Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp762111pxk; Wed, 23 Sep 2020 15:48:56 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxKtipH/7sP0eRK8p0FQLJmYVm6RWpFFYMQvaisegFJJF8lkXVJB3S72Na8iRbomcL+uv2W X-Received: by 2002:a17:906:16da:: with SMTP id t26mr1822619ejd.172.1600901336651; Wed, 23 Sep 2020 15:48:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1600901336; cv=none; d=google.com; s=arc-20160816; b=KD7HUrshXUFn72iys+cA4FchKEA//qhx8KV5f8+EFawHjjgqOIdv0uioRio/lNnRnr MzP1WCI7oPH3N7zQ8S1wZZ6rXoI7PyypZ8puU0oJ1VIa39m1LyxHPGQTaaoR56TDdONB GOKlspX/SHdflGl12VSqAfBxC2gWfZk+kjaM0MzBrk7pmgowfYI0tygr3Y+4UZuHnkpc yqlMxGhtfVtilyvAOix81XjqhTwf6qlEsRyche/tDefzq7FOu7if8L73/kh40Mbp8Hv6 pbld0zrd1PMDJioqIzO7kPxDQ5LufHdlV0HenQTQH7pow5enp2iTUpotTa7eKx7Cca/f 2Rmg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=vYXxRZL3ZoEUVHYWnCT0A63bzmINlZCnUlI/UUjXyZ0=; b=jsAq8h7GLdqEyqHsrO1GmNw669F3H/meSvZdxWpCkgeGQWk/Z+jbDhg3334BVR4h62 GShGUsaVjTv0tLjQVssgF0LIKQyeY5OA25FpG9S7lkKKUUGJgxlaOwANI1Fq3xoMvOmP CFvPC7JOj9E9ViK/7i1pAv1k/KFjUtGihcp3YNtKAdCNHjRm/EildXLEY78YWgOtWNEr GQQckV2zlCaQU2V6+mh7MZbrJacHE+PEhP/n5buutrVdytEiwAJ8J47P3SqcICyjAFF2 1lLTnvPYUJEdO20E1qPRtncMIpPnEDxmYvRIRMPidRZkxc4d0xHvphdbI2RRpe8duxx+ Hmag== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="IN8aBvC/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id i19si784805ejd.384.2020.09.23.15.48.33; Wed, 23 Sep 2020 15:48:56 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="IN8aBvC/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726798AbgIWWr1 (ORCPT + 99 others); Wed, 23 Sep 2020 18:47:27 -0400 Received: from mail.kernel.org ([198.145.29.99]:45110 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726638AbgIWWr1 (ORCPT ); Wed, 23 Sep 2020 18:47:27 -0400 Received: from mail-wr1-f46.google.com (mail-wr1-f46.google.com [209.85.221.46]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 37B4C2395A for ; Wed, 23 Sep 2020 22:47:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1600901246; bh=fachxeCcYA+Y90j0C9rYXFx72OerjMkaO4HvTjYJ2tY=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=IN8aBvC/1EKciqow+5mvDPBVaiMxXr2kvZOtd9FK4AOlggJnubcxsynWLu+lnSOtw t7nVO8a3yDP5Q1V6fMpHUM7w8o7/JOux2FpGemmv/1XTEtOOmz1oSxGN/xTAMGyefh RETXNdEl4ENCvikuBOgw02aPpoKqIBEYpo/ZcWsM= Received: by mail-wr1-f46.google.com with SMTP id x14so1643500wrl.12 for ; Wed, 23 Sep 2020 15:47:26 -0700 (PDT) X-Gm-Message-State: AOAM53150lsguBy9pKUu950ge9GTjSYF8PwLkKDa4jH+Vh8KkvO/eEqq sz+SKg+cefMGN24Gu2cb6pvw04qPMfLkzqL6MKHH3A== X-Received: by 2002:a5d:5281:: with SMTP id c1mr1854602wrv.184.1600901244569; Wed, 23 Sep 2020 15:47:24 -0700 (PDT) MIME-Version: 1.0 References: <20200918192312.25978-1-yu-cheng.yu@intel.com> <20200918192312.25978-9-yu-cheng.yu@intel.com> <24718de58ab7bc6d7288c58d3567ad802eeb6542.camel@intel.com> <20200923212925.GC15101@linux.intel.com> In-Reply-To: From: Andy Lutomirski Date: Wed, 23 Sep 2020 15:47:12 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v12 8/8] x86: Disallow vsyscall emulation when CET is enabled To: "Yu, Yu-cheng" Cc: Dave Hansen , Sean Christopherson , Andy Lutomirski , X86 ML , "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , LKML , "open list:DOCUMENTATION" , Linux-MM , linux-arch , Linux API , Arnd Bergmann , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue , Dave Martin , Weijiang Yang Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Sep 23, 2020 at 3:20 PM Yu, Yu-cheng wrote: > > On 9/23/2020 3:08 PM, Dave Hansen wrote: > > On 9/23/20 3:06 PM, Yu, Yu-cheng wrote: > >> I think I'll add a check here for (r + 8) >= TASK_SIZE_MAX. It is > >> better than getting a fault. > > > > There's also wrmsr_safe(). > > > Yes, thanks. > > Since I am going to change this to: > > fpu__prepare_write(), then write to the XSAVES area. > > The kernel does not expect XRSTORS to fail ("Bad FPU state detected..." > message). So maybe still check the address first. Surely there are plenty of ways to use ptrace() to poke garbage into the FPU state. We should be able to handle this type of failure somewhat gracefully.