lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 11 Aug 2008 17:42:21 -0700
From:	"H. Peter Anvin" <hpa@...or.com>
To:	Herbert Xu <herbert@...dor.apana.org.au>
CC:	Suresh Siddha <suresh.b.siddha@...el.com>,
	Ingo Molnar <mingo@...e.hu>,
	Wolfgang Walter <wolfgang.walter@...m.de>,
	"netdev@...r.kernel.org" <netdev@...r.kernel.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"viro@...IV.linux.org.uk" <viro@...iv.linux.org.uk>,
	"vegard.nossum@...il.com" <vegard.nossum@...il.com>,
	Thomas Gleixner <tglx@...utronix.de>
Subject: Re: Kernel oops with 2.6.26, padlock and ipsec: probably problem
 with fpu state changes

Herbert Xu wrote:
> On Mon, Aug 11, 2008 at 01:19:01PM -0700, Suresh Siddha wrote:
> .
>> we can't unconditionally do clts() in the process context. We have
>> to disable pre-emption to avoid interactions with context switch and
>> lazy restore. So there will be RT latency issues aswell.
> 
> Yes disabling preemption is the real killer.
> 
> This is just a quick band-aid.  Longer term we should add a task
> flag that indicates the task is currently doing kernel FPU which
> will tell the scheduler to clear TS the next time it's run.  That
> way we won't need to disable preemtion or pollute the user task's
> FPU used state.

That's not sufficient, though, because you have to track all the state 
and how it relates to everything.  You now have to track both the 
userspace FPU state and the potential kernel FPU state.  The VIA 
instructions are special (in the short bus to school sense) in that they 
use a mechanism intended to protect specific state to protect -- exactly 
nothing.

	-hpa
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ