lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <alpine.DEB.2.21.1905182015320.3019@nanos.tec.linutronix.de>
Date:   Sat, 18 May 2019 20:21:24 +0200 (CEST)
From:   Thomas Gleixner <tglx@...utronix.de>
To:     Harry Pan <gs0622@...il.com>
cc:     Harry Pan <harry.pan@...el.com>,
        LKML <linux-kernel@...r.kernel.org>,
        Stephen Boyd <sboyd@...nel.org>,
        John Stultz <john.stultz@...aro.org>, x86@...nel.org,
        Dave Hansen <dave.hansen@...el.com>,
        "H. Peter Anvin" <hpa@...or.com>
Subject: Re: [PATCH v2] clocksource: Untrust the clocksource watchdog when
 its interval is too small

Harry,

On Sun, 19 May 2019, Harry Pan wrote:

A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
A: Top-posting.
Q: What is the most annoying thing in e-mail?

> I just want to point out: it is wrong if a problematic watchdog clocksource
> kicks off the main clocksource while this watchdog mechanism is unable to
> validate itself through a simple interval check;
> there is no any hardwired knowledge in this patch.

The point is, that any clocksource which is not reliable needs to be marked
as such and cannot be used as watchdog clocksource or as clocksource at all.

You're papering over the underlying problem. If HPET is not longer
reliable, then HPET needs to be blacklisted, not only as clocksource, also
as clockevent device and no exposure via the HPET device interface.

Everything else is just cosmetical surgery. And no, we are not going to
verify whether the watchdog clocksource might be wrong simply because you
create a circular dependency of what is watching what.

Please provide a list of SKUs which are affected and we disable HPET on
those.

Thanks,

	tglx

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ