From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=TVmj=DA=lists.infradead.org=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-6.5 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH,
	DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,
	SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_SANE_1 autolearn=no
	autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 58D84C2D0A8
	for <linux-arm-kernel@archiver.kernel.org>; Wed, 23 Sep 2020 08:43:54 +0000 (UTC)
Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 0CAEF221F0
	for <linux-arm-kernel@archiver.kernel.org>; Wed, 23 Sep 2020 08:43:53 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="FwVnYuK5"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 0CAEF221F0
Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=ucw.cz
Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Type:Cc:
	List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:
	In-Reply-To:MIME-Version:References:Message-ID:Subject:To:From:Date:Reply-To:
	Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:
	Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner;
	 bh=xrxfTBKLvEnMy5dgDDoTXVUni+dUP/Jgx21Epr7RXiM=; b=FwVnYuK5gY0ggbmnAFR751eTu
	bHFGivQpSD4BbHmiLgsOS6wcLu20Ukh3BUz4VWt+8L0dEBw9lePwBn7dxTI/8DeqDa8uNgXrPIhXt
	aTKHMJnQ9NwJaV4PsHNvWiNeR/CVa+rUt/bZc1yTFmzwW6u2oSQIu/5QJNoyBcAs1E/Jvgh/J+v3Q
	0zb4nNsl3Ah5j+i3ID1NyTIY4/f2YRe06jmXbwslsSLPevIysagjjefUwrkJF5JrcG0hSbS4gSKt8
	2GcbWkU+hHiZr0bqeOXGqiKBEGGfBkxt6TEomvo1r0KFdY2I6gnag2RiVEC5BOpbBOwcgjHb+3VgU
	s2v5/2ciw==;
Received: from localhost ([::1] helo=merlin.infradead.org)
	by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux))
	id 1kL0MH-0007NS-Ac; Wed, 23 Sep 2020 08:42:37 +0000
Received: from jabberwock.ucw.cz ([46.255.230.98])
 by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux))
 id 1kL0MF-0007Ma-7m
 for linux-arm-kernel@lists.infradead.org; Wed, 23 Sep 2020 08:42:36 +0000
Received: by jabberwock.ucw.cz (Postfix, from userid 1017)
 id 59AD61C0BB1; Wed, 23 Sep 2020 10:42:33 +0200 (CEST)
Date: Wed, 23 Sep 2020 10:42:32 +0200
From: Pavel Machek <pavel@ucw.cz>
To: madvenka@linux.microsoft.com
Subject: Re: [PATCH v2 0/4] [RFC] Implement Trampoline File Descriptor
Message-ID: <20200923084232.GB30279@amd>
References: <210d7cd762d5307c2aa1676705b392bd445f1baa>
 <20200922215326.4603-1-madvenka@linux.microsoft.com>
MIME-Version: 1.0
In-Reply-To: <20200922215326.4603-1-madvenka@linux.microsoft.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20200923_044235_410266_EA2F2CB4 
X-CRM114-Status: GOOD (  15.24  )
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: <http://lists.infradead.org/mailman/options/linux-arm-kernel>, 
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>, 
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Cc: fweimer@redhat.com, mark.rutland@arm.com,
 kernel-hardening@lists.openwall.com, linux-api@vger.kernel.org, x86@kernel.org,
 linux-kernel@vger.kernel.org, oleg@redhat.com, mic@digikod.net,
 linux-security-module@vger.kernel.org, David.Laight@ACULAB.COM,
 luto@kernel.org, linux-fsdevel@vger.kernel.org,
 linux-integrity@vger.kernel.org, linux-arm-kernel@lists.infradead.org
Content-Type: multipart/mixed; boundary="===============7390256282314184093=="
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org


--===============7390256282314184093==
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="zx4FCpZtqtKETZ7O"
Content-Disposition: inline


--zx4FCpZtqtKETZ7O
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hi!

> Solution proposed in this RFC
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D
>=20
> >From this RFC's perspective, there are two scenarios for dynamic code:
>=20
> Scenario 1
> ----------
>=20
> We know what code we need only at runtime. For instance, JIT code generat=
ed
> for frequently executed Java methods. Only at runtime do we know what
> methods need to be JIT compiled. Such code cannot be statically defined. =
It
> has to be generated at runtime.
>=20
> Scenario 2
> ----------
>=20
> We know what code we need in advance. User trampolines are a good example=
 of
> this. It is possible to define such code statically with some help from t=
he
> kernel.
>=20
> This RFC addresses (2). (1) needs a general purpose trusted code generator
> and is out of scope for this RFC.

This is slightly less crazy talk than introduction talking about holes
in W^X. But it is very, very far from normal Unix system, where you
have selection of interpretters to run your malware on (sh, python,
awk, emacs, ...) and often you can even compile malware from sources.=20

And as you noted, we don't have "a general purpose trusted code
generator" for our systems.

I believe you should simply delete confusing "introduction" and
provide details of super-secure system where your patches would be
useful, instead.

Best regards,
									Pavel
--=20
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blo=
g.html

--zx4FCpZtqtKETZ7O
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEARECAAYFAl9rCngACgkQMOfwapXb+vKeqgCgpVQMutlRE7F/wzcDjcBTlXwI
RbAAnjRDzunOtf0iSPKO6rIM9FPy6+JQ
=wVZX
-----END PGP SIGNATURE-----

--zx4FCpZtqtKETZ7O--


--===============7390256282314184093==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

--===============7390256282314184093==--