lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 11 Dec 2018 11:02:08 -0800
From:   Reinette Chatre <reinette.chatre@...el.com>
To:     Borislav Petkov <bp@...en8.de>
Cc:     tglx@...utronix.de, fenghua.yu@...el.com, tony.luck@...el.com,
        gavin.hindman@...el.com, jithu.joseph@...el.com, mingo@...hat.com,
        hpa@...or.com, x86@...nel.org, linux-kernel@...r.kernel.org,
        stable@...r.kernel.org
Subject: Re: [PATCH V2] x86/intel_rdt: Ensure usage of CPUs are locked while
 needed

Hi Boris,

On 12/11/2018 10:50 AM, Borislav Petkov wrote:
> On Tue, Dec 11, 2018 at 10:33:59AM -0800, Reinette Chatre wrote:
>> I am not sure that this is an issue when updating a schemata in the
>> general case. In the case when just CAT schemata (without
>> pseudo-locking) is updated then the cpu mask associated with the cache
>> instance is indeed used to determine which CPUs should have their
>> registers changed but only the current CPU is not checked for being
>> online, for the other CPUs smp_call_function_many() is used that
>> includes an online check.
> 
> Well, in your fix rdtgroup_schemata_write() disables hotplug for its
> whole duration and doesn't look at what schemata update is being done,
> right?

Correct.

I just wanted to emphasize that it is not the schemata writing that
needs to be protected, but instead the pseudo-locking code that runs
after schemata programming that needs to run on a particular CPU. The
new patch subject could be interpreted to mean the former ... but that
is starting to sound like nitpicking by me.

>> I had the same question in V1's notes to the maintainer :)
> 
> Whoops, and I read that... Sorry. :-\

Not a problem at all :)

>> My initial concern was the lack of IS_ERR checking. Understanding the
>> flow better now it seems to me that this is indeed not a bug now. The
>> reasoning is that an ERR_PTR is only returned when a negative id is
>> provided in the parameters to rdt_find_domain(). There are currently
>> only two places where a negative id could be provided to
>> rdt_find_domain(), domain_add_cpu() and domain_remove_cpu(), and both
>> locations test the return value using IS_ERR.
> 
> Right. I'll queue it for the normal merge window.

Thank you very much.

Reinette

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ