lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 22 Jun 2018 13:59:44 +0200 (CEST)
From:   Thomas Gleixner <tglx@...utronix.de>
To:     Fenghua Yu <fenghua.yu@...el.com>
cc:     Ingo Molnar <mingo@...e.hu>,
        "H. Peter Anvin" <hpa@...ux.intel.com>,
        Ashok Raj <ashok.raj@...el.com>,
        Dave Hansen <dave.hansen@...el.com>,
        Rafael Wysocki <rafael.j.wysocki@...el.com>,
        Tony Luck <tony.luck@...el.com>,
        Alan Cox <alan@...ux.intel.com>,
        Ravi V Shankar <ravi.v.shankar@...el.com>,
        Arjan van de Ven <arjan@...radead.org>,
        linux-kernel <linux-kernel@...r.kernel.org>, x86 <x86@...nel.org>
Subject: Re: [RFC PATCH 02/16] x86/split_lock: Handle #AC exception for split
 lock in kernel mode

On Fri, 22 Jun 2018, Thomas Gleixner wrote:
> The whole thing is simply:
> 
> handle_ac()
> {
> 	if (user_mode(regs)) {
> 		 do_trap(AC, SIGBUS, ...);
> 	} else {
> 		disable_ac_on_local_cpu();
> 		WARN_ONCE(1);
> 	}
> }
> 
> That wants #AC enabled as early as possible so the kernel gets as much
> coverage as it can. If it trips in the kernel it's a bug and needs to be
> fixed and we can them fix ONE by ONE.

That said, #AC is just yet another badly defined and hastily bolted on
(mis)feature. This should have been:

  Bit A:	   Enable #AC if CPL < 3
  Bit B:	   Enable #AC if CPL == 3

But that would have been too useful and would allow sensible use of #AC
without creating software trainwrecks.

Aside of that the spec says:

  31 Disable LOCK# assertion for split locked access.

Can you pretty please make sure that this bit enforces #AC enable? If 31 is
ever set and such an access happens then the resulting havoc will takes
ages to decode.

That bit is also mentioned in the SDM with ZERO explanation why it exists
in the first place and why anyone would ever enable it and without a big
fat warning about the possible consequences. Can this pretty please be
fixed?

Thanks,

	tglx

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ