lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20200813104707.fxydmk6ctiwjql75@linutronix.de>
Date:   Thu, 13 Aug 2020 12:47:07 +0200
From:   Sebastian Andrzej Siewior <bigeasy@...utronix.de>
To:     Thomas Gleixner <tglx@...utronix.de>
Cc:     linux-kernel@...r.kernel.org, Ingo Molnar <mingo@...hat.com>,
        Borislav Petkov <bp@...en8.de>, x86@...nel.org,
        "H. Peter Anvin" <hpa@...or.com>
Subject: Re: [PATCH] x86/alternatives: Let __text_poke() acquire the pte lock
 with enabled interrupts

On 2020-08-12 16:39:41 [+0200], Thomas Gleixner wrote:
> Sebastian,
Hi tglx,

> Sebastian Andrzej Siewior <bigeasy@...utronix.de> writes:
> 
> > The pte lock is never acquired from an IRQ-off region so it does not
> > require the interrupts to be disabled.
> 
> I doubt that this is true. It surely is acquired within other locks
> which might be taken with spin_lock_irq(). Which is completely fine on
> RT.
> 
> But that's not the point. The point is that pte_lock() does not require
> to be taken with interrupts disabled.

The IRQ-off vs in-IRQ working was chosen poorly.

> Please be precise about these kind of things. Handwavy descriptions
> cause more problems than they solve.
> 
> > RT complains here because the spinlock_t must not be acquired with
> > disabled interrupts.
> >
> > use_temporary_mm() expects interrupts to be off because it invokes
> > switch_mm_irqs_off() and uses per-CPU (current active mm) data.
> >
> > Move local_irq_save() after the the pte lock has been acquired. Move
> > local_irq_restore() after the pte lock has been released.
> 
> While part 1 is correct, part 2 is the exact opposite of what the patch
> does.
> 
>   Move the PTE lock handling outside the interrupt disabled region.
> 
> describes precisely what this is about without any gory details which
> can be seen in the patch itself. Hmm?

Oki reworded.

> Thanks,
> 
>         tglx

Sebastian

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ