lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 21 Nov 2019 14:01:53 +0100
From:   Peter Zijlstra <peterz@...radead.org>
To:     Ingo Molnar <mingo@...nel.org>
Cc:     Fenghua Yu <fenghua.yu@...el.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        H Peter Anvin <hpa@...or.com>,
        Tony Luck <tony.luck@...el.com>,
        Ashok Raj <ashok.raj@...el.com>,
        Ravi V Shankar <ravi.v.shankar@...el.com>,
        linux-kernel <linux-kernel@...r.kernel.org>, x86 <x86@...nel.org>
Subject: Re: [PATCH v10 6/6] x86/split_lock: Enable split lock detection by
 kernel parameter

On Thu, Nov 21, 2019 at 07:04:44AM +0100, Ingo Molnar wrote:
> * Fenghua Yu <fenghua.yu@...el.com> wrote:

> > +	split_lock_detect
> > +			[X86] Enable split lock detection
> > +			This is a real time or debugging feature. When enabled
> > +			(and if hardware support is present), atomic
> > +			instructions that access data across cache line
> > +			boundaries will result in an alignment check exception.
> > +			When triggered in applications the kernel will send
> > +			SIGBUS. The kernel will panic for a split lock in
> > +			OS code.
> 
> It would be really nice to be able to enable/disable this runtime as 
> well, has this been raised before, and what was the conclusion?

It has, previous versions had that. Somehow a lot of things went missing
and we're back to a broken neutered useless mess.

The problem appears to be that due to hardware design the feature cannot
be virtualized, and instead of then disabling it when a VM runs/exists
they just threw in the towel and went back to useless mode.. :-(

This feature MUST be default enabled, otherwise everything will
be/remain broken and we'll end up in the situation where you can't use
it even if you wanted to.

Imagine the BIOS/EFI/firmware containing an #AC exception. At that point
the feature becomes useless, because you cannot enable it without your
machine dying.

Now, from long and painful experience we all know that if a BIOS can be
wrong, it will be. Therefore this feature will be/is useless as
presented.

And I can't be arsed to look it up, but we've been making this very same
argument since very early (possible the very first) version.

So this version goes straight into the bit bucket. Please try again.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ