lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CALCETrUDFihHXE0EjpbF4Zu_hsm+WwH+Rie3zf9PGJVSQGRAXQ@mail.gmail.com>
Date:	Fri, 21 Aug 2015 07:39:38 -0700
From:	Andy Lutomirski <luto@...capital.net>
To:	Ingo Molnar <mingo@...nel.org>
Cc:	Andy Lutomirski <luto@...nel.org>, X86 ML <x86@...nel.org>,
	Sasha Levin <sasha.levin@...cle.com>,
	Brian Gerst <brgerst@...il.com>,
	Frédéric Weisbecker <fweisbec@...il.com>,
	Denys Vlasenko <dvlasenk@...hat.com>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	Oleg Nesterov <oleg@...hat.com>,
	Borislav Petkov <bp@...en8.de>,
	Thomas Gleixner <tglx@...utronix.de>
Subject: Re: [PATCH] x86/traps: Weaken context tracking entry assertions

On Thu, Aug 20, 2015 at 11:23 PM, Ingo Molnar <mingo@...nel.org> wrote:
>
> * Andy Lutomirski <luto@...nel.org> wrote:
>
>> We were asserting that we were all the way in CONTEXT_KERNEL when exception
>> handlers were called.  While having this be true is, I think, a nice goal (or
>> maybe a variant in which we assert that we're in CONTEXT_KERNEL or some new IRQ
>> context), we're not quite there.
>>
>> In particular, if an IRQ interrupts the SYSCALL prologue and the IRQ handler in
>> turn causes an exception, the exception entry will be called in RCU IRQ mode but
>> with CONTEXT_USER.
>
> Hm, so what harm would there be in making IRQ handlers enter CONTEXT_KERNEL?
> Would nohz-full break?
>

We already do it for IRQs that hit user mode.  We don't do it for IRQs
that hit kernel mode because we don't need it yet (with this patch
applied) and because IMO we have no business taking IRQs from kernel
mode while in CONTEXT_USER.

I want to fix the latter in 4.4.  It's easy for native entries (it's
exactly the entry_64.S part of the other patch I sent), but it's
currently a big mess for compat entries because of the uaccess for
arg6, and I got that totally wrong in my patch.  Rather than further
complicating the asm, I think I want to try moving all of the compat
entries into C for 4.4.  I ran out of time to do it for 4.3.

Also, Rik said awhile ago that *huge* context tracking speedups would
become possible if we promised to stop calling the context tracking
hooks with IRQs on.  That's almost done in -tip -- I think the only
remaining ones are the syscall entries.  (syscall return is done in
-tip.)

I could teach IRQ entries to switch all the way to CONTEXT_KERNEL even
if they interrupt syscall entry, but that would also make the asm
messier for minimal short-term-only gain.

> I'd rather have a bit more tracking overhead here than lose such useful sanity
> checks.

I agree, but even the weaker sanity checks retain a decent amount of the value.

--Andy
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ