lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 15 Feb 2018 19:53:36 +0000
From:   Andy Lutomirski <luto@...nel.org>
To:     Nadav Amit <namit@...are.com>
Cc:     Ingo Molnar <mingo@...hat.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Andy Lutomirski <luto@...nel.org>,
        Peter Zijlstra <peterz@...radead.org>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        Willy Tarreau <w@....eu>, Nadav Amit <nadav.amit@...il.com>,
        X86 ML <x86@...nel.org>, LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH RFC v2 5/6] x86: Use global pages when PTI is disabled

On Thu, Feb 15, 2018 at 4:36 PM, Nadav Amit <namit@...are.com> wrote:
> As long as PTI is disabled, it is possible to use global pages, as long
> as we remove them once PTI is enabled again. To do so, return the global
> bit to __supported_pte_mask and disable global pages using CR4.
>
> Signed-off-by: Nadav Amit <namit@...are.com>
> ---
>  arch/x86/include/asm/tlbflush.h |  6 ++++++
>  arch/x86/mm/init.c              | 14 ++++++--------
>  arch/x86/mm/tlb.c               |  3 ++-
>  3 files changed, 14 insertions(+), 9 deletions(-)
>
> diff --git a/arch/x86/include/asm/tlbflush.h b/arch/x86/include/asm/tlbflush.h
> index ea65cf951c49..3a44cb0a9f56 100644
> --- a/arch/x86/include/asm/tlbflush.h
> +++ b/arch/x86/include/asm/tlbflush.h
> @@ -319,6 +319,12 @@ static inline void set_cpu_pti_disable(unsigned short disable)
>         WARN_ON_ONCE(preemptible());
>
>         pti_update_user_cs64(cpu_pti_disable(), disable);
> +       if (__supported_pte_mask & _PAGE_GLOBAL) {
> +               if (disable)
> +                       cr4_set_bits(X86_CR4_PGE);
> +               else
> +                       cr4_clear_bits(X86_CR4_PGE);
> +       }

This will be *extremely* slow, and I don't see the point at all.  What
are you accomplishing here?

At best, you might gain something by adjusting the page table entries
to get globalness back, but I see no reason to fiddle with CR4.  Also,
if you do any of this at all and you run on K8, you're at risk of
getting machine checks unless you're very careful to get the
invalidation right.

I would just drop this patch, personally.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ