \
--cc=ricardo.neri-calderon@linux.intel.com \
--cc=ricardo.neri@intel.com \
--cc=tglx@linutronix.de \
--cc=tony.luck@intel.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.