Received: by 10.223.176.46 with SMTP id f43csp461326wra; Wed, 24 Jan 2018 00:37:54 -0800 (PST) X-Google-Smtp-Source: AH8x226VdADZuKtp1SLi4Pp6D1v9DpuDUChhdm5ogkTx/HLpzCrGBAYh5S9srns2b91DXK0WCVqg X-Received: by 10.98.59.80 with SMTP id i77mr12472978pfa.146.1516783074873; Wed, 24 Jan 2018 00:37:54 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516783074; cv=none; d=google.com; s=arc-20160816; b=IgFk+KCqxndR8f0CJ7zZPHIWop1ineVmbrwBIn4ie+qNVAjAos8DZZ6SBDKXIeXyWb 3AGpNp/fUs+amDgj6St7f5cIAl2tVYYjwSynZzxeZVST20EyrBAqF4EJNukmMPEIHcM+ pvVflq8+DbGQ9SQBLGErHRRWYOcx0vsPIi4ohNAfKkVtSvnBj3k+sy6eYEbvCLL9uoH7 LD73xjV5EV50qdhMJTIZPsyb5ZGpane4RE/8slvd6Eoo8nsUeedSrqEbO3CJ4taih58b XneVjnx+AxxG7q0FN7G8xnq0XhdVhZBhcA36uhx+xx/jDtKItTZQ1bWwdawO2CIvL0CK Cs6g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-transfer-encoding:content-disposition:mime-version :references:message-id:subject:cc:to:from:date :arc-authentication-results; bh=Y5cIaHHFZEpv/JtvaSLiCVGGkC/WGFG+cMqg4ML4sVU=; b=uNMin2tBys1+xaQGPCt0vCHhOvcpAg8X+DuqdHvnEdwteJ8WxNHOIHZ25GrIrFLbv9 RR71tB9misEzrWzu4DZ74Rmibe6U5ORTjXbJ2ZYD4dEmX7Etr5GWAkxUW8XFqZ0inZ0t XoP/WS7K/Qt12jm5PbUqpo9YkrBZFGqRx3oanBl0uK65FQA+W/24OsfSYHXmk7AHZZnF sM3qgs9qvbwqgvqqUW46bWmy61wXz3Hej6syGJ4TZVXkoRY+OXF1zzBkJE0HggvOt4OE K/TZghszM6/9ND420CFQMkVfxvU41KQggTmNHaUncA2YYaGdeUgh89Q/h1SUNuBLP63J BKdA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j13si2530976pfh.78.2018.01.24.00.37.41; Wed, 24 Jan 2018 00:37:54 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932604AbeAXIhU (ORCPT + 99 others); Wed, 24 Jan 2018 03:37:20 -0500 Received: from isilmar-4.linta.de ([136.243.71.142]:39452 "EHLO isilmar-4.linta.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932103AbeAXIhS (ORCPT ); Wed, 24 Jan 2018 03:37:18 -0500 Received: from light.dominikbrodowski.net (isilmar.linta [10.0.0.1]) by isilmar-4.linta.de (Postfix) with ESMTPS id 98C8C20055D; Wed, 24 Jan 2018 08:37:16 +0000 (UTC) Received: by light.dominikbrodowski.net (Postfix, from userid 1000) id AE63A200EE; Wed, 24 Jan 2018 09:37:05 +0100 (CET) Date: Wed, 24 Jan 2018 09:37:05 +0100 From: Dominik Brodowski To: Martin Schwidefsky Cc: linux-kernel@vger.kernel.org, linux-s390@vger.kernel.org, kvm@vger.kernel.org, Heiko Carstens , Christian Borntraeger , Paolo Bonzini , Cornelia Huck , David Hildenbrand , Greg Kroah-Hartman , Jon Masters , Marcus Meissner , Jiri Kosina , w@1wt.eu, keescook@chromium.org, thomas.lendacky@amd.com, dwmw@amazon.co.uk, ak@linux.intel.com, pavel@ucw.cz Subject: Avoiding information leaks between users and between processes by default? [Was: : [PATCH 1/5] prctl: add PR_ISOLATE_BP process control] Message-ID: <20180124083705.GA14868@light.dominikbrodowski.net> References: <1516712825-2917-1-git-send-email-schwidefsky@de.ibm.com> <1516712825-2917-2-git-send-email-schwidefsky@de.ibm.com> <20180123170719.GA4154@isilmar-4.linta.de> <20180124072953.50851fec@mschwideX1> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20180124072953.50851fec@mschwideX1> User-Agent: Mutt/1.9.2 (2017-12-15) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Jan 24, 2018 at 07:29:53AM +0100, Martin Schwidefsky wrote: > On Tue, 23 Jan 2018 18:07:19 +0100 > Dominik Brodowski wrote: > > > On Tue, Jan 23, 2018 at 02:07:01PM +0100, Martin Schwidefsky wrote: > > > Add the PR_ISOLATE_BP operation to prctl. The effect of the process > > > control is to make all branch prediction entries created by the execution > > > of the user space code of this task not applicable to kernel code or the > > > code of any other task. > > > > What is the rationale for requiring a per-process *opt-in* for this added > > protection? > > > > For KPTI on x86, the exact opposite approach is being discussed (see, e.g. > > http://lkml.kernel.org/r/1515612500-14505-1-git-send-email-w@1wt.eu ): By > > default, play it safe, with KPTI enabled. But for "trusted" processes, one > > may opt out using prctrl. > > The rationale is that there are cases where you got code from *somewhere* > and want to run it in an isolated context. Think: a docker container that > runs under KVM. But with spectre this is still not really safe. So you > include a wrapper program in the docker container to use the trap door > prctl to start the potential malicious program. Now you should be good, no? Well, partly. It may be that s390 and its use cases are special -- but as I understand it, this uapi question goes beyond this question: To my understanding, Linux traditionally tried to aim for the security goal of avoiding information leaks *between* users[+], probably even between processes of the same user. It wasn't a guarantee, and there always were (and will be) information leaks -- and that is where additional safeguards such as seccomp come into play, which reduce the attack surface against unknown or unresolved security-related bugs. And everyone knew (or should have known) that allowing "untrusted" code to be run (be it by an user, be it JavaScript, etc.) is more risky. But still, avoiding information leaks between users and between processes was (to my understanding) at least a goal.[?] In recent days however, the outlook on this issue seems to have shifted: - Your proposal would mean to trust all userspace code, unless it is specifically marked as untrusted. As I understand it, this would mean that by default, spectre isn't fully mitigated cross-user and cross-process, though the kernel could. And rogue user-run code may make use of that, unless it is run with a special wrapper. - Concerning x86 and IPBP, the current proposal is to limit the protection offered by IPBP to non-dumpable processes. As I understand it, this would mean that other processes are left hanging out to dry.[~] - Concerning x86 and STIBP, David mentioned that "[t]here's an argument that there are so many other information leaks between HT siblings that we might not care"; in the last couple of hours, a proposal emerged to limit the protection offered by STIBP to non-dumpable processes as well. To my understanding, this would mean that many processes are left hanging out to dry again. I am a bit worried whether this is a sign for a shift in the security goals. I fully understand that there might be processes (e.g. some[?] kernel threads) and users (root) which you need to trust anyway, as they can already access anything. Disabling additional, costly safeguards for those special cases then seems OK. Opting out of additional protections for single-user or single-use systems (haproxy?) might make sense as well. But the kernel[*] not offering full[#] spectre mitigation by default for regular users and their processes? I'm not so sure. Thanks, Dominik [+] root is different. [?] Whether such goals and their pursuit may have legal relevance -- e.g. concerning the criminal law protection against unlawful access to data -- is a related, fascinating topic. [~] For example, I doubt that mutt sets the non-dumpable flag. But I wouldn't want other users to be able to read my mail. [#] Well, at least the best the kernel can currently and reasonably manage. [*] Whether CPUs should enable full mitigation (IBRS_ALL) by default in future has been discussed on this list as well.