| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 17 Dec 2015 19:26:10 +0000
From: Daniel Thompson <daniel.thompson@...aro.org>
To: Marc Zyngier <marc.zyngier@....com>
Cc: Russell King <linux@....linux.org.uk>,
Thomas Gleixner <tglx@...utronix.de>,
Jason Cooper <jason@...edaemon.net>,
linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org,
patches@...aro.org, linaro-kernel@...ts.linaro.org
Subject: Re: [PATCH 2/2] irqchip/gic: Identify and report any reserved SGI IDs
On Wed, Dec 16, 2015 at 05:47:09PM +0000, Marc Zyngier wrote:
> Hi Daniel,
Hi Marc
Thanks for the review.
> On 16/12/15 17:08, Daniel Thompson wrote:
> > It is possible for the secure world to reserve certain SGI IDs for itself.
> > Currently we have limited visibility of which IDs are safe to use for IPIs.
> >
> > Modify the GIC initialization code to actively search for reserved SGI IDs
> > and report if any are found. Warn even more loudly if the reserved SGIs
> > overlap with the normal IPI range.
> >
> > When run on an Inforce IFC6410 (Snapdragon 600) this code produces the
> > following messages:
> > ~~~ cut here ~~~
> > CPU0: Detected reserved SGI IDs: 14-15
> > CPU1: Detected reserved SGI IDs: 15
> > CPU2: Detected reserved SGI IDs: 15
> > CPU3: Detected reserved SGI IDs: 15
> > ~~~ cut here ~~~
> >
> > Signed-off-by: Daniel Thompson <daniel.thompson@...aro.org>
BTW you *didn't* say "this code is pointless and I hate it"...
Does that mean I should be looking at adding similar code for GICv3+? I
wanted to guage reactions to this sort of diagnostics before getting
carried away!
> > +
> > + /*
> > + * Fiddle with the SGI set/clear registers to try identify
> > + * any IPIs that are reserved for secure world.
> > + */
> > + bitmap_fill(sgi_mask, 16);
> > +
> > + for (i = 0; i < 16; i++) {
> > + void __iomem *set_reg =
> > + dist_base + GIC_DIST_SGI_PENDING_SET + (i & ~3);
> > + void __iomem *clear_reg =
> > + dist_base + GIC_DIST_SGI_PENDING_CLEAR + (i & ~3);
> > + unsigned long mask = cpu_mask << (8*(i%4));
> > + unsigned long flags, pending, after_clear, after_set;
>
> Please make these u32, as unsigned long is 64bit on arm64. Another thing
> to note is that GICD_CPEND{S,C}SGIRn are byte accessible, so you can
> save yourself some this hassle shifting things around and just write a
> single byte. You're already writing 16 times anyway...
Will do both.
> Another thing to consider is that these locations are only defined on
> GICv2 and not GICv1, so this patch is likely to cause trouble on older HW.
As presented the code relies on the RAZ/WI property of reserved
registers to avoid issues on GICv1; it does not report anything if there
appear to be know working SGIs on the assumption we are actually running
on a GICv1.
You'd prefer an explicit version check?
> > +
> > + local_irq_save(flags);
>
> Why do you need to do this? The CPU interface is not enabled yet, so I
> can't see how you could get an interrupt on this CPU.
Agreed. Can get rid of these.
> > +
> > + /* record original value */
> > + pending = readl_relaxed(set_reg);
> > +
> > + /* clear, test, set, and test again */
> > + writel_relaxed(mask, clear_reg);
> > + after_clear = readl_relaxed(set_reg);
> > + writel_relaxed(mask, set_reg);
> > + after_set = readl_relaxed(set_reg);
>
> It should be enough to write to the SET register, and read back, as the
> bit is RAZ/WI when the interrupt is Group-0.
Good point. Will simplify.
Daniel.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists