| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 20 Mar 2020 23:12:13 +0100
From: Joerg Roedel <joro@...tes.org>
To: Dave Hansen <dave.hansen@...el.com>
Cc: David Rientjes <rientjes@...gle.com>, x86@...nel.org,
hpa@...or.com, Andy Lutomirski <luto@...nel.org>,
Dave Hansen <dave.hansen@...ux.intel.com>,
Peter Zijlstra <peterz@...radead.org>,
Thomas Hellstrom <thellstrom@...are.com>,
Jiri Slaby <jslaby@...e.cz>,
Dan Williams <dan.j.williams@...el.com>,
Tom Lendacky <thomas.lendacky@....com>,
Juergen Gross <jgross@...e.com>,
Kees Cook <keescook@...omium.org>,
linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
virtualization@...ts.linux-foundation.org,
Joerg Roedel <jroedel@...e.de>
Subject: Re: [PATCH 21/70] x86/boot/compressed/64: Add function to map a page
unencrypted
On Fri, Mar 20, 2020 at 02:02:13PM -0700, Dave Hansen wrote:
> It *never* flushes global pages. For a generic function like this, that
> seems pretty dangerous because the PTEs it goes after could quite easily
> be Global. It's also not _obviously_ correct if PCIDs are in play
> (which I don't think they are on AMD).
>
> A flush_tlb_global() is probably more appropriate. Better yet, is there
> a reason not to use flush_tlb_kernel_range()? I don't think it's
> necessary to whack the entire TLB for one PTE set.
This code runs before the actual kernel image is decompressed, so there
is no PCID and no global pages (I think CR4.PGE is still 0). So a
cr3-write is enough to flush the TLB. Also the TLB-flush helpers of the
running kernel are not available here.
Regards,
Joerg
Powered by blists - more mailing lists