lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sat, 2 May 2020 11:43:18 +0530
From:   Anup Patel <anup@...infault.org>
To:     Zong Li <zong.li@...ive.com>
Cc:     Atish Patra <atishp@...shpatra.org>,
        linux-riscv <linux-riscv@...ts.infradead.org>,
        Palmer Dabbelt <palmer@...belt.com>,
        "linux-kernel@...r.kernel.org List" <linux-kernel@...r.kernel.org>,
        Paul Walmsley <paul.walmsley@...ive.com>
Subject: Re: [PATCH] riscv: force __cpu_up_ variables to put in data section

On Sat, May 2, 2020 at 11:30 AM Zong Li <zong.li@...ive.com> wrote:
>
> On Fri, May 1, 2020 at 2:23 AM Atish Patra <atishp@...shpatra.org> wrote:
> >
> > On Thu, Apr 30, 2020 at 2:53 AM Zong Li <zong.li@...ive.com> wrote:
> > >
> > > Put __cpu_up_stack_pointer and __cpu_up_task_pointer in data section.
> > > Currently, these two variables are put in bss section, there is a
> > > potential risk that secondary harts get the uninitialized value before
> > > main hart finishing the bss clearing. In this case, all secondary
> > > harts would go through the waiting loop and enable the MMU before
> > > main hart set up the page table.
> > >
> >
> > That would be only true if you are using random booting protocol with
> > SBI v0.1 implementation.
> > With HSM extension in place, all the secondary cores are waiting in
> > firmware. The booting core
> > will bring them up one by one from cpu_up method.
> >
> > The HSM extension is already available in OpenSBI v0.7 and Linux
> > kernel 5.7-rc1 onwards.
>
> If I understand correctly, the newest kernel still works with earlier
> OpenSBI than v0.7 or BBL. It seems to me that we need to consider the
> use cases if we don't limit it to up to OpenSBI v0.7.

I think the commit description should clearly state that the issue will
manifest only for random booting of multiple HARTs which means it
will manifest only for BBL and OpenSBI v0.6 (or older).

Regards,
Anup

Powered by blists - more mailing lists