| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 25 Jul 2014 17:53:32 +0200
From: Peter Zijlstra <peterz@...radead.org>
To: Andi Kleen <andi@...stfloor.org>
Cc: "Yan, Zheng" <zheng.z.yan@...el.com>, linux-kernel@...r.kernel.org,
mingo@...nel.org, acme@...radead.org, eranian@...gle.com
Subject: Re: [PATCH v3 6/9] perf, x86: handle multiple records in PEBS buffer
On Fri, Jul 25, 2014 at 05:04:45PM +0200, Andi Kleen wrote:
> > You can't.. the events might have different security context.
> >
> > Remember, the overflow bit is set from the overflow until the PEBS
> > event is generated, this is quite a long time. So if another PEBS event
> > gets generated while the other is still pending it will have both bits
> > set. Even though the second bit is for another (unrelated) counter.
>
> When an event is not allowed by some policy it should be disabled
> in global ctrl right? And disabling makes sure overflow is cleared,
> and PEBS will not report it.
>
> When it's not disabled it could happen any time and there
> is no isolation.
>
> Or is the concern that the PEBS buffer may not be flushed
> on event switch/disable and you see something stale? I believe it is
> flushed.
Suppose two pebs events, one has exclude_kernel set. It overflows,
before entering the kernel, the other event generates PEBS records from
inside the kernel with both events marked in the overflow field.
And only once we leave the kernel can the exclude_kernel event tick
again and trigger the assist, finalyl clearing the bit.
If you were to report the records to both events, one would get a lot of
kernel info he was not entitled to.
Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists