lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAEbi=3fvdWMExreVsSu3TJqXUr5Zpt4k_q=cXXB3miJCvY-+1g@mail.gmail.com> Date: Wed, 13 Dec 2017 17:03:33 +0800 From: Greentime Hu <green.hu@...il.com> To: Guo Ren <ren_guo@...ky.com> Cc: Greentime <greentime@...estech.com>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, Arnd Bergmann <arnd@...db.de>, linux-arch <linux-arch@...r.kernel.org>, Thomas Gleixner <tglx@...utronix.de>, Jason Cooper <jason@...edaemon.net>, Marc Zyngier <marc.zyngier@....com>, Rob Herring <robh+dt@...nel.org>, netdev <netdev@...r.kernel.org>, Vincent Chen <deanbo422@...il.com>, DTML <devicetree@...r.kernel.org>, Al Viro <viro@...iv.linux.org.uk>, David Howells <dhowells@...hat.com>, Will Deacon <will.deacon@....com>, Daniel Lezcano <daniel.lezcano@...aro.org>, linux-serial@...r.kernel.org, Geert Uytterhoeven <geert.uytterhoeven@...il.com>, Linus Walleij <linus.walleij@...aro.org>, Mark Rutland <mark.rutland@....com>, Greg KH <greg@...ah.com>, Vincent Chen <vincentc@...estech.com> Subject: Re: [PATCH v3 09/33] nds32: Cache and TLB routines 2017-12-13 16:53 GMT+08:00 Guo Ren <ren_guo@...ky.com>: > On Wed, Dec 13, 2017 at 04:30:41PM +0800, Greentime Hu wrote: >> 2017-12-13 16:19 GMT+08:00 Guo Ren <ren_guo@...ky.com>: >> > On Wed, Dec 13, 2017 at 01:45:02PM +0800, Greentime Hu wrote: >> > >> >> I think it should be fine if an interruption between mtsr_dsb and >> >> tlbop_rwr because this is a optimization by sw. >> > >> > Fine? When there is an unexpected vaddr in SR_TLB_VPN, tlbop_rwr(*pte) will >> > break that vaddr's pfn in the CPU tlb-buffer entry. When linux access the >> > vaddr, it will get wrong data unless the entry has been replaced out. >> >> Hi, Guo Ren: >> >> Thanks. I get your point. >> It is needed to be protected. >> I will fix it in the next version patch. >> >> if (vma->vm_mm == current->active_mm) { >> local_irq_save(flags); >> __nds32__mtsr_dsb(addr, NDS32_SR_TLB_VPN); >> __nds32__tlbop_rwr(*pte); >> __nds32__isb(); >> local_irq_restore(flags); >> } > > If hardware tlbop_rwr could invalid NDS32_SR_TLB_VPN, then you needn't > protect. > I mean: > mtsr addr1 NDS32_SR_TLB_VPN > mtsr addr2 NDS32_SR_TLB_VPN > tlbop_rwr(*pte) // OK, and it will hit a hardware invalid bit internal. > tlbop_rwr(*pte) // SR_TLB_VPN invalided, then it will not cause problem. > > :) How my idea? Hi, Guo Ren: The reason I think it might have problem is that mtsr addr1 NDS32_SR_TLB_VPN interrupt coming mtsr addr2 NDS32_SR_TLB_VPN <- TLB_VPN has been set to addr2 tlbop_rwr(*pte); interrupt finish tlbop_rwr(*pte); <- it will use the wrong TLB_VPN I think all these TLB operations should be protected because tlbop will operate with TLB_VPN. Thanks :)
Powered by blists - more mailing lists