On Wed, Nov 21, 2018 at 12:07 PM Dave Hansen wrote:
>
> Repurposing dumpable is really screwy and surely imprecise, but it
> really is the closest thing that we have without the new ABI.
But we *have* a new ABI.
So that's not a valid argument.
It's more like "this other thing that some other
On Wed, Nov 21, 2018 at 12:07 PM Dave Hansen wrote:
>
> Repurposing dumpable is really screwy and surely imprecise, but it
> really is the closest thing that we have without the new ABI.
But we *have* a new ABI.
So that's not a valid argument.
It's more like "this other thing that some other
On 11/20/18 5:27 PM, Linus Torvalds wrote:
> Also, "dumpable" in general is pretty oddly defined to be used for this.
>
> The same (privileged) process can be dumpable or not depending on how
> it was started (ie if it was started by a regular user and became
> trusted through suid, it's not
On 11/20/18 5:27 PM, Linus Torvalds wrote:
> Also, "dumpable" in general is pretty oddly defined to be used for this.
>
> The same (privileged) process can be dumpable or not depending on how
> it was started (ie if it was started by a regular user and became
> trusted through suid, it's not
On Wed, Nov 21, 2018 at 9:41 AM Tim Chen wrote:
>
> When STIBP is on, it will prevent not only untrusted code from attacking,
> but also trusted code from getting attacked. So non-dumpable task running
> with STIBP will protect itself from attacks from code running on sibling CPU.
I understand.
On Wed, Nov 21, 2018 at 9:41 AM Tim Chen wrote:
>
> When STIBP is on, it will prevent not only untrusted code from attacking,
> but also trusted code from getting attacked. So non-dumpable task running
> with STIBP will protect itself from attacks from code running on sibling CPU.
I understand.
On 11/20/2018 05:27 PM, Linus Torvalds wrote:
> On Tue, Nov 20, 2018 at 4:33 PM Tim Chen wrote:
>>
>> Implements arch_update_spec_restriction() for x86. Use STIBP to
>> restrict speculative execution when running a task set to non-dumpable,
>> or clear the restriction if the task is set to
On 11/20/2018 05:27 PM, Linus Torvalds wrote:
> On Tue, Nov 20, 2018 at 4:33 PM Tim Chen wrote:
>>
>> Implements arch_update_spec_restriction() for x86. Use STIBP to
>> restrict speculative execution when running a task set to non-dumpable,
>> or clear the restriction if the task is set to
On Tue, 20 Nov 2018, Linus Torvalds wrote:
> > Implements arch_update_spec_restriction() for x86. Use STIBP to
> > restrict speculative execution when running a task set to non-dumpable,
> > or clear the restriction if the task is set to dumpable.
>
> I don't think this necessarily makes sense.
On Tue, 20 Nov 2018, Linus Torvalds wrote:
> > Implements arch_update_spec_restriction() for x86. Use STIBP to
> > restrict speculative execution when running a task set to non-dumpable,
> > or clear the restriction if the task is set to dumpable.
>
> I don't think this necessarily makes sense.
On Tue, Nov 20, 2018 at 4:33 PM Tim Chen wrote:
>
> Implements arch_update_spec_restriction() for x86. Use STIBP to
> restrict speculative execution when running a task set to non-dumpable,
> or clear the restriction if the task is set to dumpable.
I don't think this necessarily makes sense.
On Tue, Nov 20, 2018 at 4:33 PM Tim Chen wrote:
>
> Implements arch_update_spec_restriction() for x86. Use STIBP to
> restrict speculative execution when running a task set to non-dumpable,
> or clear the restriction if the task is set to dumpable.
I don't think this necessarily makes sense.
When a task changes its dumpability, arch_update_spec_ctrl_restriction()
is called to place restriction on the task's speculative execution
according to dumpability changes.
Implements arch_update_spec_restriction() for x86. Use STIBP to
restrict speculative execution when running a task set to
When a task changes its dumpability, arch_update_spec_ctrl_restriction()
is called to place restriction on the task's speculative execution
according to dumpability changes.
Implements arch_update_spec_restriction() for x86. Use STIBP to
restrict speculative execution when running a task set to
14 matches
Mail list logo