lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <56BB848A.6060603@caviumnetworks.com>
Date:	Wed, 10 Feb 2016 10:42:18 -0800
From:	David Daney <ddaney@...iumnetworks.com>
To:	Will Deacon <will.deacon@....com>
CC:	David Daney <ddaney.cavm@...il.com>,
	<linux-arm-kernel@...ts.infradead.org>,
	Mark Rutland <mark.rutland@....com>,
	Catalin Marinas <catalin.marinas@....com>,
	Marc Zyngier <marc.zyngier@....com>,
	<linux-kernel@...r.kernel.org>, Andrew Pinski <apinski@...ium.com>,
	David Daney <david.daney@...ium.com>
Subject: Re: [PATCH] arm64: Add workaround for Cavium erratum 27456

On 02/10/2016 10:15 AM, Will Deacon wrote:
> On Wed, Feb 10, 2016 at 10:08:17AM -0800, David Daney wrote:
>> On 02/10/2016 01:28 AM, Will Deacon wrote:
>>> On Tue, Feb 09, 2016 at 11:29:16AM -0800, David Daney wrote:
>>>> From: Andrew Pinski <apinski@...ium.com>
>>>>
>>>> On ThunderX T88 pass 1.x through 2.1 parts, broadcast TLBI
>>>> instructions may cause the icache to become invalid if it contains
>>>> data for a non-current ASID.
>>>>
>>>> This patch implements the workaround (which flushes the local icache
>>>> when switching the mm) by using code patching.
>>>
>>> So, to be clear, is this "just" a performance problem as opposed to a
>>> correctness issue?
>>
>> No.  It is a correctness issue.  Without this workaround in place, userspace
>> programs end up executing the wrong instructions, which leads to
>> unpredictable behavior and program crashes.
>
> Ok, so I think the description in the commit log isn't quite right. An
> "invalid" line in i-cache simply means that it needs to be refetched.
> What you're talking about sounds like data corruption.

Yes.  I guess I will be sending v3 with an improved description.

>
> I also don't understand how the workaround fixes things like TLBIs due
> to copy-on-write faults triggered by another core.

Caveat: I don't fully understand the internal ICache implementation 
details.  But ...

External broadcast TLBIs arriving for the current ASID (as set in 
TTBR0_EL1) are handled properly.  The issue is that cached data for 
other ASIDs, under some circumstances, may be inadvertently "blessed" 
into the current ASID.  If we take care that no data for "foreign" ASIDs 
is in the Icache, the problematical case can never occur.

> Also, what's the
> interaction with virtual machines, or is the VMID not affected in the
> same way as the ASID?

Ah, the $10^6 question.  Current information on how this interacts with 
KVM is less well developed.  We think the workaround doesn't cause 
failures in virtual machines.

I realize that this is different than asserting that virtual machines 
are guaranteed to operate error free.

>
> Sorry to be a pain on this, but we need to understand the issue well
> enough to maintain the workaround in the future!
>
>>> If so, do you have any numbers with and without this
>>> change?
>>
>> We tried to measure it, but the impact is not measurable in the tests we
>> have done.  Switching the mm is not often done so the extra ICache
>> invalidation is rare.
>
> Oh, sure. I was only interested in perf figures if this was a performance
> problem rather than a functional one.
>
> Will
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ