| Message ID | 25fd7036cefca16c68ecd990e05e05a8ad8fe8b2.1560198181.git.luto@kernel.org (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [1/5] x86/vsyscall: Remove the vsyscall=native documentation | expand |
On Mon, Jun 10, 2019 at 01:25:31PM -0700, Andy Lutomirski wrote: > The use case for full emulation over xonly is very esoteric. Let's > change the default to the safer xonly mode. Perhaps describe the esoteric cases here (and maybe in the Kconfig help text)? That should a user determine if they actually need it. (What would the failure under xonly look like for someone needing emulate?) -Kees > > Cc: Kees Cook <keescook@chromium.org> > Cc: Borislav Petkov <bp@alien8.de> > Cc: Kernel Hardening <kernel-hardening@lists.openwall.com> > Cc: Peter Zijlstra <peterz@infradead.org> > Cc: Thomas Gleixner <tglx@linutronix.de> > Signed-off-by: Andy Lutomirski <luto@kernel.org> > --- > arch/x86/Kconfig | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig > index 054033cc4b1b..e56f33e6b045 100644 > --- a/arch/x86/Kconfig > +++ b/arch/x86/Kconfig > @@ -2280,7 +2280,7 @@ config COMPAT_VDSO > choice > prompt "vsyscall table for legacy applications" > depends on X86_64 > - default LEGACY_VSYSCALL_EMULATE > + default LEGACY_VSYSCALL_XONLY > help > Legacy user code that does not know how to find the vDSO expects > to be able to issue three syscalls by calling fixed addresses in > -- > 2.21.0 >
On Mon, Jun 10, 2019 at 1:44 PM Kees Cook <keescook@chromium.org> wrote: > > On Mon, Jun 10, 2019 at 01:25:31PM -0700, Andy Lutomirski wrote: > > The use case for full emulation over xonly is very esoteric. Let's > > change the default to the safer xonly mode. > > Perhaps describe the esoteric cases here (and maybe in the Kconfig help > text)? That should a user determine if they actually need it. (What > would the failure under xonly look like for someone needing emulate?) I added it to the Kconfig text. Right now, the failure will just be a segfault. I could add some logic so that it would log "invalid read to vsyscall page -- fix your userspace or boot with vsyscall=emulate". Do you think that's important? --Andy
On Thu, Jun 13, 2019 at 12:14:50PM -0700, Andy Lutomirski wrote: > On Mon, Jun 10, 2019 at 1:44 PM Kees Cook <keescook@chromium.org> wrote: > > > > On Mon, Jun 10, 2019 at 01:25:31PM -0700, Andy Lutomirski wrote: > > > The use case for full emulation over xonly is very esoteric. Let's > > > change the default to the safer xonly mode. > > > > Perhaps describe the esoteric cases here (and maybe in the Kconfig help > > text)? That should a user determine if they actually need it. (What > > would the failure under xonly look like for someone needing emulate?) > > I added it to the Kconfig text. > > Right now, the failure will just be a segfault. I could add some > logic so that it would log "invalid read to vsyscall page -- fix your > userspace or boot with vsyscall=emulate". Do you think that's > important? I think it would be a friendly way to help anyone wondering why something suddenly started segfaulting, yeah. Just a pr_warn_once() or something (not a WARN() since it's "intentionally" reachable by userspace).
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 054033cc4b1b..e56f33e6b045 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2280,7 +2280,7 @@ config COMPAT_VDSO choice prompt "vsyscall table for legacy applications" depends on X86_64 - default LEGACY_VSYSCALL_EMULATE + default LEGACY_VSYSCALL_XONLY help Legacy user code that does not know how to find the vDSO expects to be able to issue three syscalls by calling fixed addresses in
The use case for full emulation over xonly is very esoteric. Let's change the default to the safer xonly mode. Cc: Kees Cook <keescook@chromium.org> Cc: Borislav Petkov <bp@alien8.de> Cc: Kernel Hardening <kernel-hardening@lists.openwall.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Andy Lutomirski <luto@kernel.org> --- arch/x86/Kconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)