Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp1345766rwd; Tue, 16 May 2023 16:03:53 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ4LOMZSNSdvMieE7EkvRBY7fwmS0/pzqNzWUICAidnVg/IR3Y8AqML31zMGkeIhBhSTr6JW X-Received: by 2002:a05:6a20:918a:b0:104:edde:67be with SMTP id v10-20020a056a20918a00b00104edde67bemr16316897pzd.17.1684278232985; Tue, 16 May 2023 16:03:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1684278232; cv=none; d=google.com; s=arc-20160816; b=rdoHUb3ld0UmFN6nwM004tIcsJtT7ypxvssmVq4DANYrD6MYxNeDeYNPmUnwmBA3MJ H+jGtMfuS5LFw+9Z4oQ3/JzHfepWqfryyoDM1a0zlmYULeCz/EhzLwgoWl3BSmH34o+D c2AckJUP11sgHtFk+FSvDlhKUA6eRMUiMkWua+MClcVjMy9w+5wCgy2Hyc0nDts2ghCf 0WAQEfsi+1PdQDWtvS/qxUvsKMJ0uqeopHV0iGqtCB7E8VXE1n9MlFL+n5yZmFpM3V09 aAvUY8gV03QbGCX7JSfvv7HxqAtTtMM23NjlgECWMT8gtuilk/dgTOvJO76lu0nIJ+tM ij9w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:content-language:subject:user-agent:mime-version :date:message-id:dkim-signature; bh=5Zvlr5VPAlTME3LBradBl4JK+a3V5dewnwQSN0YTkas=; b=sonJLiIFnqbcqVpIMWLOt81XFwL1DIZdl4e/Oxupf9vSTk3jEQMh3bcxEryhY3DNbZ aMNDqT96O0z+n062CpMEPb0kdh8o6Gp+FUIwCESzQ14L8UZkvOKL9fqsJablEVpcu8Lg hviwjbWnIMG+mzRjiHLWn9RSEwwlEMEcqA4/VPV++C3OF8tiQWOkmtm+6D1ieJJwtxnQ z3EpfyCz8x5maXiCeZmEXROaJkBOuSTaiPvKY3X4ja22W8Lqwgw+McPc3eSjsD5uNWFY 8KhovOVegWX6SuQsphYLfFngYL7LezvRd8jcuHqZ2PcRnckO1piDx0eZhrk4xw+MBqdY VNKg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=EyeYxWO9; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id a14-20020aa794ae000000b0063b77381764si20518222pfl.49.2023.05.16.16.03.39; Tue, 16 May 2023 16:03:52 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=EyeYxWO9; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230063AbjEPWlo (ORCPT + 99 others); Tue, 16 May 2023 18:41:44 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60682 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229457AbjEPWlm (ORCPT ); Tue, 16 May 2023 18:41:42 -0400 Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 062AC7688; Tue, 16 May 2023 15:41:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684276901; x=1715812901; h=message-id:date:mime-version:subject:to:cc:references: from:in-reply-to:content-transfer-encoding; bh=IDhBF4fgjJGRK2kGvqetdUuW5dTqUG9nUhpZg9K0OCo=; b=EyeYxWO9vH3wtSkq7AqI4AtjGmN7pjq8oIiTewXUFQZYljmAyMITAY9M SepucNT+TiS2Q04y6ajTv/p46syN3auOru5gqEQDW9wlO79FfkSBIV8aD fqIhRbWhe3SHRpPSmqrPB9/6nCNxxPVuOxjO72vDUBDdwrldKkLLmSDme 1J7GmEitfpa9U0bQUB9qnmKszw7Qafko6/CzcdroKNvZSHkDwM+Qyh3pf fncOZgFN5HQzx4+KHl3jROTVesq20n841/qR9h9IV9RxvBNfD9k2rAyw+ QAgBd+ovSlfQz107TpHaEXj/XQ9D70AgMpmo6s2P6wHxHGkF3Wb/gAcFK g==; X-IronPort-AV: E=McAfee;i="6600,9927,10712"; a="350447269" X-IronPort-AV: E=Sophos;i="5.99,280,1677571200"; d="scan'208";a="350447269" Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 16 May 2023 15:41:40 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10712"; a="766534490" X-IronPort-AV: E=Sophos;i="5.99,280,1677571200"; d="scan'208";a="766534490" Received: from mtpanu-mobl1.amr.corp.intel.com (HELO [10.212.203.6]) ([10.212.203.6]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 16 May 2023 15:41:40 -0700 Message-ID: Date: Tue, 16 May 2023 15:41:39 -0700 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.0 Subject: Re: [PATCH 0/6] Memory Mapping (VMA) protection using PKU - set 1 Content-Language: en-US To: =?UTF-8?Q?Stephen_R=c3=b6ttger?= Cc: jeffxu@chromium.org, luto@kernel.org, jorgelo@chromium.org, keescook@chromium.org, groeck@chromium.org, jannh@google.com, akpm@linux-foundation.org, jeffxu@google.com, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-mm@kvack.org, linux-hardening@vger.kernel.org References: <20230515130553.2311248-1-jeffxu@chromium.org> <2bcffc9f-9244-0362-2da9-ece230055320@intel.com> From: Dave Hansen In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,NICE_REPLY_A, RCVD_IN_DNSWL_MED,SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE, URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 5/16/23 00:06, Stephen Röttger wrote: > On Mon, May 15, 2023 at 4:28 PM Dave Hansen wrote: >> >> On 5/15/23 06:05, jeffxu@chromium.org wrote: >>> We're using PKU for in-process isolation to enforce control-flow integrity >>> for a JIT compiler. In our threat model, an attacker exploits a >>> vulnerability and has arbitrary read/write access to the whole process >>> space concurrently to other threads being executed. This attacker can >>> manipulate some arguments to syscalls from some threads. >> >> This all sounds like it hinges on the contents of PKRU in the attacker >> thread. >> >> Could you talk a bit about how the attacker is prevented from running >> WRPKRU, XRSTOR or compelling the kernel to write to PKRU like at sigreturn? > > (resending without html) > > Since we're using the feature for control-flow integrity, we assume > the control-flow is still intact at this point. I.e. the attacker > thread can't run arbitrary instructions. Can't run arbitrary instructions, but can make (pretty) arbitrary syscalls? > * For JIT code, we're going to scan it for wrpkru instructions before > writing it to executable memory ... and XRSTOR, right? > * For regular code, we only use wrpkru around short critical sections > to temporarily enable write access > > Sigreturn is a separate problem that we hope to solve by adding pkey > support to sigaltstack What kind of support were you planning to add? I was thinking that an attacker with arbitrary write access would wait until PKRU was on the userspace stack and *JUST* before the kernel sigreturn code restores it to write a malicious value. It could presumably do this with some asynchronous mechanism so that even if there was only one attacker thread, it could change its own value. Also, the kernel side respect for PKRU is ... well ... rather weak. It's a best effort and if we *happen* to be in a kernel context where PKRU is relevant, we can try to respect PKRU. But there are a whole bunch of things like get_user_pages_remote() that just plain don't have PKRU available and can't respect it at all. I think io_uring also greatly expanded how common "remote" access to process memory is. So, overall, I'm thrilled to see another potential user for pkeys. It sounds like there's an actual user lined up here, which would be wonderful. But, I also want to make sure we don't go to the trouble to build something that doesn't actually present meaningful, durable obstacles to an attacker. I also haven't more than glanced at the code.