| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 24 Nov 2020 15:41:16 -0800
From: Andy Lutomirski <luto@...nel.org>
To: Len Brown <lenb@...nel.org>
Cc: Andy Lutomirski <luto@...nel.org>,
"Chang S. Bae" <chang.seok.bae@...el.com>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...nel.org>, Borislav Petkov <bp@...e.de>,
X86 ML <x86@...nel.org>, Len Brown <len.brown@...el.com>,
Dave Hansen <dave.hansen@...el.com>,
"Liu, Jing2" <jing2.liu@...el.com>,
"Ravi V. Shankar" <ravi.v.shankar@...el.com>,
LKML <linux-kernel@...r.kernel.org>,
"open list:DOCUMENTATION" <linux-doc@...r.kernel.org>
Subject: Re: [PATCH v2 22/22] x86/fpu/xstate: Introduce boot-parameters for
control some state component support
> On Nov 24, 2020, at 10:51 AM, Len Brown <lenb@...nel.org> wrote:
>
> On Fri, Nov 20, 2020 at 12:03 AM Andy Lutomirski <luto@...nel.org> wrote:
>>
>>> On Thu, Nov 19, 2020 at 3:37 PM Chang S. Bae <chang.seok.bae@...el.com> wrote:
>>> "xstate.enable=0x60000" will enable AMX on a system that does NOT have AMX
>>> compiled into XFEATURE_MASK_USER_ENABLED (assuming the kernel is new enough
>>> to support this feature).
>>>
>>
>> What's the purpose of xstate.enable? I can't really imagine it's
>> useful for AMX. I suppose it could be useful for hypothetical
>> post-AMX features, but that sounds extremely dangerous. Intel has
>> changed its strategy so many times on XSTATE extensibility that I find
>> it quite hard to believe that supporting unknown states is wise.
>
> Not hypothetical -- there are subsequent hardware features coming that
> will use the same
> exact XSTATE support that this series puts in place for AMX.
>
> We know that when those features ship in new hardware, there will be
> a set of customers who want to exercise those features immediately,
> but their kernel binary has not yet been re-compiled to see those
> features by-default.
>
> The purpose of "xstate.enable" is to empower those users to be able to
> explicitly enable support using their existing binary.
>
> You are right -- the feature isn't needed to enable AMX, unless somebody went to
> the trouble of building a kernel with the AMX source update, but chose
> to disable
> AMX-specific recognition, by-default.
>
>
We may want to taint the kernel if one of these flags is used because,
frankly, Intel’s track record is poor. Suppose we get a new feature
with PKRU-like semantics -- switching it blindly using
XSAVE(C,S,OPT,whatever) would simply incorrect. And XFD itself has
problems — supposedly it’s difficult or impossible to virtualize. It
wouldn’t utterly shock me if Intel were to drop IA32_XFD_ERR and
replace it with a new mechanism that’s less janky.
So this whole thing makes me quite nervous.
(I'm not a virtualization expert, but AIUI IA32_XFD_ERR has some
issues. If it's too late to fix those issues, Intel could probably
get away with completely dropping IA32_XFD_ERR from the spec -- OSes
can handle AMX just fine without it. Then the next XFD-able feature
could introduce a new improved way of reporting which feature
triggered #NM.)
Powered by blists - more mailing lists