Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 26 Jan 2017 10:52:18 -0800
From: Andy Lutomirski <luto@...capital.net>
To: Thomas Garnier <thgarnie@...gle.com>
Cc: Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>, 
	"H . Peter Anvin" <hpa@...or.com>, Andrey Ryabinin <aryabinin@...tuozzo.com>, 
	Alexander Potapenko <glider@...gle.com>, Dmitry Vyukov <dvyukov@...gle.com>, 
	Kees Cook <keescook@...omium.org>, Andy Lutomirski <luto@...nel.org>, 
	Arjan van de Ven <arjan@...ux.intel.com>, Paul Gortmaker <paul.gortmaker@...driver.com>, 
	Borislav Petkov <bp@...e.de>, "Rafael J . Wysocki" <rjw@...ysocki.net>, Len Brown <len.brown@...el.com>, 
	Pavel Machek <pavel@....cz>, Jiri Kosina <jikos@...nel.org>, Matt Fleming <matt@...eblueprint.co.uk>, 
	Ard Biesheuvel <ard.biesheuvel@...aro.org>, Boris Ostrovsky <boris.ostrovsky@...cle.com>, 
	Juergen Gross <jgross@...e.com>, Rusty Russell <rusty@...tcorp.com.au>, 
	Christian Borntraeger <borntraeger@...ibm.com>, Fenghua Yu <fenghua.yu@...el.com>, 
	He Chen <he.chen@...ux.intel.com>, Brian Gerst <brgerst@...il.com>, 
	"Luis R . Rodriguez" <mcgrof@...nel.org>, Adam Buchbinder <adam.buchbinder@...il.com>, 
	Stanislaw Gruszka <sgruszka@...hat.com>, Arnd Bergmann <arnd@...db.de>, Dave Hansen <dave.hansen@...el.com>, 
	Chen Yucong <slaoub@...il.com>, Vitaly Kuznetsov <vkuznets@...hat.com>, 
	David Vrabel <david.vrabel@...rix.com>, Josh Poimboeuf <jpoimboe@...hat.com>, 
	Tim Chen <tim.c.chen@...ux.intel.com>, Rik van Riel <riel@...hat.com>, 
	Andi Kleen <ak@...ux.intel.com>, Jiri Olsa <jolsa@...hat.com>, 
	Prarit Bhargava <prarit@...hat.com>, Michael Ellerman <mpe@...erman.id.au>, Joerg Roedel <joro@...tes.org>, 
	Paolo Bonzini <pbonzini@...hat.com>, Radim Krčmář <rkrcmar@...hat.com>, 
	X86 ML <x86@...nel.org>, 
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, kasan-dev <kasan-dev@...glegroups.com>, 
	"linux-pm@...r.kernel.org" <linux-pm@...r.kernel.org>, 
	"linux-efi@...r.kernel.org" <linux-efi@...r.kernel.org>, 
	"xen-devel@...ts.xenproject.org" <xen-devel@...ts.xenproject.org>, lguest@...ts.ozlabs.org, 
	kvm list <kvm@...r.kernel.org>, 
	"kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com>
Subject: Re: [PATCH v2 2/3] x86: Remap GDT tables in the Fixmap section

On Thu, Jan 26, 2017 at 8:59 AM, Thomas Garnier <thgarnie@...gle.com> wrote:
> Each processor holds a GDT in its per-cpu structure. The sgdt
> instruction gives the base address of the current GDT. This address can
> be used to bypass KASLR memory randomization. With another bug, an
> attacker could target other per-cpu structures or deduce the base of
> the main memory section (PAGE_OFFSET).
>
> This patch relocates the GDT table for each processor inside the
> Fixmap section. The space is reserved based on number of supported
> processors.
>
> For consistency, the remapping is done by default on 32 and 64 bit.
>
> Each processor switches to its remapped GDT at the end of
> initialization. For hibernation, the main processor returns with the
> original GDT and switches back to the remapping at completion.
>
> This patch was tested on both architectures. Hibernation and KVM were
> both tested specially for their usage of the GDT.

I like this version much better.  Thanks!

--Andy

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.