lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4957CE78.6030706@redhat.com>
Date:	Sun, 28 Dec 2008 21:07:36 +0200
From:	Avi Kivity <avi@...hat.com>
To:	Andi Kleen <andi@...stfloor.org>, Ingo Molnar <mingo@...e.hu>
CC:	x86@...nel.org, linux-kernel <linux-kernel@...r.kernel.org>,
	KVM list <kvm@...r.kernel.org>
Subject: Re: [PATCH 0/3] Remove interrupt stack table usage from x86_64 kernel

Andi Kleen wrote:
> On Sun, Dec 28, 2008 at 04:09:26PM +0200, Avi Kivity wrote:
>   
>> I don't see how syscall could work on i386, and indeed:
>>     
>
> i386 has task gates which support unconditional stack switching. But there 
> are no 64bit task gates, just ISTs.
>
>   

i386 is not that interesting to me (and probably task switching couldn't 
be made to work well with guest state in TR).

> BTW I think there are more similar problems in your patch too.
>   

One fatal problem is enough -- I don't thing that patch can be made to 
work.  Pity since it did clean up some stuff.

I would like however to speed up kvm.  Here's a plan:

1. Add per-cpu IDT
2. When switching to the guest TR (and other state), switch off IST use 
in the current IDT
3. When switching away from the kvm task, restore the IST entries

per-cpu IDT would cost around 4K per cpu.  I propose to make it 
kconfigurable, and have kvm select it.

Ingo, does this sound workable?  It increases complexity rather than 
decreasing it as the previous solution, but I don't see any way to drop 
the use of IST as SYSCALL cannot work without IST if NMIs are enabled.

-- 
I have a truly marvellous patch that fixes the bug which this
signature is too narrow to contain.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ