Re: [PATCH 05/11] x86/fpu: set PKRU state for kernel threads

From: Dave Hansen
Date: Thu Oct 18 2018 - 16:56:28 EST

Next message: David Howells: "Re: [PATCH 03/34] teach move_mount(2) to work with OPEN_TREE_CLONE [ver #12]"
Previous message: Richard Weinberger: "[PATCH v2] ubd: remove use of blk_rq_map_sg"
In reply to: Andy Lutomirski: "Re: [PATCH 05/11] x86/fpu: set PKRU state for kernel threads"
Next in thread: Sebastian Andrzej Siewior: "Re: [PATCH 05/11] x86/fpu: set PKRU state for kernel threads"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 10/18/2018 01:46 PM, Andy Lutomirski wrote:
> Setting it to allow-all/none would let the operation always fail or
> succeed which might be an improvement in terms of debugging. However it
> is hard to judge what the correct behaviour should be. Should fail or
> succeed.

Succeed. :)

> But this is not the only loophole: There is ptrace interface which is
> used by gdb (just checked) and also bypasses PKRU. Soâ

Bypassing protection keys is not a big deal IMNHO. In places where a
sane one is not readily available, I'm totally fine with just
effectively disabling it (PKRU=0) for the length of time it isn't available.

Next message: David Howells: "Re: [PATCH 03/34] teach move_mount(2) to work with OPEN_TREE_CLONE [ver #12]"
Previous message: Richard Weinberger: "[PATCH v2] ubd: remove use of blk_rq_map_sg"
In reply to: Andy Lutomirski: "Re: [PATCH 05/11] x86/fpu: set PKRU state for kernel threads"
Next in thread: Sebastian Andrzej Siewior: "Re: [PATCH 05/11] x86/fpu: set PKRU state for kernel threads"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]