| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 19 Nov 2020 22:23:53 +0000
From: "Yu, Fenghua" <fenghua.yu@...el.com>
To: Peter Zijlstra <peterz@...radead.org>
CC: Thomas Gleixner <tglx@...utronix.de>,
Borislav Petkov <bp@...en8.de>, Ingo Molnar <mingo@...hat.com>,
"Luck, Tony" <tony.luck@...el.com>,
"Randy Dunlap" <rdunlap@...radead.org>,
"Li, Xiaoyao" <xiaoyao.li@...el.com>,
"Shankar, Ravi V" <ravi.v.shankar@...el.com>,
linux-kernel <linux-kernel@...r.kernel.org>, x86 <x86@...nel.org>
Subject: RE: [PATCH v2 2/4] x86/bus_lock: Handle warn and fatal in #DB for bus
lock
Hi, Peter,
> > #DB for bus lock is enabled by bus lock detection bit 2 in DEBUGCTL
> > MSR while #AC for split lock is enabled by split lock detection bit 29
> > in TEST_CTRL MSR.
> >
> > Delivery of #DB for bus lock in userspace clears DR6[11]. To avoid
> > confusion in identifying #DB, #DB handler sets the bit to 1 before
> > returning to the interrupted task.
> >
> > Use the existing kernel command line option "split_lock_detect=" to
> > handle #DB for bus lock:
> >
> > split_lock_detect=
> > #AC for split lock #DB for bus lock
> >
> > off Do nothing Do nothing
> >
> > warn Kernel OOPs Warn once per task and
> > Warn once per task and and continues to run.
> > disable future checking When both features are
> > supported, warn in #DB
> >
> > fatal Kernel OOPs Send SIGBUS to user
> > Send SIGBUS to user
> > When both features are
> > supported, fatal in #AC.
> >
> > Default option is "warn".
> >
> > Hardware only generates #DB for bus lock detect when CPL>0 to avoid
> > nested #DB from multiple bus locks while the first #DB is being handled.
> > So no need to handle #DB for bus lock detected in the kernel.
> >
> > Signed-off-by: Fenghua Yu <fenghua.yu@...el.com>
> > Reviewed-by: Tony Luck <tony.luck@...el.com>
>
> Sane enough I suppose,
>
> Acked-by: Peter Zijlstra (Intel) <peterz@...radead.org>
Thank you very much for your review!
Can I put your Acked-by tag in all 4 patches?
>
> The one thing I found still missing is a better description of the things tickling
> SLD vs BLD. IIRC BLD detects a wider range of issues.
> Therefore it _might_ make sense to allow SLD && BLD when fatal, instead of
> only SLD.
>
> Still, that's nitpicking.
You are right. BLD can detect both split lock and UC memory access while SLD
only detects split lock. Enabling both SLD and BLD when fatal can capture
both split lock in #AC and UC access in #DB.
I will send the fixing series to enable both SLD and BLD when fatal.
-Fenghua
Powered by blists - more mailing lists