From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.3 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8A181C4741F for ; Wed, 23 Sep 2020 22:47:31 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 4CDD123899 for ; Wed, 23 Sep 2020 22:47:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1600901251; bh=fachxeCcYA+Y90j0C9rYXFx72OerjMkaO4HvTjYJ2tY=; h=References:In-Reply-To:From:Date:Subject:To:Cc:List-ID:From; b=EV1XzDg7dM9Vh5W/lmT7PKQUQjP8HizwQ98vchQqezsFjps189VhWgKZAzgm+UT64 5rSBrh5qk9SKbaGbSjTF0MwgIw0WMr5sgHFtawGmRMgmbv+dravSOsihFahCKhiZje KFZVhqHgZv2xefnCv2YNKqfAKn5JmU06yLAlUbs4= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726381AbgIWWra (ORCPT ); Wed, 23 Sep 2020 18:47:30 -0400 Received: from mail.kernel.org ([198.145.29.99]:45056 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726466AbgIWWr1 (ORCPT ); Wed, 23 Sep 2020 18:47:27 -0400 Received: from mail-wr1-f47.google.com (mail-wr1-f47.google.com [209.85.221.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 1764C221EB for ; Wed, 23 Sep 2020 22:47:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1600901246; bh=fachxeCcYA+Y90j0C9rYXFx72OerjMkaO4HvTjYJ2tY=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=IN8aBvC/1EKciqow+5mvDPBVaiMxXr2kvZOtd9FK4AOlggJnubcxsynWLu+lnSOtw t7nVO8a3yDP5Q1V6fMpHUM7w8o7/JOux2FpGemmv/1XTEtOOmz1oSxGN/xTAMGyefh RETXNdEl4ENCvikuBOgw02aPpoKqIBEYpo/ZcWsM= Received: by mail-wr1-f47.google.com with SMTP id t10so1731869wrv.1 for ; Wed, 23 Sep 2020 15:47:26 -0700 (PDT) X-Gm-Message-State: AOAM533G3QUUJDT5T7GsFkEHYyV6/HUv1kZK7tC9WNDmEjO+sfbM3CRF CTxOXCdib3TBGbIqUWmVyL16PFTqNhN+EDCbnAEf4w== X-Google-Smtp-Source: ABdhPJznuGEAn+IE5naOUy2EKE9CmQqUCZfv/keFlAGHq/G5ZZoiY59PyHaVeILzvhJdrECN9qqb9xgF+CH2UbMI0MA= X-Received: by 2002:a5d:5281:: with SMTP id c1mr1854602wrv.184.1600901244569; Wed, 23 Sep 2020 15:47:24 -0700 (PDT) MIME-Version: 1.0 References: <20200918192312.25978-1-yu-cheng.yu@intel.com> <20200918192312.25978-9-yu-cheng.yu@intel.com> <24718de58ab7bc6d7288c58d3567ad802eeb6542.camel@intel.com> <20200923212925.GC15101@linux.intel.com> In-Reply-To: From: Andy Lutomirski Date: Wed, 23 Sep 2020 15:47:12 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v12 8/8] x86: Disallow vsyscall emulation when CET is enabled To: "Yu, Yu-cheng" Cc: Dave Hansen , Sean Christopherson , Andy Lutomirski , X86 ML , "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , LKML , "open list:DOCUMENTATION" , Linux-MM , linux-arch , Linux API , Arnd Bergmann , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue , Dave Martin , Weijiang Yang Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-api@vger.kernel.org On Wed, Sep 23, 2020 at 3:20 PM Yu, Yu-cheng wrote: > > On 9/23/2020 3:08 PM, Dave Hansen wrote: > > On 9/23/20 3:06 PM, Yu, Yu-cheng wrote: > >> I think I'll add a check here for (r + 8) >= TASK_SIZE_MAX. It is > >> better than getting a fault. > > > > There's also wrmsr_safe(). > > > Yes, thanks. > > Since I am going to change this to: > > fpu__prepare_write(), then write to the XSAVES area. > > The kernel does not expect XRSTORS to fail ("Bad FPU state detected..." > message). So maybe still check the address first. Surely there are plenty of ways to use ptrace() to poke garbage into the FPU state. We should be able to handle this type of failure somewhat gracefully.