lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 17 Mar 2009 08:49:28 -0700
From:	Arjan van de Ven <arjan@...radead.org>
To:	Andi Kleen <andi@...stfloor.org>
Cc:	"H. Peter Anvin" <hpa@...or.com>, Andi Kleen <andi@...stfloor.org>,
	Jan Beulich <jbeulich@...ell.com>,
	Jeremy Fitzhardinge <jeremy.fitzhardinge@...rix.com>,
	Jeremy Fitzhardinge <jeremy@...p.org>,
	the arch/x86 maintainers <x86@...nel.org>,
	Xen-devel <xen-devel@...ts.xensource.com>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [Xen-devel] [PATCH 10/24] xen: mask XSAVE from cpuid

On Tue, 17 Mar 2009 12:56:21 +0100
Andi Kleen <andi@...stfloor.org> wrote:

> > The point is YOU DON'T KNOW.  In particular, there might be new
> > traps, there might be new state, there might be new MSRs, there
> > might be new control bits... anything.  Therefore, you cannot
> > blindly pass the bit on, even though XSAVE solves one part of the
> > problem.
> 
> I think what will happen if you don't expose it is that there will
> be always hypervisors which are behind and applications/OS will end up
> doing probing for opcodes instead of trusting CPUID bits.
> 
> Probably not what you intended.
> 

well the choice fundamentally is
1) Have correct applications work, even though you might not always get
   all new features that the hardware could have done.. at the expense
   that someone who wants to do horrible things can
2) Have all latest features always there, but break correctly written
   apps/oses every 2 years.

I'd go for option 1 any day of the week, hands down.
Esp if the "cpu cloaking" kind of things really disable the
instructions... but even without.

-- 
Arjan van de Ven 	Intel Open Source Technology Centre
For development, discussion and tips for power savings, 
visit http://www.lesswatts.org
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ