lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20180621230501.GC18979@romley-ivt3.sc.intel.com>
Date:   Thu, 21 Jun 2018 16:05:02 -0700
From:   Fenghua Yu <fenghua.yu@...el.com>
To:     Peter Zijlstra <peterz@...radead.org>
Cc:     Fenghua Yu <fenghua.yu@...el.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...e.hu>,
        "H. Peter Anvin" <hpa@...ux.intel.com>,
        Ashok Raj <ashok.raj@...el.com>,
        Dave Hansen <dave.hansen@...el.com>,
        Rafael Wysocki <rafael.j.wysocki@...el.com>,
        Tony Luck <tony.luck@...el.com>,
        Alan Cox <alan@...ux.intel.com>,
        Ravi V Shankar <ravi.v.shankar@...el.com>,
        Arjan van de Ven <arjan@...radead.org>,
        linux-kernel <linux-kernel@...r.kernel.org>, x86 <x86@...nel.org>
Subject: Re: [RFC PATCH 00/16] x86/split_lock: Enable #AC exception for split
 locked accesses

On Fri, Jun 22, 2018 at 12:10:06AM +0200, Peter Zijlstra wrote:
> On Thu, Jun 21, 2018 at 03:00:03PM -0700, Fenghua Yu wrote:
> > The control knob for firmware is to choose continuing firmware execution
> > by disabling #AC split lock (default) or stopping firmware execution
> > by enabling #AC for split lock. Stopping firmware execution may be useful
> > in hard real time system to identify any split lock issue on the platform.
> 
> Having the option only allows broken firmware to continue to exist.
> Limiting people in how they can use their machines.

But in a real case, when I enable #AC for split lock in kernel, reboot
hits #AC because of split lock in firmware code and firmware handles #AC
as fatal error and stops continuing to run.

It will take long time/forever for firmware to fix the split lock issue.
Before the firmware issue is fixed, reboot or S4 cannot run if the feature
is enabled by kernel.

And if unlucky, I'm afraid the patch set even has no chance to be merged to
upstream if maintainer's test machine has firmware split lock issue and the
machine simply cannot reboot or go to S4 if the feature is enabled.

For those reasons, the current patches just don't trust firmware and
disable #AC for split lock for firmware by default and allow sysadmin to
enable it for firmware via the control knob.

So is it ok to still keep the control knob and disable #AC for split lock
for firmware by default?

Thanks.

-Fenghua

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ