lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 08 Jun 2012 09:10:09 -0700
From:	"H. Peter Anvin" <hpa@...or.com>
To:	Steven Rostedt <rostedt@...dmis.org>
CC:	linux-kernel@...r.kernel.org, Ingo Molnar <mingo@...e.hu>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Thomas Gleixner <tglx@...utronix.de>
Subject: Re: [PATCH 2/3] x86: Remove cmpxchg from i386 NMI nesting code

On 06/08/2012 06:52 AM, Steven Rostedt wrote:
> From: Steven Rostedt <srostedt@...hat.com>
> 
> I've been informed by someone on LWN called 'slashdot' that
> some i386 machines do not support a true cmpxchg. The cmpxchg
> used by the i386 NMI nesting code must be a true cmpxchg as
> disabling interrupts will not work for NMIs (which is the work
> around for i386s that do not have a true cmpxchg).
> 
> This 'slashdot' character also suggested a fix to the issue.
> As the state of the nesting NMIs goes as follows:
> 
>   NOT_RUNNING -> EXECUTING
>   EXECUTING   -> NOT_RUNNING
>   EXECUTING   -> LATCHED
>   LATCHED     -> EXECUTING
> 
> Having these states as enum values of:
> 
>   NOT_RUNNING = 0
>   EXECUTING   = 1
>   LATCHED     = 2
> 
> Instead of a cmpxchg to make EXECUTING -> NOT_RUNNING a
> dec_and_test() would work as well. If the dec_and_test brings
> the state to NOT_RUNNING, that is the same as a cmpxchg
> succeeding to change EXECUTING to NOT_RUNNING. If a nested NMI
> were to come in and change it to LATCHED, the dec_and_test() would
> convert the state to EXECUTING (what we want it to be in such a
> case anyway).
> 
> I asked 'slashdot' to post this as a patch, but it never came to
> be. I decided to do the work instead.
> 
> Link: http://lwn.net/Articles/484932/

Okay, slight interrupt here.

The cost of this on real hardware better be zero (which I cannot
immediately judge.)

Why?  Because cmpxchg has been in every CPU since the i486, the i386 is
royally crippled on Linux anyway (due to minor architectural defects,
the main one being the write protect issue) and NMI is almost never used
on i386 as anything other than a fatal error indication.

Most "real" NMI users generate the NMI from the local APIC, but the i386
has no local APIC, and unlike the i486 cannot even have an external
local APIC to the best of my knowledge.

	-hpa

-- 
H. Peter Anvin, Intel Open Source Technology Center
I work for Intel.  I don't speak on their behalf.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ