| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 03 Sep 2020 15:43:19 +0200
From: Dario Faggioli <dfaggioli@...e.com>
To: Joel Fernandes <joel@...lfernandes.org>
Cc: Thomas Gleixner <tglx@...utronix.de>,
Julien Desfossez <jdesfossez@...italocean.com>,
Peter Zijlstra <peterz@...radead.org>,
Vineeth Pillai <viremana@...ux.microsoft.com>,
Tim Chen <tim.c.chen@...ux.intel.com>,
Aaron Lu <aaron.lwe@...il.com>,
Aubrey Li <aubrey.intel@...il.com>,
Dhaval Giani <dhaval.giani@...cle.com>,
Chris Hyser <chris.hyser@...cle.com>,
Nishanth Aravamudan <naravamudan@...italocean.com>,
Ingo Molnar <mingo@...nel.org>, Paul Turner <pjt@...gle.com>,
Linus Torvalds <torvalds@...ux-foundation.org>,
LKML <linux-kernel@...r.kernel.org>,
Frederic Weisbecker <fweisbec@...il.com>,
Kees Cook <keescook@...omium.org>,
Greg Kerr <kerrnel@...gle.com>, Phil Auld <pauld@...hat.com>,
Valentin Schneider <valentin.schneider@....com>,
Mel Gorman <mgorman@...hsingularity.net>,
Pawan Gupta <pawan.kumar.gupta@...ux.intel.com>,
Paolo Bonzini <pbonzini@...hat.com>, vineeth@...byteword.org,
Chen Yu <yu.c.chen@...el.com>,
Christian Brauner <christian.brauner@...ntu.com>,
Agata Gruza <agata.gruza@...el.com>,
Antonio Gomez Iglesias <antonio.gomez.iglesias@...el.com>,
graf@...zon.com, konrad.wilk@...cle.com,
Steven Rostedt <rostedt@...dmis.org>,
Patrick Bellasi <derkling@...gle.com>,
benbjiang(蒋彪)
<benbjiang@...cent.com>, Aubrey Li <aubrey.li@...ux.intel.com>,
Tim Chen <tim.c.chen@...el.com>,
"Paul E . McKenney" <paulmck@...nel.org>
Subject: Re: [RFC PATCH v7 17/23] kernel/entry: Add support for core-wide
protection of kernel-mode
On Thu, 2020-09-03 at 00:34 -0400, Joel Fernandes wrote:
> On Wed, Sep 2, 2020 at 12:57 PM Dario Faggioli <dfaggioli@...e.com>
> wrote:
> > 2) protection of the kernel from the other thread running in
> > userspace
> > may be achieved in different ways. This is one, sure. ASI will
> > probably
> > be another. Hence if/when we'll have both, this and ASI, it would
> > be
> > cool to be able to configure the system in such a way that there is
> > only one active, to avoid paying the price of both! :-)
>
> Actually, no. Part of ASI will involve exactly what this patch does -
> IPI-pausing siblings but ASI does so when they have no choice but to
> switch away from the "limited kernel" mapping, into the full host
> kernel mapping. I am not sure if they have yet implemented that part
> but they do talk of it in [1] and in their pretty LPC slides. It is
> just that ASI tries to avoid that scenario of kicking all siblings
> out
> of guest mode. So, maybe this patch can be a stepping stone to ASI.
>
Ah, sure! I mean, it of course depends on how things get mixed
together, which we still don't know. :-)
I know that ASI wants to do this very same thing some times. I just
wanted to say that we need/want only one mechanism for doing that, in
place at any given time.
If that mechanism will be this one, and ASI then uses it (e.g., in a
scenario where for whatever reason one wants ASI with the kicking but
not Core Scheduling), then great, I agree, and everything does makes
sense.
> Why do you feel that ASI on its own offers some magical protection
> that eliminates the need for this patch?
>
I don't. I was just trying to think at different use cases, how they
mix and match, etc. But as you're suggesting (and as Thomas has shown
very clearly in another reply to this email), the thing that makes the
most sense is to have one mechanism for the kicking, used by anyone
that needs it. :-)
Thanks and Regards
--
Dario Faggioli, Ph.D
http://about.me/dario.faggioli
Virtualization Software Engineer
SUSE Labs, SUSE https://www.suse.com/
-------------------------------------------------------------------
<<This happens because _I_ choose it to happen!>> (Raistlin Majere)
Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)
Powered by blists - more mailing lists