lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 1 Nov 2017 13:59:17 -0700 From: Dave Hansen <dave.hansen@...ux.intel.com> To: Andy Lutomirski <luto@...nel.org> Cc: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "linux-mm@...ck.org" <linux-mm@...ck.org>, moritz.lipp@...k.tugraz.at, Daniel Gruss <daniel.gruss@...k.tugraz.at>, michael.schwarz@...k.tugraz.at, Linus Torvalds <torvalds@...ux-foundation.org>, Kees Cook <keescook@...gle.com>, Hugh Dickins <hughd@...gle.com>, X86 ML <x86@...nel.org> Subject: Re: [PATCH 21/23] x86, pcid, kaiser: allow flushing for future ASID switches On 11/01/2017 01:31 PM, Andy Lutomirski wrote: > On Wed, Nov 1, 2017 at 7:17 AM, Dave Hansen <dave.hansen@...ux.intel.com> wrote: >> On 11/01/2017 01:03 AM, Andy Lutomirski wrote: >>>> This ensures that any futuee context switches will do a full flush >>>> of the TLB so they pick up the changes. >>> I'm convuced. What was wrong with the old code? I guess I just don't >>> see what the problem is that is solved by this patch. >> >> Instead of flushing *now* with INVPCID, this lets us flush *later* with >> CR3. It just hijacks the code that you already have that flushes CR3 >> when loading a new ASID by making all ASIDs look new in the future. >> >> We have to load CR3 anyway, so we might as well just do this flush then. > > Would it make more sense to put it in flush_tlb_func_common() instead? > > Also, I don't understand what clear_non_loaded_ctxs() is trying to do. > It looks like it's invalidating all the other logical address spaces. > And I don't see why you want a all_other_ctxs_invalid variable. Isn't > the goal to mark a single ASID as needing a *user* flush the next time > we switch to user mode using that ASID? Your code seems like it's > going to flush a lot of *kernel* PCIDs. The point of the whole thing is to (relatively) efficiently flush *kernel* TLB entries in *other* address spaces. I did it way down in the TLB handling functions because not everybody goes through flush_tlb_func_common() to flush kernel addresses. I used the variable instead of just invalidating the contexts directly because I hooked into the __flush_tlb_single() path and it's used in loops like this: for (addr = start; addr < end; addr++) __flush_tlb_single() I didn't want to add a loop that effectively does: for (addr = start; addr < end; addr++) __flush_tlb_single(); for (i = 0; i < TLB_NR_DYN_ASIDS; i++) this_cpu_write(cpu_tlbstate.ctxs[i].ctx_id, 0); Even with just 6 ASIDS it seemed a little silly. It would get _very_ silly if we ever decided to grow TLB_NR_DYN_ASIDS.
Powered by blists - more mailing lists