lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 7 Apr 2020 09:29:54 -0700
From:   Kyle Huey <me@...ehuey.com>
To:     Dave Hansen <dave.hansen@...el.com>
Cc:     Peter Zijlstra <peterz@...radead.org>,
        Keno Fischer <keno@...iacomputing.com>,
        open list <linux-kernel@...r.kernel.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>,
        "maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)" <x86@...nel.org>,
        "H. Peter Anvin" <hpa@...or.com>, Borislav Petkov <bp@...en8.de>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        Andi Kleen <andi@...stfloor.org>,
        Kyle Huey <khuey@...ehuey.com>,
        "Robert O'Callahan" <robert@...llahan.org>
Subject: Re: [RFC PATCH v2] x86/arch_prctl: Add ARCH_SET_XCR0 to set XCR0 per-thread

On Tue, Apr 7, 2020 at 7:07 AM Dave Hansen <dave.hansen@...el.com> wrote:
> I'm also trying to think of what kinds of things CPU companies add to
> their architectures that would break this stuff.  I can't recall ever
> having a discussion with folks at Intel where we're designing a CPU
> feature and we say, "Can't do that, it would break record/replay".  I
> suspect there are more of these landmines around and I bet that we're
> building more of them into CPUs every day.

With the ability to control the userspace view of CPUID, which we have
had for a couple years in the kernel now, this is much less of a
concern than you might immediately imagine. Most features that get
added are either entirely deterministic (like all the fancy SIMD
stuff) or can be disabled solely by lying to userspace about the CPUID
flags (like RDRAND or TSX). XGETBV is tricky for rr because it depends
on the kernel state as well, but that is rather unusual.

I lose far more sleep worrying about Intel introducing a new
microarchitecture that breaks our assumptions about performance
counter determinism than I do about new CPU features that are tricky
to handle.

- Kyle

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ