| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20160305090432.GB23473@gmail.com> Date: Sat, 5 Mar 2016 10:04:33 +0100 From: Ingo Molnar <mingo@...nel.org> To: Thomas Gleixner <tglx@...utronix.de> Cc: Andy Lutomirski <luto@...capital.net>, Rasmus Villemoes <linux@...musvillemoes.dk>, Andy Lutomirski <luto@...nel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, X86 ML <x86@...nel.org>, Linus Torvalds <torvalds@...ux-foundation.org> Subject: Re: soft lockup when passing vvar address to write(2) * Thomas Gleixner <tglx@...utronix.de> wrote: > On Fri, 4 Mar 2016, Andy Lutomirski wrote: > > Thomas, I still think we should consider just deleting the HPET vclock > > code and accept the syscall overhead on systems that are stuck using > > HPET. If fast syscalls are available (which should include every > > system with HPET, unless there are some 32-bit AMD systems lying > > around), then the overhead in a syscall is *tiny* compared to the code > > of the HPET read itself. > > No objection from my side, really. Seconded. HPET hardware overhead is typically horrifically large in any case, no need to memory map it and expose hardware breakages to user-space ... It's also a (mild) security hole: a well-known HPET address can be abused as a statistical trampoline periodically cycling through 'dangerous' instruction values. Thanks, Ingo
Powered by blists - more mailing lists