From: Andy Lutomirski <luto@kernel.org>
To: Dave Hansen <dave.hansen@intel.com>
Cc: Andy Lutomirski <luto@kernel.org>,
Mike Rapoport <rppt@kernel.org>,
LKML <linux-kernel@vger.kernel.org>,
Alan Cox <alan@linux.intel.com>,
Andrew Morton <akpm@linux-foundation.org>,
Christopher Lameter <cl@linux.com>,
Dave Hansen <dave.hansen@linux.intel.com>,
James Bottomley <jejb@linux.ibm.com>,
"Kirill A. Shutemov" <kirill@shutemov.name>,
Matthew Wilcox <willy@infradead.org>,
Peter Zijlstra <peterz@infradead.org>,
"Reshetova, Elena" <elena.reshetova@intel.com>,
Thomas Gleixner <tglx@linutronix.de>,
Tycho Andersen <tycho@tycho.ws>,
Linux API <linux-api@vger.kernel.org>,
Linux-MM <linux-mm@kvack.org>
Subject: Re: [RFC PATCH] mm: extend memfd with ability to create "secret" memory areas
Date: Wed, 26 Aug 2020 09:54:57 -0700 [thread overview]
Message-ID: <CALCETrUwO_y_b=kazRjen-de50r9b9TVXUXz_WT_hD3d3tTWxQ@mail.gmail.com> (raw)
In-Reply-To: <6e020a65-b516-9407-228f-2a3a32947ab9@intel.com>
On Fri, Aug 14, 2020 at 11:09 AM Dave Hansen <dave.hansen@intel.com> wrote:
>
> On 8/14/20 10:46 AM, Andy Lutomirski wrote:
> > I'm a little unconvinced about the security benefits. As far as I
> > know, UC memory will not end up in cache by any means (unless
> > aliased), but it's going to be tough to do much with UC data with
> > anything resembling reasonable performance without derived values
> > getting cached.
>
> I think this is much more in the category of raising the bar than
> providing any absolute security guarantees.
The problem here is that we're raising the bar in a way that is
weirdly architecture dependent, *extremely* nonperformant, and may not
even accomplish what it's trying to accomplish.
>
> Let's say you have a secret and you read it into some registers and then
> spill them on the stack. You've got two cached copies, one for the
> primary data and another for the stack copy. Secret areas don't get rid
> of the stack copy, but they do get rid of the other one. One cache copy
> is better than two. Bar raised. :)
If we have two bars right next to each other and we raise one of them,
did we really accomplish much? I admit that having a secret in its
own dedicated cache line seems like an easier target than a secret in
a cache line that may be quickly overwritten by something else. But
even user registers right now aren't specially protected -- pt_regs
lives is cached and probably has a predictable location, especially if
you execve() a setuid program.
>
> There are also some stronger protections, less in the bar-raising
> category. On x86 at least, uncached accesses also crush speculation.
> You can't, for instance, speculatively get wrong values if you're not
> speculating in the first place. I was thinking of things like Load
> Value Injection[1].
This seems genuinely useful, but it doesn't really address the fact
that requesting UC memory via PAT apparently has a good chance of
getting WB anyway.
>
> I _believe_ there are also things like AES-NI that can get strong
> protection from stuff like this. They load encryption keys into (AVX)
> registers and then can do encrypt/decrypt operations without the keys
> leaving the registers. If the key was loaded from a secret memory area
> right into the registers, I think the protection from cache attacks
> would be pretty strong.
>
Except for context switches :)
>
> 1.
> https://software.intel.com/security-software-guidance/insights/deep-dive-load-value-injection
next prev parent reply other threads:[~2020-08-26 16:55 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-01-30 16:23 [RFC PATCH] mm: extend memfd with ability to create "secret" memory areas Mike Rapoport
2020-02-06 18:51 ` Dave Hansen
2020-02-08 17:39 ` Mike Rapoport
2020-02-10 8:06 ` Reshetova, Elena
2020-02-11 19:52 ` Edgecombe, Rick P
2020-02-12 21:10 ` Jonathan Corbet
2020-02-16 6:46 ` Mike Rapoport
2020-08-14 17:46 ` Andy Lutomirski
2020-08-14 18:09 ` Dave Hansen
2020-08-26 16:54 ` Andy Lutomirski [this message]
2020-08-26 19:01 ` Florian Weimer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CALCETrUwO_y_b=kazRjen-de50r9b9TVXUXz_WT_hD3d3tTWxQ@mail.gmail.com' \
--to=luto@kernel.org \
--cc=akpm@linux-foundation.org \
--cc=alan@linux.intel.com \
--cc=cl@linux.com \
--cc=dave.hansen@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=elena.reshetova@intel.com \
--cc=jejb@linux.ibm.com \
--cc=kirill@shutemov.name \
--cc=linux-api@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=peterz@infradead.org \
--cc=rppt@kernel.org \
--cc=tglx@linutronix.de \
--cc=tycho@tycho.ws \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).