lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20200125201221.GZ11457@worktop.programming.kicks-ass.net>
Date:   Sat, 25 Jan 2020 21:12:21 +0100
From:   Peter Zijlstra <peterz@...radead.org>
To:     "Luck, Tony" <tony.luck@...el.com>
Cc:     Borislav Petkov <bp@...en8.de>,
        Thomas Gleixner <tglx@...utronix.de>,
        Arvind Sankar <nivedita@...m.mit.edu>,
        "Christopherson, Sean J" <sean.j.christopherson@...el.com>,
        Ingo Molnar <mingo@...nel.org>,
        "Yu, Fenghua" <fenghua.yu@...el.com>,
        Ingo Molnar <mingo@...hat.com>, H Peter Anvin <hpa@...or.com>,
        "Raj, Ashok" <ashok.raj@...el.com>,
        "Shankar, Ravi V" <ravi.v.shankar@...el.com>,
        linux-kernel <linux-kernel@...r.kernel.org>, x86 <x86@...nel.org>
Subject: Re: [PATCH v15] x86/split_lock: Enable split lock detection by kernel

On Sat, Jan 25, 2020 at 11:55:13AM -0800, Luck, Tony wrote:
> > > +static inline bool match_option(const char *arg, int arglen, const char *opt)
> > > +{
> > > +	int len = strlen(opt);
> > > +
> > > +	return len == arglen && !strncmp(arg, opt, len);
> > > +}
> > 
> > There's the same function in arch/x86/kernel/cpu/bugs.c. Why are you
> > duplicating it here?
> > 
> > Yeah, this whole chunk looks like it has been "influenced" by the sec
> > mitigations in bugs.c :-)
> 
> Blame PeterZ for that. For now I'd like to add the duplicate inline function
> and then clean up by putting it into some header file (and maybe hunting down
> other places where it could be used).

Yeah, I copy/paste cobbled that together. I figured it was easier to
'borrow' something that worked and adapt it than try and write
something new in a hurry.

> > > +	/*
> > > +	 * If this is anything other than the boot-cpu, you've done
> > > +	 * funny things and you get to keep whatever pieces.
> > > +	 */
> > > +	pr_warn("MSR fail -- disabled\n");
> > 
> > What's that for? Guests?
> 
> Also some PeterZ code. As the comment implies we really shouldn't be able
> to get here. This whole function should only be called on CPU models that
> support the MSR ... but PeterZ is defending against the situation that sometimes
> there are special SKUs with the same model number (since we may be here because
> of an x86_match_cpu() hit, rather than the architectural enumeration check).

My thinking was Virt, virt likes to mess up all msr expectations.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ