| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 21 Aug 2015 07:39:38 -0700 From: Andy Lutomirski <luto@...capital.net> To: Ingo Molnar <mingo@...nel.org> Cc: Andy Lutomirski <luto@...nel.org>, X86 ML <x86@...nel.org>, Sasha Levin <sasha.levin@...cle.com>, Brian Gerst <brgerst@...il.com>, Frédéric Weisbecker <fweisbec@...il.com>, Denys Vlasenko <dvlasenk@...hat.com>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, Oleg Nesterov <oleg@...hat.com>, Borislav Petkov <bp@...en8.de>, Thomas Gleixner <tglx@...utronix.de> Subject: Re: [PATCH] x86/traps: Weaken context tracking entry assertions On Thu, Aug 20, 2015 at 11:23 PM, Ingo Molnar <mingo@...nel.org> wrote: > > * Andy Lutomirski <luto@...nel.org> wrote: > >> We were asserting that we were all the way in CONTEXT_KERNEL when exception >> handlers were called. While having this be true is, I think, a nice goal (or >> maybe a variant in which we assert that we're in CONTEXT_KERNEL or some new IRQ >> context), we're not quite there. >> >> In particular, if an IRQ interrupts the SYSCALL prologue and the IRQ handler in >> turn causes an exception, the exception entry will be called in RCU IRQ mode but >> with CONTEXT_USER. > > Hm, so what harm would there be in making IRQ handlers enter CONTEXT_KERNEL? > Would nohz-full break? > We already do it for IRQs that hit user mode. We don't do it for IRQs that hit kernel mode because we don't need it yet (with this patch applied) and because IMO we have no business taking IRQs from kernel mode while in CONTEXT_USER. I want to fix the latter in 4.4. It's easy for native entries (it's exactly the entry_64.S part of the other patch I sent), but it's currently a big mess for compat entries because of the uaccess for arg6, and I got that totally wrong in my patch. Rather than further complicating the asm, I think I want to try moving all of the compat entries into C for 4.4. I ran out of time to do it for 4.3. Also, Rik said awhile ago that *huge* context tracking speedups would become possible if we promised to stop calling the context tracking hooks with IRQs on. That's almost done in -tip -- I think the only remaining ones are the syscall entries. (syscall return is done in -tip.) I could teach IRQ entries to switch all the way to CONTEXT_KERNEL even if they interrupt syscall entry, but that would also make the asm messier for minimal short-term-only gain. > I'd rather have a bit more tracking overhead here than lose such useful sanity > checks. I agree, but even the weaker sanity checks retain a decent amount of the value. --Andy -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists