lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ada8wl0iro4.fsf@cisco.com>
Date:	Wed, 13 May 2009 15:06:35 -0700
From:	Roland Dreier <rdreier@...co.com>
To:	Jeff Garzik <jeff@...zik.org>
Cc:	Hitoshi Mitake <h.mitake@...il.com>, Ingo Molnar <mingo@...e.hu>,
	David Miller <davem@...emloft.net>,
	Linus Torvalds <torvalds@...ux-foundation.org>, hpa@...or.com,
	tglx@...utronix.de, rpjday@...shcourse.ca,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] x86: Remove readq()/writeq() on 32-bit


 > To repeat what has already been stated, each case was re-evaluated:
 > http://marc.info/?l=linux-kernel&m=124103527326835&w=2
 > 
 > Roland's patch was acked, apparently, _in spite of_ the commonly
 > accepted readq() definition already being in use!
 > 
 > Thusfar, I see two things:
 > 
 > (1) years of history has shown that non-atomic readq/writeq on 32-bit
 > platforms has been sufficient, based on testing and experience.  In
 > fact, in niu's case, a common readq/writeq would have PREVENTED a bug.

But the fact that the 32-bit x86 define would have worked for niu is
pure luck -- if the clear-on-read bits had been in the other half of the
register in question, then it would have caused a bug.  And I really
don't trust all ASIC designers writing RTL to think about which half of
a 64-bit register is going to be read first.

To me, the point is that the current situation of having the defines for
32-bit x86 has zero benefit -- not one driver-specific definition can be
removed, because there are other 32-bit architectures to worry about.
So we just added another copy of the compatibility wrapper, in a not
particularly good location -- we certainly don't want to have the same
defines copied into every 32-bit architecture's <asm/io.h> header.

And the risk introduced is not zero -- very few devices have 64-bit
registers and very few drivers use readq or writeq, but perhaps as
end-to-end 64-bit buses become more prevalent with PCIe, we may see
more.  And it's certainly the case that emulation 64-bit register
operations by doing to 32-bit operations on the register halves carries
a non-zero risk of making the hardware do something wacky.

So to me the it's pretty clear: the current situation has benefit == 0
&& risk > 0, so we should revert to the previous situation until someone
implements something more complete like hpa's opt-in header scheme.

 - R.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ