From mboxrd@z Thu Jan  1 00:00:00 1970
Return-path: <ak@linux.intel.com>
Received: from mga09.intel.com ([134.134.136.24])
	by Galois.linutronix.de with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256)
	(Exim 4.80)
	(envelope-from <ak@linux.intel.com>)
	id 1fC7Vi-0005zK-BX
	for speck@linutronix.de; Fri, 27 Apr 2018 19:50:19 +0200
Date: Fri, 27 Apr 2018 10:50:14 -0700
From: Andi Kleen <ak@linux.intel.com>
Subject: [MODERATED] Re: [PATCH v2] Linux Patch 1/1
Message-ID: <20180427175014.GC75137@tassilo.jf.intel.com>
References: <92c45587-5eb3-2421-6fc1-42e74a715e30@linux.intel.com>
 <alpine.DEB.2.21.1804271712160.2076@nanos.tec.linutronix.de>
 <20180427164743.GA14180@pd.tnic>
 <6e2b14fc-3bf6-071d-6ce2-e518f2c4f069@redhat.com>
 <20180427173221.GB14180@pd.tnic>
MIME-Version: 1.0
In-Reply-To: <20180427173221.GB14180@pd.tnic>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
To: speck@linutronix.de
List-ID: <speck.linutronix.de>

On Fri, Apr 27, 2018 at 07:32:21PM +0200, speck for Borislav Petkov wrote:
> On Fri, Apr 27, 2018 at 01:13:03PM -0400, speck for Jon Masters wrote:
> > My opinion is this needs to be a prctl that a vulnerable application can
> > set. It can be a one-way thing that's set/inherited by children, etc.
> 
> If the task does prctl, it *must* at least be a one-way thing because,
> as jikos said, if a malicious attacker can trick it into calling prctl()
> again to turn MD back on, the whole dance we're doing is useless.

If you can trick someone to call prctl you can also trick them 
to execute other code. No need to use SSB and other complicated
side channel methods then. The game is already over.

-Andi