lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 31 Aug 2018 17:35:30 +0200 (CEST) From: Thomas Gleixner <tglx@...utronix.de> To: Linus Torvalds <torvalds@...ux-foundation.org> cc: Tony Luck <tony.luck@...el.com>, Ingo Molnar <mingo@...hat.com>, Peter Anvin <hpa@...or.com>, Borislav Petkov <bp@...en8.de>, linux-edac <linux-edac@...r.kernel.org>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, the arch/x86 maintainers <x86@...nel.org>, Dan Williams <dan.j.williams@...el.com>, Dave Jiang <dave.jiang@...el.com> Subject: Re: [PATCH] x86/mce: Fix set_mce_nospec() to avoid #GP fault On Thu, 30 Aug 2018, Linus Torvalds wrote: > On Thu, Aug 30, 2018 at 6:49 PM Tony Luck <tony.luck@...el.com> wrote: > > > > Just checking "do we have a non-canonical address" at the bottom of that > > call stack and flipping bit 63 back on again seems like a bad idea. > > You could literally do something like > > /* Make it canonical in case we flipped the high bit */ > addr = (long)(addr<<1)>>1; > > in the call to clflush and it magically does the right thing. > > Pretty? No. But with a big comment about what is going on and why it's > done, I think it's prettier than your much bigger patch. > > I dunno. It does strike me as a bit hacky, but I'd rather have a > *small* one-liner hack that generates two instructions, than add a > complex hack that modifies the page tables three times and has a > serializing instruction in it. > > Both are subtle fixes for a subtle issue, but one seems pretty > harmless in comparison. > > Hmm? > > But I'll bow to the x86 maintainers. The above is fugly, but it has the charm of simplicity and I assume it's going to be useful for other places as well. With a big fat comment WHY we are doing it it's not that horrible. We have all the other L1TF places where we fiddle with bits in non-obvious ways, so having another instance of magic bit fiddling is not that big of a problem. Thanks, tglx
Powered by blists - more mailing lists