lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sat, 28 Mar 2015 10:39:16 +0100
From:	Ingo Molnar <mingo@...nel.org>
To:	Linus Torvalds <torvalds@...ux-foundation.org>
Cc:	Brian Gerst <brgerst@...il.com>,
	Andy Lutomirski <luto@...capital.net>,
	Denys Vlasenko <dvlasenk@...hat.com>,
	Borislav Petkov <bp@...en8.de>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	X86 ML <x86@...nel.org>
Subject: Re: ia32_sysenter_target does not preserve EFLAGS


* Linus Torvalds <torvalds@...ux-foundation.org> wrote:

> On Fri, Mar 27, 2015 at 1:53 PM, Brian Gerst <brgerst@...il.com> wrote:
> >> <-- IRQ.  Boom
> >
> > The sti will delay interrupts for one instruction, and that should include NMIs.
> 
> Nope. Intel explicitly documents the NMI case only for mov->ss and popss.
> 
> > The Intel SDM states for STI:
> > "The IF flag and the STI and CLI instructions do not prohibit the
> > generation of exceptions and NMI interrupts. NMI
> > interrupts (and SMIs) may be blocked for one macroinstruction following an STI."
> 
> Note the *may*. For movss and popss the software developer guide 
> explicitly says that NMI's are also blocked.
> 
> For plain sti, it seems to be dependent on microarchitecture.

Well, how about 'STI+HLT' aka safe_halt()?

If an NMI is allowed after that STI then we might lose wakeups, or in 
extreme cases (with full-dynticks) might lock up for a long time until 
the next irq comes, even with runnable tasks around?

Arguably that's a race condition that is not very easy to notice on a 
typical system.

Random hypothesis: maybe Intel just messed up their STI shadow in a 
single (possibly ancient) microarchitecture in some rare situations 
and figured it could fix it cheaply via updating the documentation to 
match the breakage, not via actually fixing the CPU?

Might be useful if someone from Intel could chime in.

Thanks,

	Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ