Re: [PATCH 00/11 v3] x86: load FPU registers on return to userland

From: Sebastian Andrzej Siewior
Date: Fri Oct 05 2018 - 07:55:21 EST

Next message: Michael Ellerman: "Re: linux-next: build failure after merge of the akpm tree"
Previous message: Sakari Ailus: "Re: [PATCH v7 2/2] [media] imx214: Add imx214 camera sensor driver"
In reply to: Andy Lutomirski: "Re: [PATCH 00/11 v3] x86: load FPU registers on return to userland"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2018-10-04 12:45:08 [-0400], Rik van Riel wrote:
> Wait, so any thread can bypass its memory protection
> keys, even if there is a seccomp filter preventing
> it from calling the PKRU syscalls?

We have SYS_pkey_alloc +free and SYS_pkey_mprotect. For read/ write of
the register value, libc is using and opcodes.

> Is that intended?

Either that or it ended like that because someone failed to attend a
meeting where this was discussed. Here is something from pkeys(7):

| Protection keys have the potential to add a layer of security and
| reliability to applications. But they have not been primarily designed as a
| security feature. For instance, WRPKRU is a completely unprivileged
| instruction, so pkeys are useless in any case that an attacker controls the
| PKRU register or can execute arbitrary instructions.

Sebastian

Next message: Michael Ellerman: "Re: linux-next: build failure after merge of the akpm tree"
Previous message: Sakari Ailus: "Re: [PATCH v7 2/2] [media] imx214: Add imx214 camera sensor driver"
In reply to: Andy Lutomirski: "Re: [PATCH 00/11 v3] x86: load FPU registers on return to userland"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]