Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp973798yba; Fri, 26 Apr 2019 11:50:57 -0700 (PDT) X-Google-Smtp-Source: APXvYqxtRGjp7kKjqIH/rukqCororfKTg81j6UQU/CRRnxHYDNToPNZD+TVC5A08HKwDKtz4jx+1 X-Received: by 2002:a17:902:aa83:: with SMTP id d3mr5283026plr.108.1556304657579; Fri, 26 Apr 2019 11:50:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1556304657; cv=none; d=google.com; s=arc-20160816; b=Qw+blxSMvEzuxkSAn9qUHgCzcvxSwYhVaZocKP+HBZlGgrus6IcX61iTsBYerCppTv FrnMceyJIhkF3HJRTZ7+yx6Vnc4aY8xZTbCB0wHv5guzjGVxsraq+jsPxVfImtNfjzKl TA//eAE644pH6QPoUGDNQlQw4YdCeWJ+tL9Xo+zIRjbjpU+e47YYjkRRSks8RlyQFH6X wtei2NJmgPEZXOyAydIpDpYi58vmWatzYnPI7PHcKae/OqdUWHkPsVnh69ir9mWwtGZd mFFQW3E67gwpIX4Wk90Elwg/vE8M1MSGD3iPwUWcirlWP/6VXzPNKhANFMUaMtkpC7q4 bqZg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:date:cc:to:from:subject:message-id :dkim-signature:dkim-signature; bh=z+oOLGgqjN7ex7JsSbEreqKWfXT55UCPaEt53zCtCEk=; b=pc4r9bEV+cRitNqAurIlK57GVDJKXR8+OpvACOEiOqBU+KhSykr+1UHU3w7jZDDhz3 qaX+7KHEBQoZ1AUxloKF+Z86x8hFYmjWPMLg533qL152PqPkZHLMJEzStS7C/dBI6fGd XX2SkRCO0ilPWNqw0X4joguZhiHoqDv5E7wxLXQODlW0yTtqTWGlJJncxKfmSu2L9ZJl HVgN7DTEJ3H2wBR8HoXbKkIw9NM6Crkijk9cTzVL/fe8NG4F9UejtPudh5WmBpZ2+vRB OP/A5uXCG5xuoV0uhJ1EQtfD9WOrS65MWerMp39tdiiYIeTlDlYt6tGTW8ES4kkaKE3h 7XAg== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@hansenpartnership.com header.s=20151216 header.b=IZKVMNXo; dkim=fail header.i=@hansenpartnership.com header.s=20151216 header.b=IZKVMNXo; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=hansenpartnership.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 73si25617058pgb.414.2019.04.26.11.50.41; Fri, 26 Apr 2019 11:50:57 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@hansenpartnership.com header.s=20151216 header.b=IZKVMNXo; dkim=fail header.i=@hansenpartnership.com header.s=20151216 header.b=IZKVMNXo; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=hansenpartnership.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726393AbfDZStb (ORCPT + 99 others); Fri, 26 Apr 2019 14:49:31 -0400 Received: from bedivere.hansenpartnership.com ([66.63.167.143]:54820 "EHLO bedivere.hansenpartnership.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726049AbfDZSta (ORCPT ); Fri, 26 Apr 2019 14:49:30 -0400 Received: from localhost (localhost [127.0.0.1]) by bedivere.hansenpartnership.com (Postfix) with ESMTP id 962A48EE121; Fri, 26 Apr 2019 11:49:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=hansenpartnership.com; s=20151216; t=1556304569; bh=sOaeFRWJRQo0N2mv0s8k3sDJjYmty9DwZwOp2JV9H2U=; h=Subject:From:To:Cc:Date:In-Reply-To:References:From; b=IZKVMNXorn56CMx465Owkt0livTWuNAyyC6sg/IgxKPJ2uU/M9GS34oRiRVUkvbkj 1scd/Qe3vrlgnzd5OzA1+Mx+dDTo51s7SbfKM9bmye6UKGnYSY1KCBR6DZw+sxWIPb xMa55mbet2KlO/Rtxu4//+BYpty1QBoW0y+fH6Q4= Received: from bedivere.hansenpartnership.com ([127.0.0.1]) by localhost (bedivere.hansenpartnership.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tVyy7i8XvLsR; Fri, 26 Apr 2019 11:49:29 -0700 (PDT) Received: from [153.66.254.194] (unknown [50.35.68.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by bedivere.hansenpartnership.com (Postfix) with ESMTPSA id 55FF68EE079; Fri, 26 Apr 2019 11:49:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=hansenpartnership.com; s=20151216; t=1556304569; bh=sOaeFRWJRQo0N2mv0s8k3sDJjYmty9DwZwOp2JV9H2U=; h=Subject:From:To:Cc:Date:In-Reply-To:References:From; b=IZKVMNXorn56CMx465Owkt0livTWuNAyyC6sg/IgxKPJ2uU/M9GS34oRiRVUkvbkj 1scd/Qe3vrlgnzd5OzA1+Mx+dDTo51s7SbfKM9bmye6UKGnYSY1KCBR6DZw+sxWIPb xMa55mbet2KlO/Rtxu4//+BYpty1QBoW0y+fH6Q4= Message-ID: <1556304567.2833.62.camel@HansenPartnership.com> Subject: Re: [RFC PATCH 2/7] x86/sci: add core implementation for system call isolation From: James Bottomley To: Andy Lutomirski Cc: Dave Hansen , Mike Rapoport , linux-kernel@vger.kernel.org, Alexandre Chartre , Andy Lutomirski , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Ingo Molnar , Jonathan Adams , Kees Cook , Paul Turner , Peter Zijlstra , Thomas Gleixner , linux-mm@kvack.org, linux-security-module@vger.kernel.org, x86@kernel.org Date: Fri, 26 Apr 2019 11:49:27 -0700 In-Reply-To: <8E695557-1CD2-431A-99CC-49A4E8247BAE@amacapital.net> References: <1556228754-12996-1-git-send-email-rppt@linux.ibm.com> <1556228754-12996-3-git-send-email-rppt@linux.ibm.com> <627d9321-466f-c4ed-c658-6b8567648dc6@intel.com> <1556290658.2833.28.camel@HansenPartnership.com> <54090243-E4C7-4C66-8025-AFE0DF5DF337@amacapital.net> <1556291961.2833.42.camel@HansenPartnership.com> <8E695557-1CD2-431A-99CC-49A4E8247BAE@amacapital.net> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.26.6 Mime-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, 2019-04-26 at 10:40 -0700, Andy Lutomirski wrote: > > On Apr 26, 2019, at 8:19 AM, James Bottomley > npartnership.com> wrote: > > > > On Fri, 2019-04-26 at 08:07 -0700, Andy Lutomirski wrote: > > > > On Apr 26, 2019, at 7:57 AM, James Bottomley > > > > wrote: > > > > > > > > > > On Fri, 2019-04-26 at 07:46 -0700, Dave Hansen wrote: > > > > > > On 4/25/19 2:45 PM, Mike Rapoport wrote: > > > > > > After the isolated system call finishes, the mappings > > > > > > created during its execution are cleared. > > > > > > > > > > Yikes. I guess that stops someone from calling write() a > > > > > bunch of times on every filesystem using every block device > > > > > driver and all the DM code to get a lot of code/data faulted > > > > > in. But, it also means not even long-running processes will > > > > > ever have a chance of behaving anything close to normally. > > > > > > > > > > Is this something you think can be rectified or is there > > > > > something fundamental that would keep SCI page tables from > > > > > being cached across different invocations of the same > > > > > syscall? > > > > > > > > There is some work being done to look at pre-populating the > > > > isolated address space with the expected execution footprint of > > > > the system call, yes. It lessens the ROP gadget protection > > > > slightly because you might find a gadget in the pre-populated > > > > code, but it solves a lot of the overhead problem. > > > > > > I’m not even remotely a ROP expert, but: what stops a ROP payload > > > from using all the “fault-in” gadgets that exist — any function > > > that can return on an error without doing to much will fault in > > > the whole page containing the function. > > > > The address space pre-population is still per syscall, so you don't > > get access to the code footprint of a different syscall. So the > > isolated address space is created anew for every system call, it's > > just pre-populated with that system call's expected footprint. > > That’s not what I mean. Suppose I want to use a ROP gadget in > vmalloc(), but vmalloc isn’t in the page tables. Then first push > vmalloc itself into the stack. As long as RDI contains a sufficiently > ridiculous value, it should just return without doing anything. And > it can return right back into the ROP gadget, which is now available. Yes, it's not perfect, but stack space for a smashing attack is at a premium and now you need two stack frames for every gadget you chain instead of one so we've halved your ability to chain gadgets. > > > To improve this, we would want some thing that would try to check > > > whether the caller is actually supposed to call the callee, which > > > is more or less the hard part of CFI. So can’t we just do CFI > > > and call it a day? > > > > By CFI you mean control flow integrity? In theory I believe so, > > yes, but in practice doesn't it require a lot of semantic object > > information which is easy to get from higher level languages like > > java but a bit more difficult for plain C. > > Yes. As I understand it, grsecurity instruments gcc to create some > kind of hash of all function signatures. Then any indirect call can > effectively verify that it’s calling a function of the right type. > And every return verified a cookie. > > On CET CPUs, RET gets checked directly, and I don’t see the benefit > of SCI. Presumably you know something I don't but I thought CET CPUs had been planned for release for ages, but not actually released yet? > > > On top of that, a robust, maintainable implementation of this > > > thing seems very complicated — for example, what happens if > > > vfree() gets called? > > > > Address space Local vs global object tracking is another thing on > > our list. What we'd probably do is verify the global object was > > allowed to be freed and then hand it off safely to the main kernel > > address space. > > This seems exceedingly complicated. It's a research project: we're exploring what's possible so we can choose the techniques that give the best security improvement for the additional overhead. James