lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20190408165835.GJ15689@zn.tnic>
Date:   Mon, 8 Apr 2019 18:58:35 +0200
From:   Borislav Petkov <bp@...en8.de>
To:     Gary R Hook <ghook@....com>
Cc:     Thomas Gleixner <tglx@...utronix.de>,
        "Hook, Gary" <Gary.Hook@....com>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>,
        "peterz@...radead.org" <peterz@...radead.org>,
        "x86@...nel.org" <x86@...nel.org>,
        "mingo@...hat.com" <mingo@...hat.com>,
        "luto@...nel.org" <luto@...nel.org>,
        Alexander Potapenko <glider@...gle.com>
Subject: Re: [PATCH] x86/mm/mem_encrypt: Disable all instrumentation for SME
 early boot code

On Mon, Apr 08, 2019 at 04:46:31PM +0000, Gary R Hook wrote:
> My reasoning (not arguing): the file has been touched exactly one time 
> in 4 years, by Thomas. Doesn't appear to be a candidate for constant 
> modification, so this approach doesn't seem risky to me. I could be wrong.

The problem, like we discussed it with Tom offlist, is that you simply
cannot turn off instrumentation for those generic files just because SME
has trouble with them, and that last thing can be any vendor-specific
feature.

Even if the functions there are "trivial" now (doesn't mean new stuff
won't be added there in the future and we forget about the disabled
instrumentation here.)

We simply cannot constrain generic compilation units like that. So the
functions there either need to be copied or ifdeffed. At the time SME
was going in, the intention was to reuse code so that there is less
duplication. But if there's trouble doing that sharing, then we need to
"unshare" it again. Or come up with something else slick and clean.

Thx.

-- 
Regards/Gruss,
    Boris.

Good mailing practices for 400: avoid top-posting and trim the reply.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ