| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 29 Apr 2014 17:41:58 +0200 From: Vojtech Pavlik <vojtech@...e.cz> To: Jiri Kosina <jkosina@...e.cz> Cc: Steven Rostedt <rostedt@...dmis.org>, "H. Peter Anvin" <hpa@...ux.intel.com>, Linus Torvalds <torvalds@...ux-foundation.org>, linux-kernel@...r.kernel.org, x86@...nel.org, Salman Qazi <sqazi@...gle.com>, Ingo Molnar <mingo@...e.hu>, Michal Hocko <mhocko@...e.cz>, Borislav Petkov <bp@...en8.de>, Petr Tesarik <ptesarik@...e.cz>, Petr Mladek <pmladek@...e.cz> Subject: Re: 64bit x86: NMI nesting still buggy? On Tue, Apr 29, 2014 at 05:24:32PM +0200, Jiri Kosina wrote: > On Tue, 29 Apr 2014, Steven Rostedt wrote: > > > > According to 38.4 of [1], when SMM mode is entered while the CPU is > > > handling NMI, the end result might be that upon exit from SMM, NMIs will > > > be re-enabled and latched NMI delivered as nested [2]. > > > > Note, if this were true, then the x86_64 hardware would be extremely > > buggy. That's because NMIs are not made to be nested. If SMM's come in > > during an NMI and re-enables the NMI, then *all* software would break. > > That would basically make NMIs useless. > > > > The only time I've ever witness problems (and I stress NMIs all the > > time), is when the NMI itself does a fault. Which my patch set handles > > properly. > > Yes, it indeed does. > > In the scenario I have outlined, the race window is extremely small, plus > NMIs don't happen that often, plus SMIs don't happen that often, plus > (hopefully) many BIOSes don't enable NMIs upon SMM exit. > > The problem is, that Intel documentation is clear in this respect, and > explicitly states it can happen. And we are violating that, which makes me > rather nervous -- it'd be very nice to know what is the background of 38.4 > section text in the Intel docs. If we cannot disable IST for NMI on x86_64, because it'd break SYSCALL, and thus cannot handle this situation well, then we should at least try to detect it post-factum. In the NMI handler, after ascertaining that the first NMI is executing (in_nmi not yet set) we check the return address stored on the stack. If it points anywhere inside the NMI handler (in reality only in the space between the NMI handler start and the check), a SMI-triggered nested NMI has happened. Then we should be able to at least report it before dying. If it doesn't ever happen: Great, this wasn't a real concern. If it does, we can pester BIOS vendors. -- Vojtech Pavlik Director SuSE Labs -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists