| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <A3AAF46E-437D-420C-BF0C-C2394B48C9F4@amacapital.net>
Date: Tue, 18 Feb 2020 15:17:18 -0800
From: Andy Lutomirski <luto@...capital.net>
To: Peter Zijlstra <peterz@...radead.org>
Cc: "Luck, Tony" <tony.luck@...el.com>, Borislav Petkov <bp@...en8.de>,
Steven Rostedt <rostedt@...dmis.org>,
Andy Lutomirski <luto@...nel.org>, x86-ml <x86@...nel.org>,
lkml <linux-kernel@...r.kernel.org>
Subject: Re: [RFC] #MC mess
> On Feb 18, 2020, at 12:02 PM, Peter Zijlstra <peterz@...radead.org> wrote:
>
> On Tue, Feb 18, 2020 at 06:20:38PM +0000, Luck, Tony wrote:
>>> Anything else I'm missing? It is likely...
>>
>> + hw_breakpoint_disable();
>> + static_key_disable(&__tracepoint_read_msr.key);
>> + tracing_off();
>> +
>> ist_enter(regs);
>>
>> How about some code to turn all those back on for a recoverable (where we actually recovered) #MC?
>
> Then please rewrite the #MC entry code to deal with nested exceptions
> unmasking the MCE, very similr to NMI.
>
> The moment you allow tracing, jump_labels or anything else you can
> expect #PF, #BP and probably #DB while inside #MC, those will then IRET
> and re-enable the #MC.
Huh? As I understand it, there is no such thing as MCE masking. There are two states:
CR4.MCE=1: MCE is delivered when it occurs.
CR4.MCE=0: MCE causes shutdown
MC delivery sets MCE=0.
So, basically, without LMCE, we are irredeemably screwed. With LMCE, we are still hosed if we nest an MCE inside a recoverable MCE. We can play some games to make the OOPS more reliable, but we are still mostly screwed.
The x86 MCE architecture sucks.
>
> The current situation is completely and utterly buggered.
Powered by blists - more mailing lists