All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH v2 0/8] vsyscall xonly mode
@ 2019-06-27  4:45 Andy Lutomirski
  2019-06-27  4:45 ` [PATCH v2 1/8] x86/vsyscall: Remove the vsyscall=native documentation Andy Lutomirski
                   ` (7 more replies)
  0 siblings, 8 replies; 25+ messages in thread
From: Andy Lutomirski @ 2019-06-27  4:45 UTC (permalink / raw)
  To: x86; +Cc: LKML, Kees Cook, Florian Weimer, Jann Horn, Andy Lutomirski

Hi all-

This adds a new "xonly" mode for vsyscalls and makes it the default.
xonly is a bit more secure -- Kees knows about an exploit that relied on
read access to the vsyscall page.  It's also nicer from a paging
perspective, as it doesn't require user access to any of the kernel
address space as far as the CPU is concerned.  This would, for example,
allow a much simpler implementation of per-process vsyscall disabling.

I will follow up with two non-x86 changes that are related but have
no dependencies.

Changes from v1:
 - Minor cleanups (Kees)
 - Add a searchable message when a vsyscall read is denied (Kees)
 - The test case is vastly improved
 - Get rid of the extra gate vma object
 - Add the __ro_after_init patch

Andy Lutomirski (8):
  x86/vsyscall: Remove the vsyscall=native documentation
  x86/vsyscall: Add a new vsyscall=xonly mode
  x86/vsyscall: Show something useful on a read fault
  x86/vsyscall: Document odd SIGSEGV error code for vsyscalls
  selftests/x86/vsyscall: Verify that vsyscall=none blocks execution
  x86/vsyscall: Change the default vsyscall mode to xonly
  x86/vsyscall: Add __ro_after_init to global variables
  selftests/x86: Add a test for process_vm_readv() on the vsyscall page

 .../admin-guide/kernel-parameters.txt         |  11 +-
 arch/x86/Kconfig                              |  35 +++--
 arch/x86/entry/vsyscall/vsyscall_64.c         |  37 +++++-
 arch/x86/include/asm/vsyscall.h               |   6 +-
 arch/x86/mm/fault.c                           |  18 ++-
 tools/testing/selftests/x86/test_vsyscall.c   | 120 ++++++++++++++----
 6 files changed, 174 insertions(+), 53 deletions(-)

-- 
2.21.0


^ permalink raw reply	[flat|nested] 25+ messages in thread

end of thread, other threads:[~2019-06-27 22:18 UTC | newest]

Thread overview: 25+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-06-27  4:45 [PATCH v2 0/8] vsyscall xonly mode Andy Lutomirski
2019-06-27  4:45 ` [PATCH v2 1/8] x86/vsyscall: Remove the vsyscall=native documentation Andy Lutomirski
2019-06-27 17:26   ` Kees Cook
2019-06-27 22:13   ` [tip:x86/entry] Documentation/admin: " tip-bot for Andy Lutomirski
2019-06-27  4:45 ` [PATCH v2 2/8] x86/vsyscall: Add a new vsyscall=xonly mode Andy Lutomirski
2019-06-27 17:26   ` Kees Cook
2019-06-27 22:13   ` [tip:x86/entry] " tip-bot for Andy Lutomirski
2019-06-27  4:45 ` [PATCH v2 3/8] x86/vsyscall: Show something useful on a read fault Andy Lutomirski
2019-06-27 17:28   ` Kees Cook
2019-06-27 22:14   ` [tip:x86/entry] " tip-bot for Andy Lutomirski
2019-06-27  4:45 ` [PATCH v2 4/8] x86/vsyscall: Document odd SIGSEGV error code for vsyscalls Andy Lutomirski
2019-06-27 17:28   ` Kees Cook
2019-06-27 22:15   ` [tip:x86/entry] " tip-bot for Andy Lutomirski
2019-06-27  4:45 ` [PATCH v2 5/8] selftests/x86/vsyscall: Verify that vsyscall=none blocks execution Andy Lutomirski
2019-06-27 17:29   ` Kees Cook
2019-06-27 22:16   ` [tip:x86/entry] " tip-bot for Andy Lutomirski
2019-06-27  4:45 ` [PATCH v2 6/8] x86/vsyscall: Change the default vsyscall mode to xonly Andy Lutomirski
2019-06-27 17:30   ` Kees Cook
2019-06-27 22:16   ` [tip:x86/entry] " tip-bot for Andy Lutomirski
2019-06-27  4:45 ` [PATCH v2 7/8] x86/vsyscall: Add __ro_after_init to global variables Andy Lutomirski
2019-06-27 17:30   ` Kees Cook
2019-06-27 22:17   ` [tip:x86/entry] " tip-bot for Andy Lutomirski
2019-06-27  4:45 ` [PATCH v2 8/8] selftests/x86: Add a test for process_vm_readv() on the vsyscall page Andy Lutomirski
2019-06-27 17:30   ` Kees Cook
2019-06-27 22:18   ` [tip:x86/entry] " tip-bot for Andy Lutomirski

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.