lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <alpine.DEB.2.20.1703290747300.2417@nanos>
Date:   Wed, 29 Mar 2017 08:00:52 +0200 (CEST)
From:   Thomas Gleixner <tglx@...utronix.de>
To:     Kan Liang <kan.liang@...el.com>
cc:     peterz@...radead.org, mingo@...hat.com,
        linux-kernel@...r.kernel.org, bp@...en8.de, acme@...nel.org,
        eranian@...gle.com, jolsa@...nel.org, ak@...ux.intel.com
Subject: Re: [PATCH V4 2/2] perf/x86: add sysfs entry to freeze counter on
 SMI

On Tue, 28 Mar 2017, kan.liang@...el.com wrote:
> +static void flip_smm_bit(void *data)
> +{
> +	int val = *(int *)data;
> +
> +	msr_flip_bit(MSR_IA32_DEBUGCTLMSR, DEBUGCTLMSR_FREEZE_WHILE_SMM_BIT, (bool)val);

I asked you before to use line breaks for lines over 80 chars. Is it that
hard?

> +static DEFINE_MUTEX(freeze_on_smi_mutex);
> +
> + static ssize_t freeze_on_smi_store(struct device *cdev,
> +				   struct device_attribute *attr,
> +				   const char *buf, size_t count)
> +{
> +	unsigned long val;
> +	ssize_t ret;
> +
> +	ret = kstrtoul(buf, 0, &val);
> +	if (ret)
> +		return ret;
> +
> +	if (val > 1)
> +		return -EINVAL;
> +
> +	if (x86_pmu.attr_freeze_on_smi == val)
> +		return count;
> +
> +	mutex_lock(&freeze_on_smi_mutex);

This wants to protect the check above as well.

> +
> +	get_online_cpus();
> +
> +	flip_smm_bit(&val);

Sigh. This still is racy against preemption and interrupts.

> +	smp_call_function(flip_smm_bit, &val, 1);

Yes, I had smp_call_function() in my example, but I'd expected that you
figure out yourself to use on_each_cpu(), which calls the function on the
calling cpu with interrupts disabled. 

> +	put_online_cpus();
> +
> +	x86_pmu.attr_freeze_on_smi = val;

Crap. So a CPU coming online between put_online_cpus() and the store will
not see it.

Sigh,

	tglx

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ