From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Boris Ostrovsky <boris.ostrovsky@oracle.com>,
Andy Lutomirski <luto@kernel.org>, X86 ML <x86@kernel.org>,
Borislav Petkov <bp@alien8.de>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Cc: Peter Zijlstra <peterz@infradead.org>,
Steven Rostedt <rostedt@goodmis.org>,
"security@kernel.org" <security@kernel.org>,
"Sasha Levin" <sasha.levin@oracle.com>,
Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>,
Jan Beulich <jbeulich@suse.com>,
xen-devel <xen-devel@lists.xen.org>
Subject: Re: [PATCH v6 0/4] x86: modify_ldt improvement, test, and config option
Date: Fri, 31 Jul 2015 15:02:06 +0100 [thread overview]
Message-ID: <55BB7FDE.80709@citrix.com> (raw)
In-Reply-To: <55BB7BB8.5060903@oracle.com>
On 31/07/15 14:44, Boris Ostrovsky wrote:
> On 07/31/2015 05:10 AM, Andrew Cooper wrote:
>> On 30/07/15 22:31, Andy Lutomirski wrote:
>>> This is intended for x86/urgent. Sorry for taking so long, but it
>>> seemed nice to avoid breaking Xen.
>> Very much appreciated. Thanks!
>>
>>> This fixes the "dazed and confused" issue which was exposed by the
>>> CVE-2015-5157 fix. It's also probably a good general attack surface
>>> reduction, and it replaces some scary code with IMO less scary code.
>>>
>>> Also, servers and embedded systems should probably turn off modify_ldt.
>>> This makes that possible.
>>>
>>> Xen people, can you test patch 1? It works for me on my evil 32-bit
>>> Xen virtio setup.
>> So the LDT issue seems to have gone away, which is good.
>>
>> However, I did get this from my single vcpu guest test
>>
>> [OK] LDT entry 0 is invalid
>> [SKIP] Cannot set affinity to CPU 1
>> [RUN] Test exec
>> [ 3.638967] CPU 0 set the LDT
>> [OK] LDT entry 0 has AR 0x0040FA00 and limit 0x0000002A
>> [ 3.639380] ------------[ cut here ]------------
>> [ 3.639389] WARNING: CPU: 0 PID: 383 at
>> /local/linux-mainline.git/arch/x86/include/asm/mmu_context.h:96
>> flush_old_exec+0x7fd/0xb70()
>> [ 3.639397] DEBUG_LOCKS_WARN_ON(!irqs_disabled())
>
> You must be running v5 (or earlier). This is fixed in v6 --- it is now
> 'DEBUG_LOCKS_WARN_ON(preemptible());'
Hmm - I definitely have the correct code, but did a complete clean and
rebuild, and the issue went away. I presume I had something stale in
the build.
I am still seeing
[ 5.496264] WARNING: CPU: 0 PID: 389 at
/local/linux-mainline.git/kernel/locking/lockdep.c:2639
trace_hardirqs_off_caller+0xa9/0xb0()
[ 5.496272] DEBUG_LOCKS_WARN_ON(!irqs_disabled())
[ 5.496276] CPU: 0 PID: 389 Comm: ldt_gdt_32 Not tainted 4.2.0-rc4+ #21
But that looks incidental, and unrelated to these fixes.
~Andrew
prev parent reply other threads:[~2015-07-31 14:20 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-30 21:31 [PATCH v6 0/4] x86: modify_ldt improvement, test, and config option Andy Lutomirski
2015-07-30 21:31 ` [PATCH v6 1/4] x86/xen: Probe target addresses in set_aliased_prot before the hypercall Andy Lutomirski
2015-07-31 9:41 ` [Xen-devel] " David Vrabel
2015-07-31 13:56 ` [tip:x86/asm] x86/xen: Probe target addresses in set_aliased_prot () " tip-bot for Andy Lutomirski
2015-07-30 21:31 ` [PATCH v6 2/4] x86/ldt: Make modify_ldt synchronous Andy Lutomirski
2015-07-30 22:50 ` Andrew Cooper
2015-07-31 3:15 ` Andy Lutomirski
2015-07-31 13:56 ` [tip:x86/asm] " tip-bot for Andy Lutomirski
2015-07-30 21:31 ` [PATCH v6 3/4] selftests/x86, x86/ldt: Add a selftest for modify_ldt Andy Lutomirski
2015-07-31 13:57 ` [tip:x86/asm] selftests/x86, x86/ldt: Add a selftest for modify_ldt() tip-bot for Andy Lutomirski
2015-07-30 21:31 ` [PATCH v6 4/4] x86/ldt: Make modify_ldt optional Andy Lutomirski
2015-07-31 13:49 ` Ingo Molnar
2015-07-31 14:02 ` [tip:x86/asm] x86/ldt: Make modify_ldt() optional tip-bot for Andy Lutomirski
2015-07-31 9:10 ` [PATCH v6 0/4] x86: modify_ldt improvement, test, and config option Andrew Cooper
2015-07-31 13:44 ` Boris Ostrovsky
2015-07-31 14:02 ` Andrew Cooper [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55BB7FDE.80709@citrix.com \
--to=andrew.cooper3@citrix.com \
--cc=boris.ostrovsky@oracle.com \
--cc=bp@alien8.de \
--cc=jbeulich@suse.com \
--cc=konrad.wilk@oracle.com \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=peterz@infradead.org \
--cc=rostedt@goodmis.org \
--cc=sasha.levin@oracle.com \
--cc=security@kernel.org \
--cc=x86@kernel.org \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).