Received: by 2002:a05:6a10:16a7:0:0:0:0 with SMTP id gp39csp3376407pxb; Mon, 9 Nov 2020 09:32:09 -0800 (PST) X-Google-Smtp-Source: ABdhPJzObBk3aEpuNNDTIJqElFuBRjDSRAZdeGP9Rz1JOlm4n4UxQIaW3UU+V4dLLzvG0xWl2kPD X-Received: by 2002:aa7:d591:: with SMTP id r17mr16853731edq.274.1604943129136; Mon, 09 Nov 2020 09:32:09 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1604943129; cv=none; d=google.com; s=arc-20160816; b=tbAVbMHJ2CNBaWNulbHs0A9e6edWBuHqfRwqro6wbHi6E434bDdO7mxV0fpp/vfLMx nJ4IizmGTbhuh91xFyLo6wqTudsSzRTB084qm2JuYah+u2VKM5j7R0SBQIKRIBKoWFRS t4J6JiebPNstfHuyF9sHRsnT475dcf5ckHMik/TgGfhRTFkWzthimFPf/xkcoaFjw+PF fw7gilUXkFarZKhqi0Cn0RBJLqnxqSsq1HZpb/FqvDp/cEFXC4bMm6uWw4dkhQ7qaNBU G3E3LMKp8XMbrORXr2unC42DEg5uPYl8G7CpWTPYOhBsy8FyZmXMWaE/3ZSZS3IojUvC 8Lxg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=EnNpAp3aE8fQN7wBOIfnQYPkKJsQ6+pg68kkULOUDHI=; b=UOijFq0WxVzUf5Q1tZxNktU3DhT4rpzpnSeofm1WqmuW8JfBp9ek5SOjzKTCLCthI7 wRho2tI0gI8Gw/eM8eQboXoziKiJt4nHiW5I6ewm0rJ/0vOnKXwBh3vSODPBZwexwftY wPB2yIj5XSrLK5TOfBlyQjkL3dFjlVfh/uPykjdW6odBT/3lXrJNrEvQGv0ejr1Edpr8 Ow8KXFWRrLDHWr31vnvLs7m0ekzAqHZTCU681fp2KgBXkj+LEYtR2fhkXE0RiNcpNWZg 6/zN9lIKR53mcI8zhE6ZUMhQdy1eK2qZ1iwHNvrMXZ3RGVw+P+KLrLE9f3RllPWF2vVO cYZg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=geiVEhhO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id h12si8866067ejx.35.2020.11.09.09.31.44; Mon, 09 Nov 2020 09:32:09 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=geiVEhhO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731177AbgKIR2Q (ORCPT + 99 others); Mon, 9 Nov 2020 12:28:16 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34468 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730315AbgKIR2P (ORCPT ); Mon, 9 Nov 2020 12:28:15 -0500 Received: from mail-wr1-x441.google.com (mail-wr1-x441.google.com [IPv6:2a00:1450:4864:20::441]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0472CC0613CF for ; Mon, 9 Nov 2020 09:28:14 -0800 (PST) Received: by mail-wr1-x441.google.com with SMTP id 23so9585161wrc.8 for ; Mon, 09 Nov 2020 09:28:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amacapital-net.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=EnNpAp3aE8fQN7wBOIfnQYPkKJsQ6+pg68kkULOUDHI=; b=geiVEhhOsPRn5fpk+li0RJgnq1L0ionzhCXrha7IGd1d7QViy61+BQpf1/N1+7QSp2 f4sZfI8uRcNHjrbZnGkxgzXFOCGTD5jK1r5jbEenglfBZOATs//vEWvKLkkajQiIkQXJ sLQv7q5fOrj7oiVGuBtDJuv8UYtiYQNi3C44Zw6DhDli4TvzR6JvDQAMhCfGCsVUi70b kfnaYlpbi9r7ldgDg1wa9vBIy0LBu7C97zwKpDqG7eSRKq/lOcE/hyFbuvLdoS3LFVUS x8I+YUAGruimWrCmofEujBWMgvl6Cb/1voRJA4eNWBQIijfInGe+l8oMR6bQ2wOcanCj ZtuQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=EnNpAp3aE8fQN7wBOIfnQYPkKJsQ6+pg68kkULOUDHI=; b=q4Q4s4jYdwQ46UqiGjT5PCgOCDNqWpCeoNtwb4HVBeBmPGSHlD3X09WGggUumWXvqg L/LOHxOjBj6iSdYXUusSzOW08Q1gqpjoPzCbHZsSJbLXGyER0C2lR7IYeaLCzMsN/QgX HJWzS/S+N2H92Kyg7S3FDhuxJkSSOQQGfRHdEIUbkFn+NfnE6HJiiRVZHGua9+8ipgJB wVQuggABHvwgdhemuii+9KeOaqbIBU86FyX608fVG7yJUsRvw/GwY/7/ve/jY/7ODp7g KMcVTfGYuqvP4/Xf9gFsAzA45Exqf2lvjEDHG9hi5oD0WDdx2/ns2k9KgOsXWngifD3Q N7Rg== X-Gm-Message-State: AOAM533l8IRbIaGPmiXsPGzxiA3+SboYYncIxczLvLnHs6RIn6IbqLQk a7JHaVwgZZXbYNQ4/ALw97GgBW9flcQMh2WIiCyLxcdtHnpRbw== X-Received: by 2002:adf:f0c2:: with SMTP id x2mr12613726wro.184.1604942892790; Mon, 09 Nov 2020 09:28:12 -0800 (PST) MIME-Version: 1.0 References: <20201109112319.264511-1-alexandre.chartre@oracle.com> <20201109112319.264511-14-alexandre.chartre@oracle.com> In-Reply-To: <20201109112319.264511-14-alexandre.chartre@oracle.com> From: Andy Lutomirski Date: Mon, 9 Nov 2020 09:28:01 -0800 Message-ID: Subject: Re: [RFC][PATCH 13/24] x86/pti: Extend PTI user mappings To: Alexandre Chartre Cc: X86 ML , LKML Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Nov 9, 2020 at 3:22 AM Alexandre Chartre wrote: > > Extend PTI user mappings so that more kernel entry code can be executed > with the user page-table. To do so, we need to map syscall and interrupt > entry code, Probably fine. > per cpu offsets (__per_cpu_offset, which is used some in > entry code), This likely already leaks due to vulnerable CPUs leaking address space layout info. > the stack canary, That's going to be a very tough sell.