lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <alpine.DEB.2.20.1611082007010.3501@nanos>
Date:   Tue, 8 Nov 2016 21:06:31 +0100 (CET)
From:   Thomas Gleixner <tglx@...utronix.de>
To:     Kyle Huey <me@...ehuey.com>
cc:     Robert O'Callahan <robert@...llahan.org>,
        Andy Lutomirski <luto@...nel.org>,
        Ingo Molnar <mingo@...hat.com>,
        "H. Peter Anvin" <hpa@...or.com>, x86@...nel.org,
        Paolo Bonzini <pbonzini@...hat.com>,
        Radim Krčmář <rkrcmar@...hat.com>,
        Jeff Dike <jdike@...toit.com>,
        Richard Weinberger <richard@....at>,
        Alexander Viro <viro@...iv.linux.org.uk>,
        Shuah Khan <shuah@...nel.org>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        Borislav Petkov <bp@...e.de>,
        Peter Zijlstra <peterz@...radead.org>,
        Boris Ostrovsky <boris.ostrovsky@...cle.com>,
        Len Brown <len.brown@...el.com>,
        "Rafael J. Wysocki" <rafael.j.wysocki@...el.com>,
        Dmitry Safonov <dsafonov@...tuozzo.com>,
        David Matlack <dmatlack@...gle.com>,
        linux-kernel@...r.kernel.org,
        user-mode-linux-devel@...ts.sourceforge.net,
        user-mode-linux-user@...ts.sourceforge.net,
        linux-fsdevel@...r.kernel.org, linux-kselftest@...r.kernel.org,
        kvm@...r.kernel.org
Subject: Re: [PATCH v10 6/7] x86/arch_prctl: Add ARCH_[GET|SET]_CPUID

On Tue, 8 Nov 2016, Kyle Huey wrote:
> Intel supports faulting on the CPUID instruction beginning with Ivy Bridge.
> When enabled, the processor will fault on attempts to execute the CPUID
> instruction with CPL>0. Exposing this feature to userspace will allow a
> ptracer to trap and emulate the CPUID instruction.
> 
> When supported, this feature is controlled by toggling bit 0 of
> MSR_MISC_FEATURES_ENABLES. It is documented in detail in Section 2.3.2 of
> http://www.intel.com/content/dam/www/public/us/en/documents/application-notes/virtualization-technology-flexmigration-application-note.pdf

See previous mail.

> +DECLARE_PER_CPU(u64, msr_misc_features_enables_shadow);
> +
> diff --git a/arch/x86/kernel/cpu/scattered.c b/arch/x86/kernel/cpu/scattered.c
> index 97a340d..7d364e4 100644
> --- a/arch/x86/kernel/cpu/scattered.c
> +++ b/arch/x86/kernel/cpu/scattered.c
> @@ -71,9 +71,14 @@ void init_scattered_cpuid_features(struct cpuinfo_x86 *c)
>  	}
>  
>  	for (mb = msr_bits; mb->feature; mb++) {
>  		if (rdmsrl_safe(mb->msr, &msrval))
>  			continue;
>  		if (msrval & (1ULL << mb->bit))
>  			set_cpu_cap(c, mb->feature);
>  	}
> +
> +	if (cpu_has(c, X86_FEATURE_CPUID_FAULT)) {
> +		rdmsrl(MSR_MISC_FEATURES_ENABLES, msrval);
> +		this_cpu_write(msr_misc_features_enables_shadow, msrval);
> +	}

I'm not really happy about this placement. There is more stuff coming up
which affects that MSR, so we should have a central place to handle it.

The most obvious is here:

> +DEFINE_PER_CPU(u64, msr_misc_features_enables_shadow);

void msr_misc_features_enable_init(struct cpuinfo_x86 *c)
{
	u64 val;

	if (rdmsrl_safe(MSR_MISC_FEATURES_ENABLES, val))
		return;

	this_cpu_write(msr_misc_features_enables_shadow, val);
}

The upcoming ring3 mwait stuff can add its magic to tweak that MSR into
this function.

Stick the call at the end of init_scattered_cpuid_features() for now. I
still need to figure out a proper place for it.

> +static int set_cpuid_mode(struct task_struct *task, unsigned long val)
> +{
> +	/* Only disable_cpuid() if it is supported on this hardware. */

That comment makes no sense.

> +	if (!static_cpu_has(X86_FEATURE_CPUID_FAULT))
> +		return -ENODEV;

Thanks,

	tglx

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ