lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <f6fa0efeafa736c4a890aac22de5570ccef05e45.1532463771.git.reinette.chatre@intel.com>
Date:   Tue, 24 Jul 2018 13:40:16 -0700
From:   Reinette Chatre <reinette.chatre@...el.com>
To:     tglx@...utronix.de, fenghua.yu@...el.com, tony.luck@...el.com,
        vikas.shivappa@...ux.intel.com
Cc:     gavin.hindman@...el.com, jithu.joseph@...el.com,
        dave.hansen@...el.com, mingo@...hat.com, hpa@...or.com,
        x86@...nel.org, linux-kernel@...r.kernel.org,
        Reinette Chatre <reinette.chatre@...el.com>
Subject: [RFC PATCH 5/7] x86/intel_rdt: Trigger pseudo-lock restore after wbinvd call

The wbinvd instruction would evict all pseudo-locked data from a
pseudo-locked region within the hierarchy where the wbinvd instruction
was run. The expectation is that a platform with pseudo-locked regions
should not run code depending on the wbinvd instruction after the
pseudo-locked regions are created. If the wbinvd instruction is run it
is an unexpected and serious event that needs to be highlighted to the
user to trigger an audit of the software. At the same time the
pseudo-locked regions need to be restored.

Since wbinvd instructions may be called from anywhere in kernel the
instruction itself is modified to trigger pseudo-locked region
restoration after the instruction is run.

As they are moved the assembly calls of the wbinvd instructions
are modified to address the checkpatch complaint of required spaces
around the ':'.

Suggested-by: Dave Hansen <dave.hansen@...el.com>
Signed-off-by: Reinette Chatre <reinette.chatre@...el.com>
---
 arch/x86/include/asm/special_insns.h        | 13 ++++++++++++-
 arch/x86/kernel/cpu/intel_rdt_pseudo_lock.c |  2 +-
 2 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/arch/x86/include/asm/special_insns.h b/arch/x86/include/asm/special_insns.h
index 317fc59b512c..01ff02eb0e5c 100644
--- a/arch/x86/include/asm/special_insns.h
+++ b/arch/x86/include/asm/special_insns.h
@@ -15,6 +15,9 @@
  * use a variable and mimic reads and writes to it to enforce serialization
  */
 extern unsigned long __force_order;
+#ifdef CONFIG_INTEL_RDT
+void intel_rdtgroup_pseudo_lock_restore_all(void);
+#endif
 
 static inline unsigned long native_read_cr0(void)
 {
@@ -131,7 +134,15 @@ static inline void __write_pkru(u32 pkru)
 
 static inline void native_wbinvd(void)
 {
-	asm volatile("wbinvd": : :"memory");
+	asm volatile("wbinvd" : : : "memory");
+#ifdef CONFIG_INTEL_RDT
+	intel_rdtgroup_pseudo_lock_restore_all();
+#endif
+}
+
+static inline void native_wbinvd_only(void)
+{
+	asm volatile("wbinvd" : : : "memory");
 }
 
 extern asmlinkage void native_load_gs_index(unsigned);
diff --git a/arch/x86/kernel/cpu/intel_rdt_pseudo_lock.c b/arch/x86/kernel/cpu/intel_rdt_pseudo_lock.c
index d395e6982467..298ac2b34089 100644
--- a/arch/x86/kernel/cpu/intel_rdt_pseudo_lock.c
+++ b/arch/x86/kernel/cpu/intel_rdt_pseudo_lock.c
@@ -477,7 +477,7 @@ static int pseudo_lock_fn(void *_rdtgrp)
 	 * increase likelihood that allocated cache portion will be filled
 	 * with associated memory.
 	 */
-	native_wbinvd();
+	native_wbinvd_only();
 
 	/*
 	 * Always called with interrupts enabled. By disabling interrupts
-- 
2.17.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ