| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <874kpwtxlh.fsf@nanos.tec.linutronix.de>
Date: Fri, 24 Jul 2020 23:24:58 +0200
From: Thomas Gleixner <tglx@...utronix.de>
To: Ira Weiny <ira.weiny@...el.com>
Cc: Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
Andy Lutomirski <luto@...nel.org>,
Peter Zijlstra <peterz@...radead.org>,
Dave Hansen <dave.hansen@...ux.intel.com>, x86@...nel.org,
Dan Williams <dan.j.williams@...el.com>,
Vishal Verma <vishal.l.verma@...el.com>,
Andrew Morton <akpm@...ux-foundation.org>,
Fenghua Yu <fenghua.yu@...el.com>, linux-doc@...r.kernel.org,
linux-kernel@...r.kernel.org, linux-nvdimm@...ts.01.org,
linux-fsdevel@...r.kernel.org, linux-mm@...ck.org,
linux-kselftest@...r.kernel.org
Subject: Re: [PATCH RFC V2 17/17] x86/entry: Preserve PKRS MSR across exceptions
Ira,
Thomas Gleixner <tglx@...utronix.de> writes:
> Ira Weiny <ira.weiny@...el.com> writes:
>> On Thu, Jul 23, 2020 at 09:53:20PM +0200, Thomas Gleixner wrote:
>> I think, after fixing my code (see below), using idtentry_state could still
>> work. If the per-cpu cache and the MSR is updated in idtentry_exit() that
>> should carry the state to the new cpu, correct?
>
> I'm way too tired to think about that now. Will have a look tomorrow
> with brain awake.
Not that I'm way more awake now, but at least I have the feeling that my
brain is not completely useless.
Let me summarize what I understood:
1) A per CPU cache which shadows the current state of the MSR, i.e. the
current valid key. You use that to avoid costly MSR writes if the
key does not change.
2) On idtentry you store the key on entry in idtentry_state, clear it
in the MSR and shadow state if necessary and restore it on exit.
3) On context switch out you save the per CPU cache value in the task
and on context switch in you restore it from there.
Yes, that works (see below for #2) and sorry for my confusion yesterday
about storing this in task state.
#2 requires to handle the exceptions which do not go through
idtentry_enter/exit() seperately, but that's a manageable amount. It's
the ones which use IDTENTRY_RAW or a variant of it.
#BP, #MC, #NMI, #DB, #DF need extra local storage as all the kernel
entries for those use nmi_enter()/exit(). So you just can create
wrappers around those. Somehting like this
static __always_inline idtentry_state_t idtentry_nmi_enter(void)
{
idtentry_state_t state = {};
nmi_enter();
instrumentation_begin();
state.key = save_and_clear_key();
instrumentation_end();
}
static __always_inline void idtentry_nmi_exit(idtentry_state_t state)
{
instrumentation_begin();
restore_key(state.key);
instrumentation_end();
nmi_exit();
}
#UD and #PF are using the raw entry variant as well but still invoke
idtentry_enter()/exit(). #PF does not need any work. #UD handles
WARN/BUG without going through idtentry_enter() first, but I don't think
that's an issue unless a not 0 key would prevent writing to the console
device. You surely can figure that out.
Hope that helps.
Thanks,
tglx
Powered by blists - more mailing lists