Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 26 Aug 2016 11:39:04 -0400
From: David Brown <>
Cc:, Will Deacon <>,
	James Morse <>,
	Kees Cook <>,
	Julien Grall <>
Subject: Re: [PATCH 0/7] arm64: Privileged Access Never
 using TTBR0_EL1 switching

On Fri, Aug 12, 2016 at 04:27:39PM +0100, Catalin Marinas wrote:
>This is the first (public) attempt at emulating PAN by disabling
>TTBR0_EL1 accesses on arm64. I chose to use a per-CPU saved_ttbr0_el1
>variable to store the actual TTBR0 as, IMO, it looks better w.r.t. the
>context switching code, to the detriment of a slightly more complex
>uaccess_enable() implementation. The alternative was storing the saved
>TTBR0 in thread_info but with more complex thread switching since TTBR0
>is normally tied to switch_mm() rather than switch_to(). The latter may
>also get more complicated if we are to decouple the kernel stack from
>thread_info at some point (vmalloc'ed stacks).
>The code requires more testing, especially for combinations where UAO is
>present but PAN is not.

I briefly tried to run these patches on my HiKey board and I get a
panic on boot.  Unfortunately, I've had to head off to the Linux
Security Summit, so I haven't been able to try to figure out what is
going on (and I don't seem to be able to even get a capture of the log
output).  But I ran into Mark Rutland who convinced me to at least
state the failure on the list here.

The same kernel boots fine in Qemu.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.