lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 01 Feb 2017 12:18:32 -0500 (EST)
From:   David Miller <davem@...emloft.net>
To:     khalid.aziz@...cle.com
Cc:     corbet@....net, viro@...iv.linux.org.uk, nitin.m.gupta@...cle.com,
        mike.kravetz@...cle.com, akpm@...ux-foundation.org,
        mingo@...nel.org, kirill.shutemov@...ux.intel.com,
        adam.buchbinder@...il.com, hughd@...gle.com, minchan@...nel.org,
        keescook@...omium.org, chris.hyser@...cle.com,
        atish.patra@...cle.com, cmetcalf@...lanox.com, atomlin@...hat.com,
        jslaby@...e.cz, joe@...ches.com, paul.gortmaker@...driver.com,
        mhocko@...e.com, lstoakes@...il.com, jack@...e.cz,
        dave.hansen@...ux.intel.com, vbabka@...e.cz,
        dan.j.williams@...el.com, iamjoonsoo.kim@....com,
        linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org,
        sparclinux@...r.kernel.org, linux-mm@...ck.org,
        khalid@...ehiking.org
Subject: Re: [PATCH v5 4/4] sparc64: Add support for ADI (Application Data
 Integrity)

From: Khalid Aziz <khalid.aziz@...cle.com>
Date: Tue, 31 Jan 2017 16:38:49 -0700

> Thanks for the feedback. This is very helpful. I checked and it indeed
> can cost 50+ cycles even on M7 processor for PSTATE accesses.

Consider how many bytes can be copied in 50+ cycles :-)

>> On etrap, you change ESTATE_PSTATE{1,2} to have the MCDE bit enabled.
>> Then the kernel always runs with ADI enabled.
> 
> Running the kernel with PSTATE.mcde=1 can possibly be problematic as
> we had discussed earlier in this thread where keeping PSTATE.mcde
> enabled might mean kernel having to keep track of which pages still
> have tags set on them or flush tags on every page on free. I will go
> through the code again to see if it PSTATE.mcde can be turned on in
> kernel all the time, which might be the case if we can ensure kernel
> accesses pages with TTE.mcd cleared.

If we can clear the tags properly on page release when the page was
used for ADI, it can work.

One way would be to track the state in the page struct somehow, and
in arch_alloc_page() clear the tags if necessary.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ