lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 19 Jun 2019 23:13:57 -0700 (PDT)
From:   Zhenzhong Duan <zhenzhong.duan@...cle.com>
To:     linux-kernel@...r.kernel.org
Cc:     tglx@...utronix.de, mingo@...nel.org, bp@...en8.de, x86@...nel.org,
        hpa@...or.com, jgross@...e.com, ndesaulniers@...gle.com,
        gregkh@...uxfoundation.org, srinivas.eeda@...cle.com,
        Zhenzhong Duan <zhenzhong.duan@...cle.com>
Subject: [PATCH] x86/speculation/mds: Flush store buffer after wake up from
 sleep

Intel document says: "When a thread wakes from a sleep state, the store
buffer is repartitioned again. This causes the store buffer to transfer
store buffer entries from the thread that was already active to the one
which just woke up."

To avoid data leak from sibling thread to the woken thread, flush store
buffer right after wake up.

Move mds_idle_clear_cpu_buffers() after trace_hardirqs_on() to ensure
all store buffer entries are flushed before sleep.

Signed-off-by: Zhenzhong Duan <zhenzhong.duan@...cle.com>
---
 arch/x86/include/asm/irqflags.h | 2 ++
 arch/x86/include/asm/mwait.h    | 6 ++++--
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/arch/x86/include/asm/irqflags.h b/arch/x86/include/asm/irqflags.h
index 8a0e56e..641c4d8 100644
--- a/arch/x86/include/asm/irqflags.h
+++ b/arch/x86/include/asm/irqflags.h
@@ -58,12 +58,14 @@ static inline __cpuidle void native_safe_halt(void)
 {
 	mds_idle_clear_cpu_buffers();
 	asm volatile("sti; hlt": : :"memory");
+	mds_idle_clear_cpu_buffers();
 }
 
 static inline __cpuidle void native_halt(void)
 {
 	mds_idle_clear_cpu_buffers();
 	asm volatile("hlt": : :"memory");
+	mds_idle_clear_cpu_buffers();
 }
 
 #endif
diff --git a/arch/x86/include/asm/mwait.h b/arch/x86/include/asm/mwait.h
index eb0f80c..1d145d9 100644
--- a/arch/x86/include/asm/mwait.h
+++ b/arch/x86/include/asm/mwait.h
@@ -46,6 +46,7 @@ static inline void __mwait(unsigned long eax, unsigned long ecx)
 	/* "mwait %eax, %ecx;" */
 	asm volatile(".byte 0x0f, 0x01, 0xc9;"
 		     :: "a" (eax), "c" (ecx));
+	mds_idle_clear_cpu_buffers();
 }
 
 /*
@@ -86,12 +87,13 @@ static inline void __mwaitx(unsigned long eax, unsigned long ebx,
 
 static inline void __sti_mwait(unsigned long eax, unsigned long ecx)
 {
-	mds_idle_clear_cpu_buffers();
-
 	trace_hardirqs_on();
+
+	mds_idle_clear_cpu_buffers();
 	/* "mwait %eax, %ecx;" */
 	asm volatile("sti; .byte 0x0f, 0x01, 0xc9;"
 		     :: "a" (eax), "c" (ecx));
+	mds_idle_clear_cpu_buffers();
 }
 
 /*
-- 
1.8.3.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ