Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S965443AbeAKSat (ORCPT <rfc822;ralf@linux-mips.org> + 1 other);
        Thu, 11 Jan 2018 13:30:49 -0500
Received: from mga03.intel.com ([134.134.136.65]:6975 "EHLO mga03.intel.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S965300AbeAKSar (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 11 Jan 2018 13:30:47 -0500
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.46,345,1511856000"; 
   d="scan'208";a="10038817"
Subject: Re: [RFC PATCH v2 6/6] x86/entry/pti: don't switch PGD on when
 pti_disable is set
To: Alexei Starovoitov <alexei.starovoitov@gmail.com>,
        Andy Lutomirski <luto@kernel.org>
References: <1515502580-12261-7-git-send-email-w@1wt.eu>
 <20180110082207.GX29822@worktop.programming.kicks-ass.net>
 <20180110091102.GH14066@1wt.eu>
 <CALCETrXQFL2sJPJe_Z8XLEo11V_tLyZR0y4PTRxJzrhmpdsuJg@mail.gmail.com>
 <CA+55aFwfSKNAYEFWCwCe2vSxejA3X85FnX9t1EdnCRUwC1ou1Q@mail.gmail.com>
 <20180111064259.GC14920@1wt.eu>
 <0f08d89e-61e1-20e3-5c59-0b2f7b32bf0c@linux.intel.com>
 <20180111154412.GA15296@1wt.eu>
 <af80ba81-f8bc-156e-a286-0825aa47f134@linux.intel.com>
 <CALCETrUxk83Oys18-VW7HO2+mPx8RzJxpud7BkYVnD9G=-t3ZQ@mail.gmail.com>
 <20180111182147.masunghp5km6igjq@ast-mbp.dhcp.thefacebook.com>
Cc: Willy Tarreau <w@1wt.eu>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Peter Zijlstra <peterz@infradead.org>,
        LKML <linux-kernel@vger.kernel.org>, X86 ML <x86@kernel.org>,
        Borislav Petkov <bp@alien8.de>,
        Brian Gerst <brgerst@gmail.com>,
        Ingo Molnar <mingo@kernel.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        Josh Poimboeuf <jpoimboe@redhat.com>,
        "H. Peter Anvin" <hpa@zytor.com>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        Kees Cook <keescook@chromium.org>
From: Dave Hansen <dave.hansen@linux.intel.com>
Message-ID: <f6d1d28f-cd79-16b6-ab2f-aa113b26bf3f@linux.intel.com>
Date: Thu, 11 Jan 2018 10:30:46 -0800
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.5.0
MIME-Version: 1.0
In-Reply-To: <20180111182147.masunghp5km6igjq@ast-mbp.dhcp.thefacebook.com>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>

On 01/11/2018 10:21 AM, Alexei Starovoitov wrote:
>> I was thinking that maybe we should add a new field or two to pt_regs.
>> They could store CR2 and maybe CR3 as well.  I'd also like to expose
>> the error code of exceptions in stack traces.  We should get this
>> integrated right into the unwinder.
> hmm. Exposing cr3 to user space will make it trivial for user process
> to know whether kpti is active. Not sure how exploitable such
> information leak.

It also gives userspace a pretty valuable physical address to go after.
That, plus a KASLR defeat gives you a known-valuable virtual address to
target.  That's no good.

I think CR3 is a non-starter.