lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <F6FCC323-841E-4337-B1E7-8F2E502552D6@amacapital.net>
Date:   Mon, 29 Jan 2018 10:26:44 -0800
From:   Andy Lutomirski <luto@...capital.net>
To:     "H. Peter Anvin" <hpa@...or.com>
Cc:     Andy Lutomirski <luto@...nel.org>, Borislav Petkov <bp@...en8.de>,
        Dan Rue <dan.rue@...aro.org>, Shuah Khan <shuah@...nel.org>,
        Ingo Molnar <mingo@...nel.org>,
        Dmitry Safonov <dsafonov@...tuozzo.com>,
        "open list:KERNEL SELFTEST FRAMEWORK" 
        <linux-kselftest@...r.kernel.org>,
        LKML <linux-kernel@...r.kernel.org>
Subject: Re: selftests/x86/fsgsbase_64 test problem



> On Jan 29, 2018, at 10:12 AM, H. Peter Anvin <hpa@...or.com> wrote:
> 
>> On 01/29/18 08:37, Andy Lutomirski wrote:
>> 
>> That's what I thought, too, and the SDM does say that, but the SDM
>> says all kinds of not-quite-correct things about segmentation.
>> 
>>> It is pretty much scratch space (I have
>>> suggested using it for the gsbase once all those issues get sorted out,
>>> because it lets the paranoid code do something like:
>>> 
>>>        rdgsbase %rax
>>>        push %rax       /* Save old gsbase */
>>>        push %rax       /* Reserve space on stack */
>>>        sgdt -2(%rsp)   /* We don't care about the limit */
>>>        pop %rax        /* %rax <- gdtbase */
>>>        mov (%rax),%rax /* GDT[0] holds the gsbase for this cpu */
>>>        wrgsbase %rax
>> 
>> That will utterly suck on non-UMIP machines that have
>> hypervisor-provided UMIP emulation.
>> 
> 
> Is that a valid thing to optimize for, especially given that paranoid
> entries aren't the most common anyway?
> 

A bunch of people seem to care about NMI performance for perf.  And the current patch set works without this trick.

FWIW, if we switch all entries to the entry text trampoline, we get direct percpu access for free.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ