Received: by 2002:a25:2c96:0:0:0:0:0 with SMTP id s144csp574095ybs; Sun, 24 May 2020 14:22:16 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxXosn5xYTgcuUlVxh96ToPwYqPFY0dAxUGGB02MTUCOxUr8nUweQelcFPTVC4pIYi0ZiN7 X-Received: by 2002:a17:906:a18b:: with SMTP id s11mr16259898ejy.268.1590355336197; Sun, 24 May 2020 14:22:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1590355336; cv=none; d=google.com; s=arc-20160816; b=KeeOEJszOuCxGAnLw8Z8LoekDzPBTePUlKmYvMhX73FKcpIWFrClq9BvLMP+e2LEyD aMmTCzbwu0NzC9ypGlwlTZltCdKi062osGYK9SXA6DjQeSfgyXyKKuJcpqxc1vzn0UCf IFxzNrsR5dO6XvB4iLmcEa2Iqm16F6jkr5mxi7VIDAPtZmXfNayFDeKhp/fRDzEV86Kd mbnOjGcJXR7LN/ZtdIhTr38Zj3tu1jk4l47yIGNNJ/bNQVYvoMXSIK/xzoTc6XFHZBLZ 8bvqqWvwzFIpPKCH4/vs3krZvaPr4K74LrosDVWW2jdpFWCO1OjpGyjGQ2KSCSnb14e9 lNxg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :dkim-signature; bh=C1ZVx3fwWx1fAWjnc2y1JpzAgaqPwiTIrHd7zezw5+I=; b=pxss4aFnjkbx3FFWbjpQk+ikYtDdWe5ZgCGmJB2egJCHjNtOdV+ZVn3HSXo+qtfuwk LjAGjg0OF1CPEphwABWsvNC4witg6drzX0Z8UOgRZuHmU7TJR1zHxjUEadtjIN7LOo3n PykhPGInHiIWVnzfWjySP6L+H0o6XP9eJyWDhk0rk7oReUr3NMmyNS3u1oUScSoQrapy l6lU55+5ayUk4UcvGiDAFNz1WeAfVPnnw1xf1alslJzWksmBuzd4i1c3FeRUBynaZaqS vuKMxuaFo8hV4k1V5LtWCdbsvK+9c4o0DhmhOWb425sRsDn4jQ0yNBBr6PbxN0NHthxo F+Yw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=OwCim7mY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id a21si8341228ejx.547.2020.05.24.14.21.50; Sun, 24 May 2020 14:22:16 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=OwCim7mY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2387897AbgEXVTs (ORCPT + 99 others); Sun, 24 May 2020 17:19:48 -0400 Received: from mail.kernel.org ([198.145.29.99]:49666 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2387830AbgEXVTr (ORCPT ); Sun, 24 May 2020 17:19:47 -0400 Received: from localhost (c-73-47-72-35.hsd1.nh.comcast.net [73.47.72.35]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 04A092076C; Sun, 24 May 2020 21:19:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1590355187; bh=WE2kW/Hh64n5TAy/jvjJY9wl3IFEMH5x7/Au5mTP5Jc=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=OwCim7mYUE563gvdWuF9JmGSjn4pW3SdxT5xYfrksFP0BNINc+jhilYZ57uas3Aoz ZQATiM3oS/Q/bC9v+eqbrk6F+hjuJPvAJ6iIfTOQpMxCjxLoSSL9qAxsxFjWf5jwtY jlj97QHR1BgZXDZgXeQHJzsVt+P5DVSqsjVk49J8= Date: Sun, 24 May 2020 17:19:45 -0400 From: Sasha Levin To: hpa@zytor.com Cc: Thomas Gleixner , Don Porter , Jarkko Sakkinen , Andi Kleen , linux-kernel@vger.kernel.org, bp@alien8.de, luto@kernel.org, dave.hansen@intel.com, tony.luck@intel.com, ravi.v.shankar@intel.com, chang.seok.bae@intel.com Subject: Re: Re: [PATCH v12 00/18] Enable FSGSBASE instructions Message-ID: <20200524211945.GX33628@sasha-vm> References: <0186c22a8a6be1516df0703c421faaa581041774.camel@linux.intel.com> <20200515164013.GF29995@sasha-vm> <20200518153407.GA499505@tassilo.jf.intel.com> <371e6a92cad25cbe7a8489785efa7d3457ecef3b.camel@linux.intel.com> <87v9ksvoaq.fsf@nanos.tec.linutronix.de> <20200519164853.GA19706@linux.intel.com> <7eb45e02-03bf-0af0-c915-794bf49d66d7@cs.unc.edu> <87h7w7qy18.fsf@nanos.tec.linutronix.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, May 24, 2020 at 12:45:18PM -0700, hpa@zytor.com wrote: >There are legitimate reasons to write a root-hole module, the main one being able to test security features like SMAP. I have requested before a TAINT flag specifically for this purpose, because TAINT_CRAP is nowhere near explicit enough, and is also used for staging drivers. Call it TAINT_TOXIC or TAINT_ROOTHOLE; it should always be accompanied with a CRIT level alert. What I don't like about our current system of TAINT_* flags is that while we can improve it as much as we want, no one outside of the kernel tree seems to be using it. While Thomas may have been commenting on Graphene's behaviour, look at any other code that did the same thing: - Graphene: https://github.com/oscarlab/graphene-sgx-driver/blob/master/gsgx.c - Occlum: https://github.com/occlum/enable_rdfsbase/blob/master/enable_rdfsbase.c - SGX-LKL: https://github.com/lsds/sgx-lkl/blob/master/tools/kmod-set-fsgsbase/mod_set_cr4_fsgsbase.c None of which set even the CRAP flag. -- Thanks, Sasha